Threats, Vulnerabilities & Attacks Flashcards
ARP spoofing
A hacker sends fake ARP packets that link an attacker’s MAC address with an IP of a computer already on the LAN.
Common source of MitM attacks
brute force attack
A type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to crack encrypted passwords.
fraggle attack
A DoS attack where the attacker sends spoofed UDP traffic to a router’s broadcast address intending for a large amount of UDP traffic to be returned to the target computer
wireless disassociation attack
Attack where an attacker spoofs the MAC address of a wireless access point to force a target device to try and re associate with the WAP.
replay attack
- Attacker replays data that was already part of an earlier communication session.
- Third party captures data from a session between 2 parties with the intent of using it to impersonate one of the parties.
- Attackers typically modifies the data before replaying it
- Timestamps or sequence numbers thwart replay attacks
web application attack
An application attack that focuses on those applications that run in web browsers
Trojan horse
A type of malware that hides itself on an infected system and can cause damage to a system or give an attacker a platform for monitoring and/or controlling a system
IM
Instant Messaging
A type of communication service which involves a private dialogue between two persons via instant text-based messages over the Internet
armored virus
A virus that can conceal its location or otherwise render itself harder to detect by anti-malware programs.
session hijacking
A type of hijacking attack where the attacker exploits a legitimate computer session to obtain unauthorized access to an organization’s network or services
evil twin
A wireless access point that deceives users into believing that it is a legitimate network access point
pass the hash attack
A network-based attack where the attacker steals hashed user credentials and uses them as is to try to authenticate to the same network the hashed credentials originated on
attack surface
The portion of a system or application that is exposed and available to attackers.
rootkit
Type of malware that has system-level access to a computer
Often able to hide themselves from users and AV software
amplification attack
A network-based attack where the attacker dramatically increases the bandwidth sent to a victim.
Used during a DDoS attack by implementing an amplification factor.
NTFS
New Technology File System
A proprietary journaling file system developed by Microsoft. Windows operating systems use NTFS for storing organizing and finding files on a hard disk efficiently.
DDoS
Distributed Denial of Service
A network-based attack where an attacker hijacks or manipulates multiple computers (through the use of zombies or drones) on disparate networks.
IV
Initialization Vector; A technique used in cryptography to generate random numbers to be used along with a secret key to provide data encryption.
SQL
Structured Query Language
A programming and query language common to many large scale database systems.
race condition
A software vulnerability that can occur when the outcome from execution processes is directly dependent on the order and timing of certain events and those events fail to execute in the order and timing intended by the developer
side-channel attack
An attack in which an attacker gleans information from the physical implementation of a cryptographic technique and uses that information to analyze and potentially break the implementation
zero day vulnerability
A software vulnerability that a malicious user is able to exploit before the vulnerability is publicly known or known to the developers and before those developers have a chance to issue a fix
adaptive chosen ciphertext attack
A cryptographic attack where the attacker repeatedly encrypts a selected cipher text message and tries to find the matching plain text.
Each subsequent attack is based on the results of the previous attack.
PTZ
Pan-Tilt-Zoom
A type of internet camera where the user can control the movement and position of the lens from a remote location using controls on an Internet browser or software application. Panning refers to horizontal movement of the lens where tilting describes vertical movement.