Module 2 - Cybersecurity threats , vulnerabilities and attacks Flashcards
(114 cards)
1
Q
Which term refers to an area of control or protection that attackers can exploit?
A
A threat domain
2
Q
What must organizations identify first before implementing effective cybersecurity solutions?
A
Vulnerabilities within their threat domains
3
Q
What category includes bugs, application downtime, and illegal file shares?
A
Software errors
4
Q
Which type of cyber threat includes DoS attacks and viruses?
A
Software attacks
5
Q
What distinguishes internal threats from external ones?
A
Internal threats originate from current or former employees
5
Q
Which threat type includes actions like website defacement and database compromise by an insider?
A
Sabotage
5
Q
What type of cyber threat does a firewall misconfiguration fall under?
A
Human error
6
Q
Which threat category includes the physical theft of devices like laptops?
A
Theft
6
Q
Hard drive crashes are an example of which type of threat?
A
Hardware failures
7
Q
What kind of cyber threat is caused by power outages or sprinkler system malfunctions?
A
Utility interruption
7
Q
What is a typical target of an Advanced Persistent Threat (APT)?
A
Governments and high-level organizations
8
Q
What type of malware bypasses authentication and gives attackers admin-level remote access?
A
Backdoor
8
Q
What is often considered the weakest link in information security systems?
A
Users
8
Q
What tactic is commonly used by external attackers to trick users into providing access?
A
Social engineering
8
Q
What domain includes email, database management, and security monitoring systems?
A
Application domain
9
Q
Which attack abuses software logic to produce unintended behaviors like false alerts or CPU overloads?
A
Algorithm attack
9
Q
Which domain includes employees, customers, and partners with system access?
A
User domain
9
Q
Which domain includes all devices connected within the same geographic area, wired or wireless?
A
Local Area Network (LAN) domain
10
Q
What physical security risk threatens the LAN domain?
A
Unauthorized access
10
Q
Which category of attack uses multiple actors and advanced malware to stay undetected for long periods?
A
Advanced Persistent Threat (APT)
10
Q
Why are rootkits extremely difficult to detect?
A
They modify systems
11
Q
Which attack on the LAN involves examining open ports to find vulnerabilities?
A
Unauthorized network probing and port scanning
12
Q
Which backdoor tools are commonly used to gain unauthorized access?
A
Netbus and Back Orifice
12
Q
Which malware modifies the OS to maintain hidden access and escalate privileges?
A
Rootkit
13
What is often required after a rootkit infection?
Full wipe and reinstallation of software
14
What organization maintains the CVE (Common Vulnerabilities and Exposures) database?
MITRE
15
Which type of attack manipulates people rather than exploiting technical vulnerabilities?
Social engineering
15
Which government-supported database catalogs known security vulnerabilities?
Common Vulnerabilities and Exposures (CVE)
16
Which social engineering method involves fabricating a story to gain privileged data?
Pretexting
16
What do we call Evidence of breaches such as malware signatures or malicious domains?
Indicators of Compromise (IOCs)
16
Which social engineering tactic emphasizes limited time to prompt quick action?
Urgency
17
Which method involves building rapport or exploiting a known contact to deceive the victim?
Familiarity
17
What is the term for exchanging personal data for something in return, like a free gift?
Quid pro quo
17
Which tactic pressures a victim by suggesting limited quantity of a desired item?
Scarcity
17
What type of fraud uses someone’s stolen identity to deceive others for gain?
Identity fraud
18
Which tactic relies on the victim obeying someone they view as a superior or official?
Authority
19
Which social engineering method involves bullying or pressuring a target to act quickly?
Intimidation
19
Which tactic uses the behavior of others to influence a victim’s actions?
Consensus (social proof)
20
Which tactic involves slowly gaining the confidence of a victim to violate security later?
Trust
21
What physical attack involves watching someone enter sensitive data, like a PIN?
Shoulder surfing
22
What is the act of pretending to be someone else to manipulate victims?
Impersonation
23
What is the act of searching through trash for sensitive documents or information?
