Assets, Threats, and Vulnerabilities: Module 4

Question 1

Angler Phishing

Answer 1

Tricking people on social media by pretending to be customer support

Question 2

Advanced Persistent Threat (APT)

Answer 2

A hacker secretly stays in a system for a long time

Question 3

Adware

Answer 3

Software that shows ads inside apps

Question 4

Attack Tree

Answer 4

A diagram showing how a hacker might reach a target

Question 5

Baiting

Answer 5

Tricking someone into doing something risky

Question 6

Botnet

Answer 6

A group of infected computers controlled by a hacker

Question 7

Cross-Site Scripting (XSS)

Answer 7

Hacker code added to a website or app

Question 8

Cryptojacking

Answer 8

Malware that uses your computer to mine cryptocurrency

Question 9

DOM-Based XSS Attack

Answer 9

Harmful code already in a webpage you load

Question 10

Dropper

Answer 10

Malware that carries and installs other malware

Question 11

Fileless Malware

Answer 11

Malware that hides by using programs already on your computer

Question 12

Hacker

Answer 12

Someone who breaks into systems or data

Question 13

Identity and Access Management (IAM)

Answer 13

Tools to control who can access what

Question 14

Injection Attack

Answer 14

Bad code added into an app to cause harm

Question 15

Input Validation

Answer 15

Checking input to make sure it’s safe

Question 16

Intrusion Detection System (IDS)

Answer 16

Tool that watches for and warns about attacks

Question 17

Loader

Answer 17

Malware that brings in more malware from outside

Question 18

Malware

Answer 18

Software made to harm computers or networks

Question 19

Process of Attack Simulation and Threat Analysis (PASTA)

Answer 19

A method for finding and planning for threats

Question 20

Phishing

Answer 20

Tricking someone with fake messages to steal info

Question 21

Phishing Kit

Answer 21

Tools to help launch a phishing scam

Question 22

Prepared Statement

Answer 22

Safe way to send SQL code to a database

Question 23

Potentially Unwanted Application (PUA)

Answer 23

Unwanted software that comes with real apps

Question 24

Quid Pro Quo

Answer 24

Offering fake rewards to steal info or access

Question 25

Ransomware

Answer 25

Malware that locks files and asks for money

Question 26

Reflected XSS Attack

Answer 26

Harmful code runs when the server replies

Question 27

Rootkit

Answer 27

Malware that gives full control of a computer

Question 28

Scareware

Answer 28

Fake warnings used to scare users into installing malware

Question 29

Smishing

Answer 29

Phishing using text messages

Question 30

Social Engineering

Answer 30

Tricking people to get access or info

Question 31

Spear Phishing

Answer 31

Phishing targeting a specific person or group

Question 32

Spyware

Answer 32

Secret software that collects and sells info

Question 33

SQL

Answer 33

Language to talk to and manage databases

Question 34

SQL Injection

Answer 34

Tricking a database by sending bad SQL code

Question 35

Stored XSS Attack

Answer 35

Harmful code is saved on the server

Question 36

Tailgating

Answer 36

Sneaking into a building by following someone

Question 37

Threat

Answer 37

Something that could cause harm

Question 38

Threat Actor

Answer 38

A person or group that causes security risks

Question 39

Threat Modeling

Answer 39

Finding and understanding possible attacks

Question 40

Trojan Horse

Answer 40

Malware that looks like a real program

Question 41

Vishing

Answer 41

Phishing through phone calls

Question 42

Watering Hole Attack

Answer 42

Hacking a site a group often visits

Question 43

Whaling

Answer 43

Phishing that targets top executives

Question 44

Web-Based Exploits

Answer 44

Code that takes advantage of website flaws