Threats, Attacks, and Vulnerabilities Flashcards
What is the difference between intrusive versus non-intrusive vulnerability scans?
Non-intrusive identifies active OSs, applications, and ports by scanning system attributes, which intrusive actually probes devices and examines their responses.
Which type of attack involves flooding a recipient e-mail address with identical e-mails?
Spamming attack
What type of attack sequentially generates every possible password and checks them all against a password file
Brute force attack
Which type of attack allows an attacker to redirect Internet traffic by setting up a fake DNS server to answer client requsts?
DNS spoofing
What is spear phishing?
Phishing attempt that appears to come from a trusted person
What is a replay attack?
An attack where an intruder records the communication between a user and a server, and plays the recorded information back to impersonate the user
What does the acronym XSRF denote>
Cross-Site Request Forgery
What category of threat actor is most likely to have high funding and a high level of sophistication?
State actors or APTs (Advanced Persistent Threats)
What occurs during grey-box testing?
Security professionals with limited inside knowledge of the network attempted to hack into the network
What social engineering principle is being used when limited availability is used as a technique
Scarcity
What is bluesnarfing?
The act of gaining unauthorized access to a device (and the network it is connected to) through its Bluetooth connection
What is a flaw, loophole, or weakness in the system, software, or hardware?
Vulnerability
What viruses are written in a macro language and typically infect operating systems?
Macro viruses
What is phishing
When a request for confidential information that appears to originate from a seemingly trusted entity is recieved
What self-replicating computer program sends copies of itself to other devices on the network?
Worm
What is the most likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network
The computer is infected with a botnet
What is pharming
Traffic redirection to a website that looks identical to the intended website
What type of attack embeds an intruder to capture and modify data traffic by rerouting the traffic from a network device to the intruder’s computer
Network address hijacking
What category of vulnerability includes injection, cross-site scripting, and cross-site request forgery
Improper input handling
What is a trojan horse?
Malware that is disguised as a useful utility, but is embedded with a malicious code to infect computer systems
What is Nessus?
Network vulnerability scanner
What is an evil twin?
An access point with the same SSID as the legitimate access point
What does the acronym XSS denote?
Cross site scripting
What is an integer overflow
When an application or OS tries to place into computer memory an integer that is too large for the data type
What is a zero-day exploit
An attack that exploits a security vulnerability on the day the vulnerability becomes generally known
Which virus creates many variants by modifying its code to decieve antivirus scanners
Polymorphic virus
Which malicious software infects a system without relying upon other applications for its executing
Worm
What is the term for a potential opening in network security that a hacker can exploit to attack a network
Vulnerability
Which type of attack intercepts an established TCP session?
- TCP hijacking
* Session hijacking
Which type of attack does Challenge Handshake Authentication Protocol (CHAP) protect against?
Replay
What is meant by the term data exfiltration
The unauthorized transfer of data from a computer or device
Which error condition arises because data is not checked before input to ensure that it has an appropriate length?
Buffer overflow errors
Which type of attack runs code within another process’s address space by making it a dynamic link library
DLL injection attack
Which attack is an extension of the denial-of-service (DoS) attack and uses multiple computers
A distributed denial of service attack (DDoS)
Which type of brute-force attack attempts to find any two hashed passwords or messages that have the same value
Birthday attack
What type of virus can change its signature to avoid detection
Polymorphic virus
What is the difference between credentialed and non credentialed vulnerability scans
- Credentialed vulnerability scans use authentication to simulate an administrator or use on the system
- Non credentialed vulnerability scans do not authenticate
Which type of attack is characterized by an attacker who takes over the session of an already authenticated user?
Hijacking
What does the acronym DDoS denote?
Distributed denial of service
Which type of attack is characterized by an attacker who records an encrypted transmission between a client and a server computer so that they can then send it to the server to gain access?
Replay attack
Which type of virus attempts to hide from antivirus software and from the operating system by remaining in memeory?
- Fileless virus
* Stealth
What is a malicious insider?
An employee who uses his access to the network and facility to obtain confidential information
What occurs during white-box testing
A security firm is provided with a production-like test environment, login details, production documentation, and source code
What is bluejacking
An attack that sends spam over a bluetooth connection
What are the nine categories of threat actors according to the CompTIA Security+ blueprint?