Dumpster diving
24
What type pf threat uses A false warning or trick intended to cause disruption or panic?
A hoax
25
What deception method exploits typos in URLs to lure users to malicious sites?
Typo squatting
25
Which physical security breach occurs when a criminal enters a secure area by following an authorized person?
Piggybacking or tailgating
25
What physical security feature involves two doors where the first must close before the second opens?
Mantrap
26
What is the purpose of prepending in phishing emails?
To make the email appear legitimate
26
Which attack removes external email warning tags to make malicious emails look internal?
Prepending
26
Which attack is attack strategy where attackers compromise websites frequently visited by a specific target group, injecting malware to infect the users of those websites?
Watering hole attack
26
What method involves sending fraudulent payment requests to trick victims into entering credentials?
Invoice scam
26
Which form of cyberattack is commonly used in cyberwarfare and psychological operations?
Influence campaigns
26
Which type of malicious software attaches itself to other programs and often requires user interaction to activate?
A virus
27
Which type of malware can replicate itself and spread without needing a host program or user interaction?
A Worm
27
How does a Trojan horse differ from a virus or worm?
It does not self replicate, it disguises as legitimate software
27
Which Malware triggered by a specific event, such as a date or database entry, activates destructive code?
A logic bomb
27
What is the goal of a typo squatting attack?
To collect personal or financial information from the user
28
What is a common delivery method for ransomware?
Phishing email
28
What are two main methods used in DoS attacks?
Overwhelming traffic and maliciously formatted packets
29
An attack that inserts false data into a DNS resolver’s cache, redirecting traffic to malicious servers.
DNS spoofing / DNS cache poisoning
29
What attack happens When an attacker gains control of a target’s DNS information and makes unauthorized changes?
domain hijacking
30
What public record is often exploited during domain hijacking?
WHOIS record
30
What attack occurs by Redirecting a user from a legitimate page to a malicious one?
URL redirection
31
Which attack Links the attacker’s MAC address to the IP address of a legitimate device on the network?
ARP spoofing
32
Which attack Disguises a device’s MAC address to bypass authentication?
MAC address spoofing
32
What is another name for a Man-in-the-Middle (MitM) attack?
An On-path attack
33
Which infamous worm infected over 300,000 servers in under 19 hours in 2001?
Code red
34
Which type of attack involves an attacker secretly intercepting and altering communication between two parties?
Man-in-the-Middle (MitM) attack
34
Which malware package is known for Man-in-the-Mobile (MitMo) capabilities?
ZeuS
34
What virus released in 1999 caused around $1.2 billion in damage by spreading via email?
Melissa virus
34
Which attack takes control of a mobile device to steal sensitive user information?
Man-in-the-Mobile (MitMo) attack
35
What is the primary function of ZeuS in a MitMo attack?
Captures two-step verification SMS messages
35
Which attack exploits a software vulnerability before it is known or patched by the vendor?
A zero-day attack
36
What type of software can help detect and remove keyloggers?
Anti-spyware suites
36
When is a system most vulnerable to a zero-day attack?
The zero hour
37
Which type of software behaves undesirably without being explicitly malicious, often tracking users or delivering ads without their full awareness?
Grayware
38
Which mobile-based phishing tactic tricks users via fake text messages prompting them to visit malicious sites or call fake numbers?
SMiShing (Short Message Service Phishing)
39
Which unauthorized device installed on a secure network allows attackers to bypass security and capture sensitive login data?
Rogue Access Point
39
Which attack involves spoofing a MAC address and sending deauthentication data to disconnect users from a real wireless access point?
Rogue access point deauthentication attack
39
Which attack makes a rogue access point appear stronger or more reliable than the legitimate one to trick users into connecting?
Evil twin attack
39
Which type of interference-based attack deliberately disrupts wireless signals using matching frequency, power, and modulation?
Radio Frequency Jamming
40
Which Bluetooth-based attack sends unauthorized messages or images to nearby devices?
Bluejacking
40
Which Bluetooth-based attack copies data such as contacts and emails from a target device?
