Security Fundamentals Flashcards
Define vulnerability
Any potential weakness that can compromise a system
Define exploit
Something that can potentially be used to exploit a vulnerability
Define threat
The potential of a vulnerability to be exploited
A hacker exploiting a vulnerability in your system is a threat
Define mitigation technique
Something that can protect against threats
These should be implemented everywhere a vulnerability can be exploited
A DoS attack threatens what aspect of a system
Availability
A DoS attack floods a system to the extent that regular traffic can’t get through
A single DoS attack is usually not done, and instead a _____ is used
DDoS
Distributed Denial of Service
Briefly describe a DDoS attack and how it is different from a DoS attack
DDoS uses many machines (botnet) to send SYN messages to a single target, so that it is harder for the target to block the attack after it is detected or traced back.
DoS attacks use only one attacking machine typically
A spoofing attack is when:
A fake source address is used in an attack.
An example is a DHCP exhaustion attack. The attacker uses spoofed MAC addresses to flood DHCP discover messages. The target server’s DHCP pool becomes full, resulting in a DoS to other devices.
Not all spoofing attacks are also DoS attacks, but a DHCP exhaustion attack is.
Describe a reflection attack
The attacker sends traffic to a reflector, and spoofs the source address of its packets using the target’s IP address. The reflector sends the reply to the target’s IP address. Can result in a DoS.
Describe an amplification attack
A reflection attack becomes an amplification attack when the amount of traffic sent by the attacker is small, but it triggers a large amount of traffic to be send from the reflector to the target.
Describe a man-in-the-middle attack
When an attacker places himself between the source and destination to eavesdrop on communications, or to modify traffic before it reaches its destination.
An example is ARP spoofing/poisoning, where an attacker uses ARP to make the target believe the attacker’s MAC address corresponds to a legitimate IP address
ARP Spoofing/Poisoning is what type of attack:
Man-in-the-middle
Describe a reconnaissance attack
Not strictly an attack itself, but used to gather information about a target which can be used for a future attack.
This is often public information. For example, using WHOIS queries to tailor a social engineering attack
Describe malware
A variety of harmful programs that can infect a computer.
Describe a virus
Infects other software (a host program). The virus spreads as the host software is shared by users. Typically corrupts or modifies files on the target computer.
Describe a worm
Doesn’t require a host program, a standalone piece of malware able to spread on its own and without user interaction. Spread of worms can congest a network, but the payload of a worm can cause additional harm to target devices
Describe a trojan horse
Harmful software disguised as legitimate software. Spread through user interaction such as opening email attachments or downloading a file from the internet.
Describe a social engineering attack
An attack designed to manipulate people into allowing an attacker to compromise a system. Phishing, spear phishing, whaling, Vishing, Smishing.
Describe a watering hole attack
Compromising a site that the victim frequently visits.
Describe a password related attack
Attempting to guess a target’s password, usually via either dictionary attacks (common words) or brute force
AAA stands for
Authentication, Authorization, Accounting
Authentication is:
Process of verifying a user’s identity
Authorization is:
Process of compartmentalizing access. Granting access to appropriate areas of system, denying it to others
Accounting is:
Process of recording user’s activities on the system. I.E. logging when a user makes a change to a file
