Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

NJIT Cybersecurity > Key Terms > Flashcards

Key Terms Flashcards

1
Q

What is a DOS attack?

A

DOS = Denial of Service
when real users are unable to access systems or devices because of an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a DDOS attack?

A

DDOS = distributed denial-of-service attack
when multiple computers operate together to attack one target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is malware?

A

Malware is intrusive software that is designed to damage and destroy computers and computer systems.

Examples of common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a worm?

A

a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Trojan Horse?

A

type of malware that downloads onto a computer disguised as a legitimate program.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is scareware?

A

A common scareware definition is a cyberattack that scares people into visiting spoofed or infected websites or downloading malicious software (malware). Scareware can come in the form of pop-up ads that appear on a user’s computer or spread through spam email attacks.

A scareware attack is often launched through pop-ups that appear on a user’s screen, warning them that their computer or files have been infected and then offering a solution. This social engineering tactic aims to scare people into paying for software that purportedly provides a quick fix to the “problem.” However, rather than fix an issue, scareware actually contains malware programmed to steal the user’s personal data from their device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a botnet?

A

A botnet (short for “robot network”) is a network of computers infected by malware that are under the control of a single attacking party, known as the “bot-herder.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a zombie?

A

In computing, a zombie is a computer connected to a network that has been compromised by a hacker, a virus or a Trojan. It can be used remotely for malicious tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the CIA triad?

A

Confidentiality, integrity and availability is a model designed to guide policies for information security within an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the NIST Cybersecurity Framework?

A

NIST Cybersecurity Framework is a set of guidelines for mitigating organizational cybersecurity risks, published by the US National Institute of Standards and Technology (NIST) based on existing standards, guidelines, and practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is risk appetite?

A

The types and amount of risk, on a broad level, an organization is willing to accept in its pursuit of value/business objectives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is risk assessment?

A

The process of comprehending the nature of risk and determining the level of risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a control baseline?

A

The set of controls that apply to information or an information system to meet legal, regulatory, or policy requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is risk management

A

The process of managing risks to an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is an on-path attack?

A

When an aggressor that sits in the center between two stations and can catch, and sometimes, change that data that is being sent intelligently across the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a phishing attack?

A

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.

17
Q

What is a SQL injection?

A

SQL injection (SQLi) is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.

18
Q

What is a zero-day attack?

A

“Zero-day” is a broad term that describes recently discovered security vulnerabilities that hackers can use to attack systems. The term “zero-day” refers to the fact that the vendor or developer has only just learned of the flaw – which means they have “zero days” to fix it.

19
Q

What is DNS tunneling?

A
  1. The attacker registers a domain, such as badsite.com. The domain’s name server points to the attacker’s server, where a tunneling malware program is installed.
  2. The attacker infects a computer, which often sits behind a company’s firewall, with malware. Because DNS requests are always allowed to move in and out of the firewall, the infected computer is allowed to send a query to the DNS resolver. The DNS resolver is a server that relays requests for IP addresses to root and top-level domain servers.
  3. The DNS resolver routes the query to the attacker’s command-and-control server, where the tunneling program is installed. A connection is now established between the victim and the attacker through the DNS resolver. This tunnel can be used to exfiltrate data or for other malicious purposes. Because there is no direct connection between the attacker and victim, it is more difficult to trace the attacker’s computer.
20
Q

What is ARP poisoning?

A

ARP Poisoning (also known as ARP Spoofing) is a type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table. ARP Protocol translates IP addresses into MAC addresses. Because the ARP protocol was designed purely for efficiency and not for security, ARP Poisoning attacks are extremely easy to carry out as long as the attacker has control of a machine within the target LAN or is directly connected to it.

21
Q

What is packet sniffing?

A

Packet sniffing is a technique whereby packet data flowing across the network is detected and observed. Network administrators use packet sniffing tools to monitor and validate network traffic, while hackers may use similar tools for nefarious purposes.

22
Q

What is a rootkit?

A

is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software

23
Q

What is a keylogger?

A

Keyloggers are built for the act of keystroke logging — creating records of everything you type on a computer or mobile keyboard.

NJIT Cybersecurity (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions