Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber > Section 9: Identifying Threats, Attacks and Vulnerabilities > Flashcards

Section 9: Identifying Threats, Attacks and Vulnerabilities Flashcards

1
Q

If you install a freeware program that analyzes your computer and then finds 40,000 exploits and asks you to purchase the full version, what type of attack is this?

A

When you part with your money, this is ransomware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Describe how a fileless virus operates.

A

Piggybacks itself onto a legitimate application, and they both launch together.

Using Malwarebytes would alert you of both launching at the same time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does an attacker carry out credential harvesting?

A

A phishing attack where you are warned that an account has been hacked, and it gives you a link to a website to resolve it. When you try to log in, they collect your details.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How is pretexting used in an attack?

A

An attacker manufactures a scenario and they ask you to confirm your account details to steal them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How does an invoice scam work?

A

An attacker obtains the details of a legitimate invoice and substitutes the bank details with their own.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How does an attacker carry out password spraying?

A

An attacker works out what standard naming convention a company is using, and they then obtain the names of employees from the internet. They then try common passwords against those accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How does an attacker use a malicious USB drive?

A

An attacker leaves a malicious USB drive inside a company where it can be found. There is only one shortcut, so when the finder puts it in their computer to try and find the owner, they click on the shortcut and release the virus into their system. The attacker can now control their computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How does artificial intelligence training help attackers?

A

AI uses machine learning to teach the machine to think like a human and detect attacks. If it is tainted, it will ignore some attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When you go to a restaurant, how can you protect yourself against card cloning?

A

Ensure that the server does not disappear with your card, make sure it is always visible to you.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an on-path attack?

A

An interception attack. I.e. a replay or man-in-the-middle attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why is operational technology vulnerable to attack?

A

Operational technology is where we have removed CCTV standalone systems that were air-gapped and now use a fully integrated solution that is fully connected, leaving them vulnerable to attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Give an example of crypto-malware?

A

Ransomware where the victim’s hard drive is encrypted and held to ransom. It could also have popups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What type of malware self-replicates and which virus self-propagates itself?

A

A virus self-replicates.
A worm self-propagates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What type of virus inserts a .dll into either the SysWOW64 or System32 folder?

A

Trojan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is an RAT?

A

Remote Access Trojan (RAT) is a trojan that sends the user’s username and password to an external source so that a remote session can be created.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What type of virus attack keeps coming back even when the operating system has been reinstalled on Windows, or the Bash shell on Linux?

A

A rootkit virus, because it resides in the Master Boot Record (MBR) or uses the Bash shell in Linux.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How does a logic bomb virus work?

A

Triggered by an event; for example, a Fourth of July logic bomb would activate when the date on the computer was July 4. It is triggered by time, script, .bat/ .cmd files or a task scheduler.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the purpose of a keylogger?

A

Can run from a USB flash drive plugged into the back of a computer which then records all the keystrokes being used. It can capture sensitive data that is typed in.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a botnet?

A

A group of computers that have been infected so that they can be used to carry out malicious acts without the real attacker being identified. They could be used for a DDoS attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Explain a phishing attack.

A

A type of attack in which an indiscrimate email asks users to fill in a form requesting their bank details or PII.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How does spear phishing differ from a phishing attack?

A

A phishing attack that has been sent to a specific group of users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is a whaling attack?

A

Uses email to target a CEO or high-level executive in a company.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What type of attack can include leaving a voicemail?

A

Vishing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is tailgating?

A

A form of social engineering where someone has used a smart card or entered a pin to access a door, and then someone behind them passes through the door before it closes, entering no creds.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is social engineering?

A

Exploits an individual’s character in a situation that they are not used to. This is hacking the human, putting them under pressure to make a snap decision.

26
Q

What type of attack could involve dressing as a police officer?

A

Impersonation attack.

27
Q

What type of attack is it if a firefighter arrives and you let them into the server room to put out a fire?

A

Social engineering urgency attack.

28
Q

What type of attack is it if you are in an ATM queue and someone has their phone to one side so that they can film the transaction?

A

Shoulder surfing attack.

29
Q

What is a watering hole attack?

A

Infects a trusted website that a certain group of people visits regularly.

