Threats, Attacks, and Vulnerabilities (Ch.9)

Question 1

Protocol used to map known IP addresses to unknown physical addresses.

Answer 1

Address Resolution Protocol (ARP)

Question 2

An attack that convinces the network that the attacker’s MAC (Media Access Control) address is the one associated with an allowed address so that traffic is wrongly sent to attacker’s address.

Answer 2

Address Resolution Protocol (ARP) poisoning

Question 3

Software that gathers information to pass on to marketers or that intercepts personal data such as credit card numbers and makes it available to third parties.

Answer 3

adware

Question 4

Software that identifies the presence of a virus and is capable of removing or quarantining the virus.

Answer 4

antivirus software

Question 5

A virus that is protected in a way that makes disassembling it difficult. The difficulty makes it “armored” against antivirus programs that have trouble getting to, and understanding, its code.

Answer 5

armored virus

Question 6

Any unauthorized intrusion into the normal operations of a computer or computer network.

Answer 6

attack

Question 7

Minimizing the possibility of exploitation by reducing the amount of code and limiting potential damage.

Answer 7

attack surface reduction (ASR)

Question 8

An opening left in a program application (usually by the developer) that allows additional access to data.

Answer 8

backdoor

Question 9

An automated software program that collects information on the web. usually a compromised computer being controlled remotely.

Answer 9

bot

Question 10

A type of denial-of-service (DoS) attack that targets poor memory management on a server or application

Answer 10

buffer overflow

Question 11

Using multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they had intended to click on the top page.

Answer 11

clickjacking

Question 12

A virus that creates a new program that runs in the place of an expected program of the same name.

Answer 12

companion virus

Question 13

A form of web-based attack in which unauthorized commands are sent from a user that a website trusts.

Answer 13

cross-site request forgery (XSRF)

Question 14

Running a script routine on a user’s machine from a website without their permission.

Answer 14

cross-site scripting (XSS)

Question 15

A type of attack that prevents any users—even legitimate ones—from using a system.

Answer 15

denial-of-service (DoS)

Question 16

The act of attempting to crack passwords by testing them against a list of dictionary words.

Answer 16

dictionary attack

Question 17

A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public.

Answer 17

distributed denial-of-service (DDoS)

Question 18

An attack method in which a daemon caches DNS reply packets, which sometimes contain other information (data used to fill the packets). The extra data can be scanned for information useful in a break-in or man-in-the-middle attack.

Answer 18

DNS poisoning

Question 19

The DNS server is given information about a name server that it thinks is legitimate when it isn’t.

Answer 19

DNS spoofing

Question 20

The network service used in TCP/IP networks that trans-lates hostnames to IP addresses.

Answer 20

Domain Name System (DNS)

Question 21

Putting too much information into too small of a space that has been set aside for numbers.

Answer 21

integer overflow

Question 22

Making the data look as if it came from a trusted host when it didn’t

Answer 22

IP spoofing

Question 23

A permission method in which users are granted only the privileges necessary to perform their job function.

Answer 23

principle of least privilege

Question 24

Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met.

Answer 24

logic bomb

Question 25

A software exploitation virus that works by using the macro feature included in many applications, such as Microsoft Office.

Answer 25

macro virus

Question 26

Any code that is meant to do harm.

Answer 26

malicious code

Question 27

A threat from someone inside the organization intent on doing harm.

Answer 27

malicious insider threat

Question 28

An attack that occurs when someone/something that is trusted inter-cepts packets and retransmits them to another party.

Answer 28

man-in-the-middle / TCP Highjacking

Question 29

A virus that attacks a system in more than one way.

Answer 29

multipartite virus

Question 30

Attempting to ascertain a password that you should not know.

Answer 30

password attacks

Question 31

A virus that modifies and alters other programs and databases.

Answer 31

phage virus

Question 32

A large Internet Control Message Protocol (ICMP) packet sent to overflow the remote host’s buffer or causes the remote host to reboot or hang.

Answer 32

ping of death

Question 33

An attribute of some viruses that allows them to mutate and appear differently each time they crop up.

Answer 33

polymorphic

Question 34

The result when a user obtains access to a resource that they wouldn’t normally be able to access.

Answer 34

privilege escalation

Question 35

Software that demands payment before restoring the data or system infected.

Answer 35

ransomware

Question 36

An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection.

Answer 36

replay attack

Question 37

A virus that attacks or bypasses the antivirus software installed on a computer.

Answer 37

retrovirus

Question 38

A form of malware that tries to convince the user to pay for a fake threat.

Answer 38

rogueware

Question 39

Software program that has the ability to obtain root-level access and hide certain things from the operating system.

Answer 39

rootkit

Question 40

Software that tries to convince unsuspecting users that a threat exists.

Answer 40

scareware

Question 41

A small library that is created to intercept API calls transparently.

Answer 41

shim

Question 42

An attempt by someone or something to masquerade as someone/something else.

Answer 42

spoofing

Question 43

Software programs that work—often actively—on behalf of a third party.

Answer 43

spyware

Question 44

A virus that attempts to avoid detection by masking itself from applications or by installing itself into the boot sector.

Answer 44

stealth virus

Question 45

Any application that masquerades as one thing in order to get past scrutiny and then does something malicious.

Answer 45

Trojan horse

Question 46

Creating domains that are based on the misspelling of another.

Answer 46

typo squatting

Question 47

Registering domains that are similar to those for a known entity but based on a misspelling or typographical error.

Answer 47

URL hijacking

Question 48

A program intended to damage a computer system.

Answer 48

virus

Question 49

Identifying a site that is visited by those whom they are targeting, poisoning that site, and then waiting for the results.

Answer 49

watering hole attack

Question 50

An advanced attack that tries to get around detection and send a packet with every single option enabled.

Answer 50

Xmas attack

Question 51

An attack that begins the very day an exploit is discovered.

Answer 51

zero-day exploit

Question 52

Any system taking directions from a master control computer.

Answer 52

zombie