Chapter 9 - Malware, Vulnerabilities, & Threats Flashcards Preview

Security + > Chapter 9 - Malware, Vulnerabilities, & Threats > Flashcards

Flashcards in Chapter 9 - Malware, Vulnerabilities, & Threats Deck (27)
Loading flashcards...
1

How is spyware different from other malware?

9 - 300

because it works on behalf of a third party

2

What is a rootkit?

9 - 301

software program that has the ability to hide certain things from the operating system

3

what is a trojan horse?

9 - 305

programs that enter a system or network under the guise of another program

4

what file extension belongs in both columns of allowed and not allowed for email attachments?

9 - 307

.pdf

5

what is a logic bomb?

9 - 307

programs or code snippets that execute when a certain predefined event occurs

6

what is a backdoor attack?

9 - 308

2 different meanings
1. troubleshooting and developer hooks into systems that often circumvented normal authentication
2. gaining access to a network and inserting a program or utility that creates an entrance for an attacker

7

what is a botnet?

9 - 309

software running on infected computers called zombies, under the control of a bot herder

8

what is ransomware?

9 - 309

software delivered through a trojean takes control of a system and demands that a third party be paid

9

tell me the 8 kinds of viruses

9 - 310

polymorphic - change form to avoid detection
stealth - masking themselves from applications
retrovirus - attack or bypass the antivirus software database
multipartite - attack system in multiple ways
armored - difficult to detect or analyze
companion - also known as a trojan, attach to program and create program with a different filename extension
phage - modify and alter programs or databases
macro - exploits the enhancements made to application programs

10

what does it mean to use the "layered approach" with antivirus software?

9 - 317

it means you put the antivirus software at the gateways, the servers, and at the dekstop

11

two of the most common types of DoS attacks are what?

9 - 319

ping of death - send ICMP packets that are larger than the system can handle
buffer overflow - put more data into the buffer than it can hold

12

DDoS uses one computer to target multiple or multiple computers to target one ?

9 - 321

multiple computers to target one computer

13

what is spear phishing?

9 - 323

unique form of phishing in which the message is made to look as if it came from someone you know

14

is a man in the middle attack an active or passive attack?

what's another name for this kind of attack?

9 - 324

active

TCP/IP hijacking

15

what is a smurf attack?

9 - 326

spoofing the target machine's IP address and broadcasting to that machine's routers so that the routers think the target is sending out the broadcast. target system becomes overloaded.

16

tell me the 5 kinds of password attacks

9 - 327

brute force - guess until you get it right
dictionary - use common words to guess password
hybrid - combines dictionary with brute force
birthday - if your key is hashed, given enough time, another value can be created that will give the same hash value
rainbow table - identifying a stored value

17

what is privilege escalation?

9 - 328

user gaining more privileges than they should have because you forgot to remove the backdoor

18

malicious insider threat?

9 - 332

someone on the inside who sells you out

19

client-side attack?

9 - 333

targets vulnerabilities in client applications that interact with a malicious server

20

typo squatting is the same as what?

9 - 333

URL hijacking

21

what is the strategy of watering hole attack?

9 - 334

to identify a site that is visited by those they are targeting, and poison that site

22

tell me about Cross-Site Request Forgery

9 - 335

XSRF, session riding, one click attack, all the same thing
unauthorized commands coming from a trusted user to the website

23

what is a directory traversal attack?

9 - 337

when attacker gains access to restricted directories through HTTP

24

should you or should you not allow ActiveX without prompting you?

9 - 340

don't allow it without a prompt

25

what's the difference between risk, threat, and vulnerability?

9 - 344,345

risk - what is the likelihood of an attack being successful?
threat - what are the dangers associated with the risk
vulnerabilites? - where is the system weak?

26

DNS spoofing?

9 - 322

associates IP addresses with a domain

27

what is a SQL injection

9 - 335

type sql code into username field and start extracting data