Ch6: Comparing Threats, Vulnerabilities, and Common Attacks

Question 1

Script kiddie

Answer 1

An attacker who uses existing computer scripts to launch attacks, typically with very little expertise, sophistication, and funding

Question 2

Hacktivist

Answer 2

launches attacks as part of an activist movement or to further a cause

Question 3

Insider

Answer 3

Anyone who has legitimate access to an organization’s internal resources, such as an employee

Question 4

Organized crime elements are…

Answer 4

typically motivated by greed and money but often use sophisticated techniques

Question 5

APTs

Answer 5

Advanced Persistent Threats are sponsored by governments and they launch sophisticated, targeted attacks

Question 6

DoS attack

Answer 6

A denial-of-service attack is an attack from a single source that attempts to disrupt the services provided by another system

Question 7

DDoS attack

Answer 7

A distrubuted denial-of-service attack includes multiple computers attacking a single target. DDoS attacks typically include sustained, abnormally high network traffic

Question 8

Malware

Answer 8

includes a wide variety of malicious code including viruses, worms, Trojans, ransomware, and more

Question 9

Virus

Answer 9

a malicious program that attaches itself to an application and runs when the application is started

Question 10

Worm

Answer 10

a self-replicating program that doesn’t need user interaction to run

Question 11

Logic bomb

Answer 11

executes in response to an event, such as when a specific application is executed or a specific time arrives

Question 12

Backdoor

Answer 12

A backdoor provides another way to access a system

Question 13

Trojan

Answer 13

A Trojan appears to be something useful but includes a malicious component, such as installing a backdoor on a user’s system. Many Trojans are delivered via drive-by-downloads. They can also infect systems from fake AV software, pirated software, games, or infected USBs

Question 14

Ransomware

Answer 14

a type of malware that takes control of a user’s system or data. Criminals then attempt to extort payment from the victim. Ransomware often includes threats of damaging a user’s system or data if the victim does not pay the ransom.

Question 15

Crypto-malware

Answer 15

Ransomware that encrypts the user’s data

Question 16

Keyloggers

Answer 16

capture a user’s keystrokes and store them in a file, which can be automatically sent to an attacker or manually retrieved

Question 17

Spyware

Answer 17

monitors a user’s computer and often includes a keylogger

Question 18

Rootkit

Answer 18

A group of programs that has system-level or kernel access and can modify system files and system access. Rootkits hide their running processes to avoid detection with hooking techniques. Tools that can inspect RAM can discover these hidden hooked processes

Question 19

Social engineering

Answer 19

uses social tactics to trick users into giving up information or performing actions they wouldn’t normally take

Question 20

Shoulder surfing

Answer 20

Looking over someone’s shoulder to gain information. Screen filters help prevent shoulder surfing by obscuring the view for people unless they are directly in front of the monitor

Question 21

Dumpster diving

Answer 21

Searching through trash for information

Question 22

Spam

Answer 22

unwanted email

Question 23

Phishing

Answer 23

malicious spam (clicking on email links to install malware)

Question 24

Spear phishing

Answer 24

Attack that targets a specific group of users. It could target employees of a company or customers of a company. Digital signatures can help reduce successful spear phishing

Question 25

Whaling

Answer 25

Phishing targeting high-level executives

Question 26

Vishing

Answer 26

A form of phishing that uses the phone system or VoIP. Some vishing attempts are fully automated. Others start automated but an attacker takes over at some point during the call

Question 27

AV software

Answer 27

Antivirus software detects and removes malware, such as viruses, Trojans, and worms

Question 28

Signature-based AV software

Answer 28

detects known malware based on signature definitions

Question 29

Heuristic-based AV software

Answer 29

detects previously unknown malware based on behavior

Question 30

__ users helps prevent incidents…

Answer 30

Educating users about new viruses, phishing attacks, and 0day exploits helps prevent incidents

Question 31

Zero-day exploits

Answer 31

take advantage of vulnerabilities that aren’t known by trusted sources, such as OS vendors and AV vendors

Question 32

Social engineers are effective because…

Answer 32

they use psychology-based techniques to overcome users’ objections

Question 33

Two techniques that encourage immediate action are

Answer 33

scarcity and urgency