Threats, attacks, vulnerabilities Flashcards
What is an indicator of compromise?
Artifacts observed that indicate with a high degree of confidence a computer intrusion
What is a virus?
Malicious code that requires user interaction to install and replicate
Crypto-malware/Ransomware
Malicious applications that SCARE or SCAM users into taking some type of ACTION
Crypto-malware/Ransomware creates a sense of what
A sense of urgeny to pay in order to get data back
What is a worm?
Self replicating program that can spread w/o user interaction
Two types of worms
Network service worms
Mass mailing worms
What are network service worms?
Something in the network allows the worm to spead
Trojan
Seemingly friendly software that contains hidden malicious software
What is a remote access tool (RAT)
Allows attacker to upload/download files, watch webcams, turn on audio, keyloggers, etc
Rootkit
installs itself at the os or kernel level to avoid detection
What type of malware is very difficult to get rid of?
Rootkits
Why are rootkits difficult to get rid of?
It loads before the operating system loads, and can disable the anti virus and anti malware
Keylogger
Malicious application that once installed on a host can capture all keystrokes
Adware
Malware that is installed on an infected machince to deliver ads
Spyware
Malicious software that captures user activity and reports back
Botnets
Malicious code that infects large numbers of computers for large scale attacks on specific targets
Which malware has a command and control center
botnets
Logic bomb
Malicious code that triggers after a period time based on some date or specific activity. It can sit in waiting for a long time before launch
Backdoors
Software that installs for the purpose of opening ports and installing additional software