- Script Kiddies
- Hacktivist
- Criminal syndicates
- State actors
- Advanced Persistent Threat (APT)
- Insiders
- Hackers
- Shadow IT
- Competitors
What is the name for a hole in the security of an application deliberately left in place by a designer
Backdoor
What is an attempt by someone to get one or more users to believe that a specific computer virus exist
Hoax
What is spimming
Spam sent over instant messaging applications
What social engineering principle is being used when limited time is used as a technique
Urgency
What social engineering principle is being used when an attacker pretends to be a member of law enforcement to obtain information
Authority
What social engineering principle is being used when bullying tactics are employed to obtain information
Intimidation
What is a smurf attack?
An attack where a ping request is sent to a broadcast network address with the aim to overwhelm the system
What social engineering principle is being used when an attacker attempts to build rapport?
Familiarity or liking
Which type of attack is characterized by an attacker who situates themselves in such a way that they can intercept all traffic between two hosts?
Man-in-the-middle
What type of malware appears to perform a valuable function, but actually performs malicious acts
Trojan
Which attack requires that a hacker compromises as many computers as possible to initiate the attack
Distributed Denial of Service (DDoS) attack
What is click-jacking
Tricking a web user into clicking a spoofed button or graphic in place of the one the user is trying to click
What is a race condition?
A flaw that produces an unexpected result when the timing of actions impact other actions
What conditions or event does a pointer dereference usually cause
An application crash
Which type of code performs malicious acts only when a certain set of conditions occurs?
Logic bomb
What are alternate terms for cross-site request forgery (XSRF)?
- Session riding
* One-click attack
According to CompTIA’s Security+ examination blueprint, what are the seven listed reasons for effectiveness for social engineering attacks
- Authority
- Intimidation
- Consensus
- Scarcity
- Urgency
- Familiarity
- Trust
What address is faked with IP spoofing attacks?
The source IP address
What is the best protection against cross-site scripting (XSS)?
Disable the running of scripts
What is vishing?
Phishing via Voice over IP (VoIP)
What is an IV attack?
Cracking the WEP secret key using the initialization vector (IV)
What is the purpose of dumpster diving?
To discover confidential information, such as user passwords
What is meant by the term end-of-life system
A device, OS, or application that is no longer supported by the vender
What is an IP spoofing attack?
An attack in which the source IP address in an IP datagram is modified to imitate the IP address of a packet originating from an authorized source
Which error occurs when the length of the input data is more than the length of the processor buffer can handle
Buffer overflow
Which attack uses clients, handles, agents, and targets?
Distributed Denial of Service (DDoS) attack
What does the acronym APT denote?
Advanced Persistent Threat
What is XML injection?
When a user enters values in an XML query that takes advantage of security loopholes
What is the act of gaining unauthorized access to a facility by using another user’s access credentials?
- Tailgating
* Piggybacking
Which type of attack searches long lists of words for a particular language to match them to an encrypted password
Dictionary Attack
What is a command injection?
When an operating system command is submitted in an HTML string
What is the greatest security risk of instant messaging?
Impersonation
What category of threat actor is most likely to be trying to make a political statement
Hacktivist
What is war driving?
The act of discovering unprotected wireless network by driving around with a laptop
What is an injection attack?
When an application is tricked into including unintended commands in the data sent to the interpreter
What is war chalking?
Leaving signals about a wireless network on the outside of the building where it is housed
What social engineering principle is being used when fake testimonials are used to promote a fake security product?
- Consensus
* Social proof
Which type of attack do privacy screens protect against
Shoulder surfing
What assessment determines whether network security is properly configured to rebuff hacker attacks?
Penetration test
In which type of attack is a user connected to a different web server than the one inteded by the user
Hyperlink spoofing attack
What is a memory leak?
The failure of an OS or application to free up dynamically requested memory
What is cross-site scripting?
Injection of malicious code into a vulnerable web application or database that will execute scripts in a victim’s browser
What is whaling?
Phishing that targets a single power user, such as a CEO of a company
What is cross-site request forgery (XSRF)?
Unauthorized commands coming from a trusted user to a user or website, usually through social networking
What social engineering principle is being used when an attacker builds a long-term relationship?
Trust
Which category of threat actor is most likely to be acting out of a grievance against the organization?
Insider
What is cross-site request forgery?
Tricking a web browser into executing a malicious action on a trusted site for which the user is currently authenticated
What is a phishing attack?
An attack where a user is sent a message that appears to come from a valid entity asking for personally identifiable information (PII)
What is an Xmas attack?
An attack that looks for open ports
Are instant messages typically encrypted
No
