Week 3 Flashcards

1
Q

Phishing

A

This is the type of attack where emails are crafted with such perfection that it seems they have come up from trusted sources in order to deceive recipients and steal information from them.

To mitigate:
monitor email traffic,
analyze website traffic,
educate employees and customers;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Malware

A

Typically delivered to a system through email attachments, malicious links, or drive-by downloads.

Once a system is infected, the attacker may use it to gain access to sensitive information, spread to other systems, or launch other types of attacks.

To mitigate:
monitor network traffic,
analyze system logs and event data,
perform malware analysis;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Ransomware

A

Typically carried out by sending an infected email attachment or link to a user, or by exploiting a vulnerability in the system.

Once encrypted, the attacker will demand payment in exchange for the decryption key.

To mitigate:
monitor network traffic,
analyze system logs and event data,
and performing malware analysis;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SQL Injection

A

Typically carried out by sending specially crafted SQL commands to a web application in order to exploit vulnerabilities in the application’s database

To mitigate:
monitor network traffic,
analyze web application logs,
performing penetration testing;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

XSS (Cross-site scripting)

A

XSS attacks are typically carried out by sending specially crafted code to a web application, which then executes the code in the victim’s browser.

To mitigate:
monitor network traffic,
analyze web application logs,
performing penetration testing;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

DOS and DDOS

A

▪ Attackers send BOT nets
▪ To slow down the server in order to launch an attack
▪ And also possibly bye-pass security Layers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Steps needed to prevent cyber attacks in a SOC Environment

A

Keep software updated,
Make passwords stronger,
Be vigilant with emails,
Install anti-virus software,
Train your staff;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly