Week 2 Flashcards
What is a worm?
A program that seeks machines to infect and each infected machine is used for attacks on other machines
Name 3 ways worms can be replicated
- Remote login capability
- Emails or instant messaging
- File sharing
Name 3 ways worms can identify their targets
1 Random
2 Hit-list
3 Local subnet
List the 3 phases of worm propagation
1) Slow start phase
2) Fast spread phase
3) Slow finish phase
What is the Morris Worm?
Earliest significant worm infection designed to spread on UNIX systems
Name 3 worm technologies
1 Polymorphic
2 Metamorphic
3 Multi-platform
What is Mobile Code?
Programs that can be shipped unchanged to a heterogeneous collection of platforms and executed with identical semantics
Mobile code often acts a mechanism for…
worms, viruses, trojan horse
How do mobile phone worms propagate
Through bluetooth wireless connections or MMS
What is a Drive-By-Download?
When the user views a webpage controlled by the attacker, it contains code that allows the bug to download and install malware on the system without the user’s knowledge or consent.
What is a Watering-Hole Attack?
The attacker researches their intended victims to identify websites they are likely to visit, then scans these sites to identify those with vulnerabilities.
What is Malvertising?
Places malware in the form of adverts on websites without actually compromising them
What is Clickjacking/UI redress attack?
The attacker hijacks clicks meant for one action routing user to another page.
What is Social Engineering?
Tricking” users to assist in the compromise of their own systems. e.g. spam, trojan horse
What is a Botnet?
A collection of bots capable of acting in a coordinated manner
List 3 uses of botnets
- Spamming
- Online polls/games
- Spreading new malware
What are Keyloggers?
Records keystrokes and then filtering mechanism that only returns information close to keywords (“login”, “password”)
What is spyware?
Subverts the compromised machine to allow monitoring of a wide range of activity on the system.
What is a Backdoor (AKA trapdoor)?
Secret entry point into a program allowing the attacker to gain access and bypass the security access procedures
Ideal solution to the threat of malware is…
Prevention
List 3 elements of prevention
- Policy
- Awareness
- Threat mitigation
What is user authentication?
The process of establishing confidence in user identities that are presented electronically to an information system.
List 3 means of authentication
- Something the individual knows (password)
- Something the individual possesses (smartcard)
- Something the individual is (finger-print)
What is multi-factor authentication?
A security system that requires more than one method of authentication
What are the 3 concepts of Risk Assessment for user authentication
1- Assurance Level
2- Potential impact
3- Areas of risk
What is Assurance Level?
The degree of confidence in the vetting process used to establish the identity of the individual to whom the credential was issued
What is Potential impact?
Defines three levels (low, moderate, high) of potential impact on individuals should there be a breach of security
List 3 password vulnerabilities
- Offline dictionary attack
- Specific account attack
- Popular password attack
What is Password cracking?
The process of recovering passwords from data that have been stored in or transmitted by a computer system.
Explain 3 types of password cracking
1) Dictionary attacks
2) Rainbow table attacks
3) John the Ripper
