Common Security Threats Flashcards Preview

A+ 902 > Common Security Threats > Flashcards

Flashcards in Common Security Threats Deck (17)
Loading flashcards...
1
Q

Malware

A
  • Malicious so ware - gather information, keystrokes
  • Unwilling participation in a group, such as a controlled botnet
  • Extortion for big money
  • Viruses and worms can ruin your day
2
Q

Spyware

A
  • Malware that spies on you - Advertising, identity theft, affiliate fraud
  • Can trick you into installing - Peer to peer, fake security software
  • Browser monitoring - Capture surfing habits
  • Keyloggers - Capture every keystroke, send it back to the mothership
3
Q

Viruses

A
  • Malware that can reproduce itself -
  • Reproduces through file systems or the network
  • Running a program can spread a virus
  • Some viruses are invisible, some are annoying
  • Anti-virus is very common - Thousands of new viruses every week
4
Q

Worms

A
  • Malware that self-replicates - doesn’t need you to do anything
  • Uses the network as a transmission medium
  • Can take over many PCs very quickly
  • Worms can do good things - Nachi tried to patch your computer
  • Firewalls and IDS/IPS can mitigate many worm infestations
5
Q

Trojan horse

A
  • Software that pretends to be something else
  • Circumvents your existing security - Anti-virus may catch it
  • The better trojans are built to avoid and disable AV
  • Once it’s inside it has free reign, and it may open the gates
6
Q

Rootkits

A
  • Originally a Unix technique - The “root” in rootkit
  • Modifies core system files - Part of the kernel
  • Can be invisible to the operating system or hides in the OS
  • Also invisible to traditional anti-virus utilities
7
Q

Ransomware

A
  • Your data is held hostage until your provide cash
  • Malware encrypts your data files - Pictures, documents, music, movies, etc.
  • You must pay the bad guys to obtain the decryption key
  • An unfortunate use of public-key cryptography
8
Q

Phishing

A
  • Social engineering with a touch of spoofing
  • Often delivered by spam, IM, etc.
  • Don’t be fooled, Check the URL
  • Spear phishing - Targeted and sophisticated phishing
9
Q

Spoofing

A
  • Pretend to be someone you aren’t
  • Modify your MAC or IP address - Change in driver configuration
  • Fundamental with many DDoS attack types
10
Q

Social engineering

A
  • Major threat - Electronically undetectable
  • Don’t give any information over the telephone
  • Look out for unattended persons, look for badges
11
Q

Zero-day attacks

A
  • Many applications have vulnerabilities
  • Someone is working hard to find the next big vulnerability
  • Bad guys keep these yet-to-be-discovered holes to themselves
  • Zero-day - The vulnerability has not been detected or published
12
Q

Distributed Denial of Service (DDoS)

A
  • Launch an army of computers to bring down a service
  • Use all the bandwidth or resources - traffic spike
  • A botnet can have millions of computers at your command
  • Many people have no idea they are participating in a bonnet
13
Q

Brute force

A
  • The password is the key - secret phrase, stored hash
  • Online - Brute force attacks - very slow
  • Offline - Brute force the hash
  • Large computational resource requirement
14
Q

Non-compliant systems

A
  • A constant challenge - There are always changes and updates
  • Standard operating environments (SOE) are a set of tested and approved hardware/software systems
  • Must have OS and application patches to be in compliance
15
Q

Violations of security best practices

A
  • There are many security best practices
  • DLP, encryption, spam filters, patches, firewalls, education, etc.
  • Constant audits are required
  • Each missed practice is an opportunity
16
Q

Tailgating

A
  • Use someone else to gain access to a building
  • Blend in with clothing - 3rd-party with a legitimate reason
  • Once inside, there’s little to stop you
17
Q

Man-in-the-middle

A
  • Bad guy can watch without you knowing
  • Redirects your traffic, then passes it on to the destination
  • You never know your traffic was redirected
  • ARP poisoning - ARP has no security

Decks in A+ 902 Class (60):