Threats, Attacks, and Vulnerabilities Flashcards
Address Resolution Protocol (ARP)
Protocol used to map known IP addresses to unknown physical addresses
ARP
Address Resolution Protocol
Address Resolution Protocol (ARP) poisoning
An attack that convinces the network the attacker’s MAC address is the one associated with an allowed address, so the traffic is wrongly sent to the attacker’s address
MAC (address)
Media Access Control
adware
Software that gathers information to pass on to marketers or that intercepts personal data and makes it available to third parties
antivirus software
Software that identifies the presence of a virus and is capable of removing or quarantining the virus
armored virus
A virus that is protected in a way that makes disassembling it difficult
ARP spoofing
similar to ARP poisoning
attack
Any unauthorized intrusion into the normal operations of a computer or network
attack surface
The area of an application that is available to users – those who are authenticated and those who are not
attack surface reduction (ASR)
Minimizing the possibility of exploitation by reducing the amount of code and limiting potential damage
ASR
attack surface reduction
backdoor
An opening left in a program application that allows additional access to data
bot
An automated software program that collects information on the web
buffer overflow
A type of denial of service (DoS) attack that occurs when more data is put into a bugger than it can hold
clickjacking
Using multiple transparent or opaque layers to trick a user into clicking a button on another page, when they had intended to click on the top page
companion virus
A virus that creates a new program that runs in place of an expected program of the same name
cross-site request forgery (XSRF)
A form of web-based attack in which unauthorized commands are sent from a user that a website trusts
XSRF
cross-site request forgery
cross-site scripting (XSS)
Running a script routine on a user’s machine from a website without their permission
XSS
cross-site scripting
denial-of-service (DoS)
A type of attack that prevents any users from using a system
DoS
denial-of-service (attack)
dictionary attack
The act of attempting to crack passwords by testing them against a list of dictionary words
distributed denial-of-service (DDoS)
A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public
DDoS
distributed denial-of-service
DNS poisoning
An attack method in which a daemon caches DNS reply packets, which sometimes contain other information
DNS spoofing
The DNS server is given information about a name server that it thinks is legitimate when it isn’t
Domain Name System (DNS)
The network service used in TCP/IP networks that translates hostnames to IP addresses
DNS
Domain Name System
integer overflow
Putting too much information into too small of a space that has been set aside for numbers
IP spoofing
Making the data look as if it came from a trusted host when it didn’t
Principle of least privilege
A permission method in which users are granted only the privileges necessary to perform their job function
logic bomb
Any code that is hidden and causes something unexpected to happen based on some criteria being met
macro virus
A software exploitation virus that works by using the macro feature included in many applications
malicious code
Any code that is meant to do harm
Malicious insider threat
A threat from someone inside the organization intent on doing harm
man-in-the-middle
An attack that occurs when someone/something that is trusted intercepts packets and retransmits them to another party
multipartite virus
A virus that attacks a system in more than one way
password attacks
Attempting to ascertain a password that you should not know
phage virus
A virus that modifies and alters other programs and databases
ping of death
A large Internet Control Message Protocol (ICMP) packet sent to overflow the remote host’s buffer
polymorphic
An attribute of some viruses that allows them to mutate and appear differently each time they crop up
privilege escalation
The result when a user obtains access to a resource that they wouldn’t normally be able to access
ransomware
Software that demands payment before restoring the data or system infected
replay attack
An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection
retrovirus
A virus that attacks or bypasses the antivirus software installed on a computer
rogueware
A form of malware that tries to convince the user to pay for a fake threat
rootkit
Software program that has the ability to obtain root-level access and hide certain things from the operating system
scareware
Software that tries to convince unsuspecting users that a threat exists
shim
A small library that is created to intercept API calls transparently
spoofing
An attempt by someone or something to masquerade as someone/something else
spyware
Malware working on behalf of a third party to exfiltrate data
stealth virus
A virus that attempts to avoid detection by masking itself from applications
Trojan horse
Any application that masquerades as one thing in order to get past scrutiny and then does something malicious
typo squatting
Creating domains that are based on the misspelling of another
URL hijacking
Registering domains that are similar to those for a known entity but based on misspelling or typo error
i.e. whitehouse.com
virus
A program intended to damage a computer system
watering hole attack
Identifying a site that is visited by those whom they are targeting, poisoning that site, then waiting for the results
Xmas attack
An advanced attack that tries to get around detection and send a packet with every single option enabled
zero-day exploit
An attack that begins the very day an exploit is discovered
zombie
Any system taking directions from a master control computer; a bot in a botnet
