Attacks, Threats, and Vulnerabilities Flashcards by Jeff S

Q

Phishing

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Smishing

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Vishing

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Spam

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Spim

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Spear phishing

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Dumpster diving

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Shoulder surfing

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Pharming

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Tailgating

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Eliciting information

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Whaling

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Prepending

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Identity fraud

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Invoice scams

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Credential harvesting

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Reconnaissance

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Hoax

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Impersonation

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Watering hole attack

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Typosquatting

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Pretexting

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Influence campaign

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Q

Hybrid warfare

A

How well did you know this?

1

Not at all

2

3

4

5

Perfectly

Authority

Intimidation

Consensus

Scarcity

Familiarity

Trust

Urgency

Ransomware

Trojans

Worms

PUPs

Fileless virus

Command and control

Bots

Cryptomalware

Logic bombs

Spyware

Keyloggers

RAT

Rootkit

Backdoor

Spraying (password attack)

Dictionary (password attack)

Brute Force (password attack)

Rainbow table (password attack)

Plaintext/Unencrypted (password attack)

Malicious USB cable

Malicious flash drive

Card cloning

Skimming

Adversarial AI

Supply-chain attacks

Cloud based vs On-premises attacks

Birthday (Cryptographic attack)

Collision (Cryptographic attack)

Downgrade (Cryptographic attack)

Privilege escalation

Cross-site scripting

SQL injection

DLL injection

LDAP injection

XML injection

Pointer/object dereference

Directory traversal

Buffer overflows

Race conditions

Error handling

Improper input handling

Replay attack

Integer overflow

Request forgeries

API attacks

Resource exhaustion

Memory leak

SSL stripping

Shimming (Driver manipulation)

Refactoring (Driver manipulation)

Pass the hash

Evil twin (wireless)

Rogue AP

Bluesnarfing

Bluejacking

Disassociation

Jamming

RFID

NFC

IV

On-path attack

ARP poisoning

MAC flooding

MAC cloning

Domain hijacking

DNS poisoning

URL redirection

Domain reputation

DDoS

Malicious code or script execution

APT

Insider threat

State actor

Hacktivist

Script kiddies

Criminal syndicates

Hackers

Shadow IT

Competitors

Direct access (vector)

Wireless (vector)

Email (vector)

Supply chain (vector)

Social media (vector)

Removeable media (vector)

Cloud (vector)

OSINT

Closed/proprietary threat intelligence

Vulnerability databases

Public/private info-sharing centers

Dark web

Indicators of compromise

AIS

Predictive analysis

Threat map

File/code repository

Threat hunting

Vulnerability scans

Syslog/SIEM

SOAR

Pentesting

Passive/active reconnaissance

Exercise types