Chapter 2 Type of Attack Indicators

Question 1

Crypto-Malware

Answer 1

• Malware that uses a system’s resources to mine cryptocurrency.
• Theft of services attack uses CPU cycles of someone else’s computer to do crypto mining.

Question 2

How are Trojans used to attack a system?

Answer 2

• A standalone program that must be copied and installed by an authorized user.
• Appears to do one thing but hides some other functionality.

Question 3

Worm

Answer 3

• Pieces of code that attempt to penetrate network and computer systems.
• This can survive on its own.

Question 4

Logic Bomb

Answer 4

• A piece of code that sits dormant for a period of time until some event or date invokes its malicious payload.

Question 5

Ransomware

Answer 5

• Malware that typically encrypts files on a system and then leaves them unusable or temporarily until a ransom is paid.

Question 6

Spyware

Answer 6

• Usually installed without the user’s knowledge.
• Can record activities such as keyloggers.

Question 7

Spraying

Answer 7

• An attack that uses a limited number of commonly used passwords and applies them to a large number of accounts.

Question 8

Potentially Unwanted Programs (PUP)

Answer 8

A way for companies and antivirus vendors to identify programs that may have adverse effects on a computer’s security or privacy.

Question 9

Fileless Virus

Answer 9

• Memory-based attack, hard to detect.
• A piece of malware operates only in memory, never touches the filesystem.

Question 10

Backdoor

Answer 10

• Programs that attackers install after gaining unauthorized access to a system to ensure that they can continue to have unrestricted access to the system.
• Common backdoors include: Netbus and Back Orifice.

Question 11

Man in the Middle Attack

Answer 11

A mechanism whereby an attacker can inject himself into middle of a conversation between two devices.

Question 12

Command and Control

Answer 12

• Used to control malware that has been launched against targets.

Question 13

Rainbow Tables

Answer 13

Precomputed tables or hash values associated with passwords.

Question 14

Dictionary

Answer 14

Another method of determining passwords is to use a password-cracking program that uses a list of dictionary words to try to guess the password.

Question 15

Hybrid Cloud

Answer 15

• One where elements from private, public, and community cloud structures are combined.
• Environments not joined together but are used together.

Question 16

Remote Access Trojans (RATs)

Answer 16

A toolkit designed to provide the capability of court surveillance and/or the capability to gain unauthorized access to a target system.

Question 17

Bots

Answer 17

• A functioning piece of software that performs some task, under the control of another program.
• Bots can proliferate spam to commit fraud, install spyware, and other malicious acts.

Question 18

Keyloggers

Answer 18

• Piece of software that logs all of the keystrokes that a user enters.
• Used to obtain passwords and other sensitive pieces of information.

Question 19

Rootkit

Answer 19

• Specifically designed to modify the operation of the operating system in some fashion to facilitate nonstandard functionality.

Question 20

Brute Force

Answer 20

• Attempting all password combinations
• The length of the password can affect the time a brute force attack will take.

Question 21

Offline Brute Force Attack

Answer 21

• Can be employed to perform hash comparisons against a stolen password file.

Question 22

Online Brute Force Attacks

Answer 22

• Can occur against a system in real time.
• Frequently done to attack a single account with multiple examples of passwords.

Question 22

Malicious Universal Serial Bus (USB) Cable

Answer 22

• Cables embedded with malicious devices such as Wi-Fi devices, enabling attacks against a Wi Fi network.

Question 23

Skimming

Answer 23

• Physical devices built to collect all credit card information as well as the pin number being entered.

Question 24

Adversarial Artificial Intelligence (AI)

Answer 24

- The use of complex models to simulate functions of the brain. - Can be used to enable attacks such as phishing to avoid machine detection.

Question 25

Tainted Training Data for Machine Learning (ML)

Answer 25

- A deficient training set of data can build a model with holes in it which can allow conditions to go undetected.

Question 26

Security of Machine Learning Algorithms

Answer 26

- Should an attacker be able to reproduce the same set of parameters that could slip past the ML algorithm.

Question 27

Supply-Chain Attacks

Answer 27

- The parts and software used to create networks can be tainted which can result in the final product can have vulnerabilities.

Question 27

Cloud-Based vs On-Premise Attacks

Answer 27

- You must define the desired security and the methods of attaining it no matter if the system is cloud-based or in-house.`

Question 28

Cryptographic Attacks

Answer 28

- An attack against a cryptographic system. - Algorithmic weakness that can be exploited

Question 29

Malicious Flash Drive

Answer 29

Malicious USB storage devices have been used to dupe users into plugging these devices into their computers and access sensitive information

Question 30

Card Cloning

Answer 30

Getting the physical possession of and cloning the information on the card to gain access to sensitive information.

Question 31

Birthday Paradox

Answer 31

The chance that two individuals within a group of at least 23 people share the same birthday.

Question 32

Collision Attack

Answer 32

- Two different inputs yield the same output of a hash function. - An attacker has a chance to create a file with changed visible content but identical hashes.

Question 33

Downgrade Attack

Answer 33

- The attacker takes advantage of a commonly employed principle to support backward compatibility.