Threats, Attacks & Vulnerabilities . Flashcards Preview

CompTIA Sec+ SY0-501 > Threats, Attacks & Vulnerabilities . > Flashcards

Flashcards in Threats, Attacks & Vulnerabilities . Deck (50)
Loading flashcards...
1

Malware comes in many different forms (T/F) ?

True!

2

What are the major malware types?

- Virus
- Worm
- Trojan Horse
- Remote Access Trojan
- Adware
- Spyware
- Ransomware
- Logic Bomb
- Rootkit
- Back Door

3

This Malware Type...

Spreads between systems based upon some user action.

Virus

4

This Malware Type...

Spreads between systems by exploiting vulnerabilities; no user action required.

Worm

5

This Malware Type...

Masquerades as desirable software to trick user into installing it.

Trojan Horse

6

This Malware Type...

Trojan horse that allows an attacker to gain remote access to a system.

Remote Access Trojan

7

This Malware Type...

Displays advertisements on the user’s system to generate ad revenue.

Adware

8

This Malware Type...

Monitors user activity, such as keystrokes and web visits.

Spyware

9

This Malware Type...

Encrypts user files and demands a ransom before releasing the key.

Ransomware

10

This Malware Type...

Encrypts user files and demands a ransom before releasing the key.

Ransomware

11

This Malware Type...

Waits until certain conditions are met before triggering a malicious action.

Logic Bomb

12

This Malware Type...

Elevated privileges of a normal user to gain administrative rights.

Rootkit

13

This Malware Type...

Provides an unauthorized mechanism for accessing a system.

Backdoor

14

_________ engineering attacks manipulate individuals to gain _________ access or information.

- Social
- Unauthorized

15

What are the different social engineering attack types?

- Phishing
- Spear Phishing
- Whaling
- Tailgating
- Dumpster Diving
- Shoulder Surfing
- Watering Hole

16

This Attack Type...

Solicits information via email.

Phishing

17

This Attack Type...

Solicits information via highly targeted email designed for one person.

Spear Phishing

18

This Attack Type...

Targets high value individuals, such as senior executives.

Whaling

19

This Attack Type...

Accessed a building by having someone hold the door open.

Tailgating

20

This Attack Type...

Discovers sensitive information discovered in the trash.

Dumpster Diving

21

This Attack Type...

Monitors user activity by watching them as they enter/read information.

Shoulder Surfing

22

This Attack Type...

Places malware on a site where users are known to congregate.

Watering Hole

23

What are the seven main mechanisms that social engineering attacks exploit?

- Authority
- Intimidation
- Consensus
- Scarcity
- Familiarity
- Trust
- Urgency

24

_________ kiddies are generally ______-skilled attackers seeking a quick thrill.

- Script
- Low

25

What are Advanced Persistent Threats (APTs)?

Extremely sophisticated attackers often sponsored by government agencies.

26

________ ________ ________ uses tools like nmap to check for active systems and open ports.

Network Discovery Scanning

27

What are the 4 common scanning techniques?

• TCP SYN
• TCP Connect
• TCP ACK
• Xmas

28

This Type of Scanning Technique...

Scans send a single packet with the SYN flag set.

TCP SYN

29

This Type of Scanning Technique...

Scans attempt to complete the three way handshake.

TCP Connect

30

This Type of Scanning Technique...

Scans seek to impersonate an established connection.

TCP ACK