Bluesnarfing
41
Which obsolete wireless security protocol used static keys and had no key management, making it vulnerable to eavesdropping?
WEP (Wired Equivalent Privacy)
42
Which security protocols replaced WEP to provide improved encryption and authentication for WLANs?
WPA2 (Wi-Fi Protected Access)
43
Which tool is used to detect unauthorized wireless workstations or rogue access points within a WLAN?
NetStumbler
44
Which web-based attack works by injecting malicious scripts into a website that then run in a victim’s browser to steal session tokens or impersonate them?
Cross-Site Scripting (XSS)
44
Which type of injection attack corrupts XML data by interfering with how the application processes input or queries, granting attackers database access?
XML Injection
44
Which injection attack uses malicious SQL statements in input fields to access or modify database contents or escalate privileges?
SQL Injection
45
Which type of attack tricks an application into executing a malicious dynamic link library file as part of its legitimate process?
DLL Injection
45
Which injection technique targets directory services by submitting malicious LDAP queries through unsanitized input fields?
LDAP Injection
46
Which memory-based vulnerability allows an attacker to write beyond a buffer’s boundary, potentially crashing the system or gaining elevated access?
Buffer Overflow
46
Which attack allows remote execution of code on a target device by exploiting software vulnerabilities?
Remote Code Execution (RCE)
47
Which security project provides a framework for testing and exploiting remote systems, including modules like Meterpreter?
The Metasploit Project
47
Which Metasploit payload loads into memory and allows attackers to run extensions, evade antivirus, and even control webcams?
Meterpreter
47
Which attack exploits a user’s browser to submit unauthorized commands to a trusted web application, often via hidden forms or JavaScript?
Cross-Site Request Forgery (CSRF)
47
Which attack exploits a system by executing concurrent operations out of order, leading to data corruption or race conditions?
Race Condition Attack / Time of Check / Time of Use
48
Which kind of attack results from failing to validate user input, leading to vulnerabilities like buffer overflow or SQL injection?
Improper input handling
49
Which attack extracts system information from unfiltered error messages to plan further exploits like SQL injection?
Error Handling Attack
50
Which attack captures and resends valid data transmissions to trick systems into unauthorized actions?
Replay Attack
51
Which type of attack exploits weaknesses in application programming interfaces to abuse endpoints and gain unauthorized access?
API Attack
51
Which phishing technique targets a specific individual using personalized messages based on the victim’s known interests, behaviors, or affiliations?
Spear phishing
52
Which physical technique involves reading and cloning data from a victim’s bank card using specialized hardware?
Card skimming
52
Which type of phishing attack targets high-profile individuals like executives or public figures to gain access to sensitive organizational data?
Whaling
52
Which attack allows access to files outside the intended web directory, exposing configurations or compromising the server?
Directory Traversal Attack
52
Which attack overwhelms system hardware resources (e.g. CPU, memory) rather than network bandwidth, to crash or freeze a system?
Resource Exhaustion Attack
52
Which type of phishing redirects victims to a fake website designed to mimic a legitimate one in order to capture user credentials?
Pharming
52
Which term refers to unsolicited emails, often carrying malware or phishing links, and consuming bandwidth even with filters?
Spam
52
Which attack involves impersonating legitimate callers using VoIP to extract private information such as credit card details from victims over the phone?
Vishing (Voice Phishing)
53
Which type of social engineering attack tricks victims into revealing confidential data or installing malware by impersonating a trusted source via email or messaging?
Phishing
53
Which international organization helps combat phishing, email spoofing, and identity theft through shared intelligence and collaboration?
Anti-Phishing Working Group (APWG)
53
Which proactive step should be taken before opening any attachment, even if the email is from a trusted contact?
Scan all attachments to ensure they are safe before opening
54
Which type of attack involves connecting a pre-infected USB flash drive to a device in order to spread malware?
Physical attack using USB malware injection
54
Which attack manipulates the input data of machine learning models to distort their predictions or mislead automated systems?
Adversarial artificial intelligence attack
55
Which threat targets external vendors or service providers to infiltrate a primary organization through indirect access?
Supply chain attack
