1.2 - Attack Types Flashcards

1
Q

Define Malware.

A

A form of malicious software that is used for some nefarious purpose (gathering information, forcing a pc to participate in a group, showing advertising, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

List as many types of malware as you can.

A
  1. Viruses
  2. Crypto-malware
  3. Ransomware
  4. Worms
  5. Trojan Horse
  6. Rootkit
  7. Keylogger
  8. Adware / Spyware
  9. Botnet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are some ways that you can prevent a PC from getting malware?

A
  1. Don’t click email links
  2. Keep OS updated
  3. Keep applications updated and check with
    publisher
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define Virus.

A

A type of malware that can reproduce itself but requires user input in order to start infecting. It reproduces through file systems or the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List the types of viruses.

A
  1. Program Virus
  2. Boot Sector Virus
  3. Script Virus
  4. Macro Virus
  5. Fileless Virus
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define Program Virus.

A

A virus that runs within an application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define Boot Sector Virus.

A

A virus that runs within the boot sector of an OS and starts upon a system booting up.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Define Script Virus.

A

A virus that runs off a script that is either OS or browser-based.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define Fileless Virus.

A

A virus that is never saved into the file system of the OS. It only ever runs on the memory of a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define Macro Virus.

A

A virus that runs off of a macro typically found within Microsoft Office.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define Worm.

A

A form of malware that self-replicates. It does not require user input in order to start. It often uses the network as a transmission medium. Self-propagates and spreads quickly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define Ransomware.

A

An attack in which a bad actor takes, acts like they have taken, or encrypts your data until you pay them to get it back.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define Crypto-Malware.

A

A ransomware attack in which the victim’s data is encrypted. A decryption key must be obtained from the bad actors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are 5 ways to protect against ransomware?

A
  1. Always have a backup
  2. Keep your OS system up to date
  3. Keep your applications up to date
  4. Keep your anti-virus / anti-malware signatures up
    to date
  5. Keep everything up to date
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define Trojan Horse.

A

A type of malware that pretends to be something else to make its way on your computer. It can open up a way for other types of malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Define Remote Access Trojans (RATs).

A

A type of trojan horse that allows for remote administrative control of a device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

List 3 ways to protect a PC against Trojan Horses and RATs.

A
  1. Don’t run unknown software
  2. Keep anti-virus / anti-malware signatures updated
  3. Always have a backup
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Define Rootkit.

A

A type of malware that is within the system files making it incredibly difficult to remove. It can often be invisible to the OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are 3 ways to deal with rootkits?

A
  1. Looking for the unusual (via anti-malware scans)
  2. Use a remover specific to the rootkit
  3. Secure boot with UEFI
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Define Adware.

A

A type of malware that attempts to flood your screen with ads.

21
Q

Define Spyware.

A

A type of malware that spies on you. It might take note of sites that you visit or log passwords.

22
Q

Define Keylogger.

A

A type of spyware that logs your keystrokes.

23
Q

What are 4 ways to protect against spyware and malware?

A
  1. Maintain your anti-virus / anti-malware
  2. Always know what you are isntalling
  3. Backups
  4. Run some scans
24
Q

Define a Bot.

A

A type of software application or script that performs automated tasks on command. Bad bots perform malicious tasks that allow an attacker to remotely take control over an infected computer.

25
Q

Define Botnet.

A

A group of bots working together for some malicious purpose, such as a DDoS or botnets as a service.

26
Q

What are three ways to stop bots?

A
  1. Prevent the initial infection through
    - OS and application patches
    - Anti-virus/ anti-malware and updated
    signatures
  2. Identify an existing infection
  3. Prevent command and control (C&C) via firewall
    and IPS
27
Q

Define Logic Bomb.

A

A set of instructions secretly incorporated into a program so that if a particular condition is satisfied they will be carried out, usually with harmful effects.

28
Q

What are three ways to prevent logic bombs?

A
  1. Process and Procedures with formal change
    controls
  2. Electronic monitoring
  3. Constant auditing
29
Q

Define a hash.

A

The process of transforming any given key or string of characters into a fixed-length string of text.

30
Q

Define a spraying attack.

A

A type of brute force attack where a malicious actor attempts the same password on many accounts before moving on to another one and repeating the process. Attempt to no lockout to raise no alarms.

31
Q

Define a brute force attack.

A

An attempt to break into an account by using every possible password combination until the hash is matched.

32
Q

Define a dictionary attack.

A

A type of brute force attack where an intruder attempts to crack a password-protected security system with a “dictionary list” of common words and phrases used by businesses and individuals. Can substitute letters with numbers and special characters.

33
Q

Define rainbow tables.

A

An optimized, pre-built set of hashes. A password hacking tool that uses a precomputed table of reversed password hashes to crack passwords in a database.

34
Q

Define salt.

A

Random data added to a password when hashing. Every password gets random salt inserted. Rainbow tables can’t deal with salt.

35
Q

Define malicious USB cable.

A

A USB cable that appears to be a typical USB cable, but it registers as a HID. It installs malicious software.

36
Q

Define malicious flash drive.

A

A flashdrive that appears innocent, but it has malicious software on it. Can act as an HID. Can use macros in document, boot to itself, or act as an ethernet adapter.

37
Q

Define skimming.

A

The act of stealing credit card information, usually during a normal transaction. Can copy data from the magnetic strip. Can be done at an ATM.

38
Q

Define card cloning.

A

The act of creating a duplicate of a card. This can only be done on magnetic strip cards. Card information is often gained by skimming.

39
Q

Define evasion attacks.

A

Attacks at the testing time of an AI, in which the attacker aims to manipulate the input data to produce an error in the machine learning system. Does not alter the behavior of the AI, exploits its blinds spots and weaknesses to produced desired errors.

40
Q

Define data poisoning.

A

Manipulating training datasets by injecting poisoned or polluted data to control the behavior of the trained ML model and deliver false results. AI

41
Q

Name three ways to secure the learning algorithms for AI.

A

1) Check the training data (cross check and verify)
2) Constantly retrain with new data
3) Train the AI with possible poisoning

42
Q

Name a few ways that you can secure a supply chain.

A

1) Keep an eye out for servers, router, switches,
firewalls and software
2) Use a small supplier base
3) Strict controls over policies and procedures
4) Security should be part of the overall design

43
Q

What are some features of cloud-based security?

A

+ Centralized and costs less
+ No dedicated hardware, no data center to secure
+ A third-party handles everything
+ Data is in a secure environment
+ Cloud providers are managing large-scale security
+ Limited downtime
+ Scalable security options

  • Third-party may have access to the data
  • Users must follow security best-practices
  • May not be as customizable as necessary
44
Q

What are some features of on-premise security?

A

+ Complete control
+ On-site IT team can manage security better
+ Local team maintains uptime and availability

  • Burden is on the client
  • Data center security and infrastructure costs
  • Security changes can take time
  • Staffing costs
45
Q

Define birthday attack.

A

When the same hash value is created for two different plaintexts, aka hash collision. The attacker will generate multiple versions of plaintext to match the hashes.

46
Q

Define hash collision.

A

Occurs when two different inputs produce the same hash value. This can happen for various reasons, such as using a weak or flawed hashing algorithm, having a small hash space, or having a large number of inputs.

47
Q

Define downgrade attack.

A

Attacks that take advantage of a system’s backward compatibility to force it into less secure modes of operation. Systems that can use encrypted or unencrypted connections are at the greatest risk from downgrade attacks.

48
Q
A