Volume 2 - Chapter 9: Security Architectures Flashcards
What terminology best describes the following?:
A weakness that could potentially compromise the security of a system.
A vulnerability
What terminology best describes the following?:
A tool or method to take advantage of a vulnerability to gain access to a privileged system.
An exploit
Describe a threat.
A threat is a potential to use an exploit against a vulnerability.
A technique that is used to counteract or prevent malicious activity is referred to as?
Mitigation Techniques.
Describe how TCP messages are involved in a Denial-of-Service attack.
An attacker will send multiple TCP SYN-ACK messages to its target in rapid succession.
This will eventually fill all available TCP connections on the server, making it unable to open new connections with valid clients.
Describe the function of a reflection attack.
An attacker will spoof its source IP address to match the target’s IP address. The attacker will send traffic to a reflector with this spoofed source IP and the reflector will respond to the victim rather than the attacker.
Describe the function of an amplification attack.
An amplification attack will specifically utilize applications that generate large amounts of traffic. These large responses from the reflector will then be directed to the target device because of the spoofed source IP address.
Describe how ARP messages are utilized in a man-in-the-middle attack.
- A client sends an broadcasted ARP request for a server that it wants to communicate with
- An attacker responds to the ARP request with it’s own MAC address; pretending to be the server
- The client then sends data to the attacker, rather than the server
- The attacker then can modify the traffic and send it to the server, or just listen in on the traffic
What type of attack best describes the following?:
An attacker using tools such as nslookup, dig, and performing ping sweeps to identify potential vulnerabilities that affect a workstation.
A reconnaissance attack
What type of malware best describes the following?:
A piece of software that disguises itself within other software to appear legitimate.
A Trojan Horse.
What type of malware best describes the following?:
A piece of software that injects itself into other legitimate software, which end users will end up spreading to other systems.
A virus.
What type of malware best describes the following?:
A piece of software that has the capability to spread and infect multiple systems itself.
A worm.
Describe the difference between Phishing and Spear-Phishing.
Spear-phishing uses a more personalized approach by researching information about the target to make the attach more personal and seem legitimate.
Describe the difference between vishing and smishing.
Vishing: voice call phishing
Smishing: SMS text phishing
What human vulnerability best describes the following?:
Compromising legitiate web services, then modifying links to direct people to malicious sites or services
Pharming.
