Threats, Attacks, and Vulnerabilities (Ch.9) Flashcards
Protocol used to map known IP addresses to unknown physical addresses.
Address Resolution Protocol (ARP)
An attack that convinces the network that the attacker’s MAC (Media Access Control) address is the one associated with an allowed address so that traffic is wrongly sent to attacker’s address.
Address Resolution Protocol (ARP) poisoning
Software that gathers information to pass on to marketers or that intercepts personal data such as credit card numbers and makes it available to third parties.
adware
Software that identifies the presence of a virus and is capable of removing or quarantining the virus.
antivirus software
A virus that is protected in a way that makes disassembling it difficult. The difficulty makes it “armored” against antivirus programs that have trouble getting to, and understanding, its code.
armored virus
Any unauthorized intrusion into the normal operations of a computer or computer network.
attack
Minimizing the possibility of exploitation by reducing the amount of code and limiting potential damage.
attack surface reduction (ASR)
An opening left in a program application (usually by the developer) that allows additional access to data.
backdoor
An automated software program that collects information on the web. usually a compromised computer being controlled remotely.
bot
A type of denial-of-service (DoS) attack that targets poor memory management on a server or application
buffer overflow
Using multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they had intended to click on the top page.
clickjacking
A virus that creates a new program that runs in the place of an expected program of the same name.
companion virus
A form of web-based attack in which unauthorized commands are sent from a user that a website trusts.
cross-site request forgery (XSRF)
Running a script routine on a user’s machine from a website without their permission.
cross-site scripting (XSS)
A type of attack that prevents any users—even legitimate ones—from using a system.
denial-of-service (DoS)
The act of attempting to crack passwords by testing them against a list of dictionary words.
dictionary attack
A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public.
distributed denial-of-service (DDoS)
An attack method in which a daemon caches DNS reply packets, which sometimes contain other information (data used to fill the packets). The extra data can be scanned for information useful in a break-in or man-in-the-middle attack.
DNS poisoning
The DNS server is given information about a name server that it thinks is legitimate when it isn’t.
DNS spoofing
The network service used in TCP/IP networks that trans-lates hostnames to IP addresses.
Domain Name System (DNS)
Putting too much information into too small of a space that has been set aside for numbers.
integer overflow
Making the data look as if it came from a trusted host when it didn’t
IP spoofing
A permission method in which users are granted only the privileges necessary to perform their job function.
principle of least privilege
Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met.
logic bomb
A software exploitation virus that works by using the macro feature included in many applications, such as Microsoft Office.
macro virus
Any code that is meant to do harm.
malicious code
A threat from someone inside the organization intent on doing harm.
malicious insider threat
An attack that occurs when someone/something that is trusted inter-cepts packets and retransmits them to another party.
man-in-the-middle / TCP Highjacking
A virus that attacks a system in more than one way.
multipartite virus
Attempting to ascertain a password that you should not know.
password attacks
A virus that modifies and alters other programs and databases.
phage virus
A large Internet Control Message Protocol (ICMP) packet sent to overflow the remote host’s buffer or causes the remote host to reboot or hang.
ping of death
An attribute of some viruses that allows them to mutate and appear differently each time they crop up.
polymorphic
The result when a user obtains access to a resource that they wouldn’t normally be able to access.
privilege escalation
Software that demands payment before restoring the data or system infected.
ransomware
An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection.
replay attack
A virus that attacks or bypasses the antivirus software installed on a computer.
retrovirus
A form of malware that tries to convince the user to pay for a fake threat.
rogueware
Software program that has the ability to obtain root-level access and hide certain things from the operating system.
rootkit
Software that tries to convince unsuspecting users that a threat exists.
scareware
A small library that is created to intercept API calls transparently.
shim
An attempt by someone or something to masquerade as someone/something else.
spoofing
Software programs that work—often actively—on behalf of a third party.
spyware
A virus that attempts to avoid detection by masking itself from applications or by installing itself into the boot sector.
stealth virus
Any application that masquerades as one thing in order to get past scrutiny and then does something malicious.
Trojan horse
Creating domains that are based on the misspelling of another.
typo squatting
Registering domains that are similar to those for a known entity but based on a misspelling or typographical error.
URL hijacking
A program intended to damage a computer system.
virus
Identifying a site that is visited by those whom they are targeting, poisoning that site, and then waiting for the results.
watering hole attack
An advanced attack that tries to get around detection and send a packet with every single option enabled.
Xmas attack
An attack that begins the very day an exploit is discovered.
zero-day exploit
Any system taking directions from a master control computer.
zombie
