Week 2C - Security Incidents & Attacks Flashcards
Security Incident
When a threat and vulnerability coincide, resulting in harm to the information asset
When is a security incident considered an attack?
If the threat involves deliberate human action
What are the 2 types of attacks?
Passive and Active
Passive Attack
An attack with no interaction by the attacker other than listening or
observing - attacker does not alter information system resources
Active Attack
An attack which requires some action or interaction with the information - to obtain, modify, replicate or
fabricate information
List 4 types of Passive Attacks
Eavesdropping
Wiretapping
Shoulder Surfing
Network Monitoring
Passive Attack - What is Eavesdropping?
Listening to conversations of others without their knowledge or consent
Passive Attack - What is Wiretapping?
Eavesdropping over a telephone network
Passive Attack - What is Shoulder Surfing?
Watching the actions of others (especially at data entry) without their knowledge or consent
Passive Attack - What is Network Monitoring?
When a packet sniffer or network analyzer is used monitor
network traffic to gain knowledge of confidential information.
List 7 types of Active Attacks
DOS Attacks
DDOS Attacks
Masquerade/Spoofing
Social Engineering
Phishing
MITM Attack
Replay Attack
Active Attack - Denial of Service (DOS) Attack
Used to make an information asset or resource unavailable for authorised users - typically done by overloading/flooding service for requests of service
Active Attack - Distributed Denial of Service (DOS) Attack
Similar to DOS attacks but uses multiple sources to overload resource so it cannot respond to legitimate requests
Active Attack - Masquerade/Spoofing
When one entity pretends to be another to deceive others.
Common Types:
Caller ID Spoofing
Email Address Spoofing
Webpage Spoofing
Active Attack - Social Engineering
Using social skills to convince people to reveal information or permit access to resources