30
Q

What type of attack is it if you receive an email from your company’s CEO, telling you to complete the form attached by clicking on a link in the email?

A

Social engineering authority attack.

31
Q

One of your bosses asks you to give them information that one of your peers gave them last week. You are hesitant but give them the information. What type of attack is this?

A

Social engineering consensus attack; the person being attacked wants to be accepted by their peers.

32
Q

What type of attack is a multiple SYN flood attack on a well-known website that takes it down?

A

DDoS attack.

33
Q

Explain a man-in-the-middle attack.

A

Man-in-the-Middle (MITM) attacks are on-path, where a connection between hosts is intercepted and the conversation is changed and then replayed, but the people involved still believe that they are talking directly to each other.

34
Q

How does a replay attack differ from a man-in-the-middle attack?

A

Similar to a MITM attack except the intercepted packet is replayed at a later date.

35
Q

What type of attack is a man-in-the-browser attack?

A

A Trojan that intercepts your session between your browser and the internet; it aims to obtain financial transactions.

36
Q

How can you prevent a replay attack in a Microsoft environment?

A

Kerberos authentication; uses USN and timestamps and can prevent replay attacks as the USN packets and timestamps need to be sequential.

37
Q

How can you prevent a pass-the-hash attack?

A

Enabling Kerberos or disabling NTLM.

38
Q

What type of attack uses HTML tags with JavaScript?

A

XSS.

39
Q

What type of exploit has no patches and cannot be detected by NIDS or NIPS?

A

A zero-day virus.

40
Q

What is domain hijacking?

A

Where someone tries to register your domain, access your hosted control panel and set up a website that is similar to yours.

41
Q

What is bluejacking?

A

Hijacking someone’s Bluetooth phone so that you can take control of it and send text messages.

42
Q

What is bluesnarfing?

A

When you steal someone’s contacts from their Bluetooth phone.

43
Q

For what type of attack would you use the strcpy tool?

A

Buffer overflow.

44
Q

What is an integer overflow attack?

A

Inserts a number larger than what is allowed.

45
Q

What type of attack uses the phrase 1=1?

A

SQL injection.

46
Q

Name two methods for preventing a SQL injection attack.

A
  1. Input validation
  2. Stored procedures (best)

Stored procedures are prepared SQL code that can be saved and rerun.

47
Q

What type of attack is session replay?

A

Cookies are stolen so that someone can pretend to be you.

48
Q

If you misspell a website but still appear to reach it, what type of attack is this?

A

Typo squatting. Attacker launches a website with a similar name to a legitimate website in hope that victims misspell the URL.

49
Q

What type of attack would you use shimming or refactoring for?

A

Driver manipulation attacks.

50
Q

What type of system is susceptible to a birthday attack?

A

Digital signatures.

51
Q

What are rainbow tables?

A

Pre-computed lists of passwords with the relevant hash in either LM, NTLM, MD5 or SHA-1.

52
Q

How can you store passwords to prevent a dictionary attack?

A

Salting passwords inserts a random value and prevents dictionary attacks.

53
Q

Name two tools that can be used for key stretching.

A
  1. bcrypt
  2. PBKDF2
54
Q

What is the fastest password attack that can crack any password?

A

Brute force. Uses all combinations of characters, letters and symbols.

55
Q

What is the only way to prevent a brute-force attack?

A

An account lockout with a low value.

56
Q

What can we do to slow down a brute-force attack?

A

If account lockout is not available, make the password length longer or salt passwords.

57
Q

What type of authentication is the most prone to errors?

A

Using passwords. Compared to certificates and smart cards which don’t have many errors.

58
Q

What is an evil twin?

A

A WAP that is made to look like a legitimate WAP. Symptoms include slow internet and the inability to connect to the corporate network.

59
Q

How can you prevent an attack by a rogue WAP?

A

802.1x. The device needs to authenticate itself to attach to the switch.

60
Q

You are trying to use the internet, but your wireless session keeps crashing. What type of attack is this?

A

Wireless disassociation attack. The attacker prevents the victim from connecting to the WAP.

61
Q

How close does an attacker need to be for an NFC attack?

A

4 cm.

62
Q

What is pivoting?

A

Method by which pen testers gain access to a network so that they can move laterally to launch an attack on secondary system.

Cyber (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions