Threats, Attacks, and Vulnerabilities Flashcards
As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?
DoS
DDoS
Worm
DDoS
A DDoS attack uses multiple computer systems to attack a server or host in the network
An alert signals you that a server in your network has a program running on it that bypasses authorization. Which type of attack has occurred?
DoS
DDoS
Backdoor
Backdoor
In a backdoor attack, a program or service is placed on a server to bypass normal security procedures
An administrator at a sister company calls to report a new threat that is making the rounds. According to him, the latest danger is an attack that attempts to intervene in a communications session by inserting a computer between the two systems that are communicating. Which of the following types of attacks does this constitute?
Man-in-the-middle attack
Backdoor attack
Worm
Man-in-the-middle attack
A man-in-the-middle attack attempts to fool both ends of a communications session into believing that the system in the middle is the other end
You’ve discovered that an expired certificate is being used repeatedly to gain logon privileges. Which type of attack is this most likely to be?
Man-in-the-middle attack
Backdoor attack
Replay attack
Replay attack
A replay attack attempts to replay the results of a previously successful session to gain access
Which type of attack denies authorized users access to network resources?
DoS
Worm
Logic bomb
DoS
A DoS attack is intended to prevent access to network resources by overwhelming or flooding a service or network
Your system has just stopped responding to keyboard commands. You noticed that this occurred when a spreadsheet was open and you connected to the Internet. Which kind of attack has probably occurred?
Logic bomb
Worm
Virus
Logic bomb
A logic bomb notifies an attacker when a certain set of circumstances has occurred. This may in turn trigger an attack on your system
You’re explaining the basics of security to upper management in an attempt to obtain an increase in the networking budget. One of the members of the management team mentions that they’ve heard of a threat from a virus that attempts to mask itself by hiding code from antivirus software. What type of virus is she referring to?
Armored virus
Malevolent virus
Worm
Armored virus
An armored virus is designed to hide the signature of the virus behind code that confuses the antivirus software or blocks it from detecting the virus
What kind of virus could attach itself to the boot sector of your disk to avoid detection and report false information about file sizes?
Trojan horse virus
Stealth virus
Worm
Stealth virus
A stealth virus reports false information to hide itself from antivirus software. Stealth viruses often attach themselves to the boot sector of an operating system
What is it known as when an attacker manipulates the database code to take advantage of a weakness in it?
SQL tearing
SQL cracking
SQL injection
SQL injection
SQL injection occurs when an attacker manipulates the database code to take advantage of a weakness in it
What term describes when the item used to validate a user’s session, such as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party?
Patch infiltration
XML injection
Session hijacking
Session hijacking
Session hijacking occurs when the item used to validate a user’s session, such as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party
Which of the following involves unauthorized commands coming from a trusted user to the website?
ZDT
HSM
XSRF
XSRF
XSRF involves unauthorized commands coming from a trusted user to the website. This is often done without the user’s knowledge, and it employs some type of social networking to pull it off
When a hole is found in a web browser or other software, and attackers begin exploiting it before the developer can respond, what type of attack is it known as?
Xmas
Malicious insider
Zero-day
Zero-day
When a hole is found in a web browser or other software, and attackers begin exploiting it the very day it is discovered by the developer (bypassing the one-to-two-day response time that many software providers need to put out a patch once the hole has been found), it is known as a zero-day attack
Which of the following is a small library that is created to intercept API calls transparently?
Chock
Wedge
Shim
Shim
A shim is a small library that is created to intercept API calls transparently
The new head of software engineering has demanded that all code be tested to identify the design flow and then modified, as needed, to clean up routines without changing the code’s visible behavior. What is this process known as?
Straightening
Sanitizing
Refactoring
Refactoring
Refactoring involves testing to identify the design flow and then modifying, as needed, to clean up routines without changing the code’s visible behavior
Karl from Accounting is in a panic. He is convinced that he has identified malware on the servers—a type of man-in-the-middle attack in which a Trojan horse manipulates calls between the browser and yet still displays back the user’s intended transaction. What type of attack could he have stumbled on?
Man-in-the-browser
Man-in-the-castle
Man-in-the-code
Man-in-the-browser
Man-in-the-browser is a type of man-in-the-middle attack in which a Trojan horse manipulates calls between the browser and its security mechanisms yet still displaying back the user’s intended transaction