cyber security incidents Flashcards
(26 cards)
What is a phishing attack?
A phishing attack is a cyber attack that attempts to trick individuals into providing sensitive information by masquerading as a trustworthy entity.
True or False: Denial of Service (DoS) attacks aim to make a network resource unavailable to its intended users.
True
Fill in the blank: Malware is a type of software designed to __________.
disrupt, damage, or gain unauthorized access to computer systems.
What does the acronym Ransomware stand for?
Ransomware is a type of malware that encrypts a user’s files and demands payment for the decryption key.
Which type of cyber attack involves intercepting communications between two parties?
Man-in-the-Middle (MitM) attack
What is the primary goal of a Distributed Denial of Service (DDoS) attack?
To overwhelm a target system with traffic, making it unavailable to users.
True or False: SQL Injection attacks exploit vulnerabilities in web applications that interact with databases.
True
What is social engineering in the context of cyber attacks?
Social engineering is the manipulation of individuals into divulging confidential or personal information for fraudulent purposes.
Identify the type of cyber attack: An attacker uses malicious code to redirect users to a fraudulent website.
Pharming attack
What is an APT (Advanced Persistent Threat)?
An APT is a prolonged and targeted cyber attack where an intruder gains access to a network and remains undetected for an extended period.
Fill in the blank: Cross-Site Scripting (XSS) allows attackers to inject __________ into web pages viewed by users.
malicious scripts
What is the purpose of a keylogger?
A keylogger is a type of malware designed to record keystrokes made by a user to capture sensitive information.
True or False: Credential stuffing attacks use stolen username and password pairs to gain unauthorized access to multiple accounts.
True
What is a zero-day exploit?
A zero-day exploit is an attack that occurs on the same day a vulnerability is discovered, before a patch is available.
Which cyber attack involves sending unsolicited bulk messages, often for advertising purposes?
Spam attack
What is a drive-by download?
A drive-by download is a malicious download that occurs without the user’s consent or knowledge when visiting a compromised website.
Fill in the blank: In a __________ attack, the attacker captures the target’s network traffic to steal sensitive data.
Sniffing
What type of attack involves exploiting weaknesses in a wireless network’s security?
Wi-Fi hacking
True or False: A rogue software update can be a method of delivering malware to users.
True
What is the term for the unauthorized access to a computer system to steal or manipulate data?
Hacking
What is the primary function of a firewall in cybersecurity?
A firewall monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Fill in the blank: __________ attacks involve inserting malicious code into a website or application to manipulate its behavior.
Injection
In terms of cyber attacks, what does the term ‘payload’ refer to?
The payload refers to the part of the malware that performs the malicious action, such as deleting files or stealing data.
What is the main objective of an insider threat?
To exploit access to sensitive information or systems from within the organization.
