Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
95 Cards in this Set
- Front
- Back
What is a person or element that has the power to carry out a threat?
|
Threat agent
|
|
What is a flaw or weakness that allows a threat agent to bypass security?
|
Vulnerability
|
|
What is the likelihood that the threat agent will exploit the vulnerability?
|
Risk
|
|
What term is frequently used to describe the tasks of securing information that is in a digital format?
|
Information security
|
|
What are some of the challenges of securing information?
|
Universally connected devices
Increased speed of attacks Greater sophistication of attacks Availability and simplicity of attack tools Faster detection of vulnerabilities Delays in patching Weak patch distribution Distributed attacks User confusion |
|
What are the 3 types of information security?
|
CIA
Confidentiality Integrity Availability |
|
What are 3 types of protections implemented to secure information?
|
AAA
Authentication Authorization Accounting |
|
What are the options that you have associated with risk?
|
Accept the risk
Diminish the risk Transfer the risk |
|
The goals of information security include what?
|
Preventing data theft
thwarting identity theft avoiding legal consequences of unsecure information maintaining productivity foiling cyberterrorism |
|
What legislative act is an attempt to fight corporate corruption by reporting requirements and internal controls on electronic financial reporting systems?
|
Sarbanes-Oxley Act
|
|
What legislative act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?
|
Gramm-Leach-Bliley Act
|
|
What legislative act requires businesses to inform California residents within 48 hours if a breach of personal information has or is believed to have occurred?
|
California's Database security breach notification act
|
|
What term describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents?
|
Cyberterrorism
|
|
What term refers to a person who uses advanced computer skills to attack computers?
|
Hacker aka attacker
|
|
What term refers to individuals who want to break into computers to create damage but lack the advanced knowledge of computers and networks needed to do so and use downloaded automated attack software?
|
Script kiddies
|
|
What term refers to a person who has been hired to break into a computer and steal information without drawing attention to their actions?
|
Spy
|
|
What term describes employees, contractors, and business partners of an organization that attempt to attack information?
|
Insiders
|
|
What is a network of attackers, identity thieves, spammers, and financial fraudsters that exploit vulnerabilities to steal information or launch attacks that can generate income?
|
Cybercriminals
|
|
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is known as what?
|
Cybercrime
|
|
What term describes ideology motivated attacks to spread propaganda, deny service to legitimate computer users, and commit unauthorized intrusions into systems and networks that result in critical infrastructure outages?
|
Cyberterrorists
|
|
What are the steps that make up an attack?
|
1. Probe for information
2. Penetrate any defenses 3. Modify security settings 4. Circulate to other systems 5. Paralyze networks and devices |
|
What are the fundamental defenses against attacks?
|
Layering
Limiting Diversity Obscurity Simplicity |
|
CHAPTER 2********************
|
CHAPTER 2******************************
|
|
What is software that enters a computer system without the user's knowledge or consent and then performs an unwanted, and usually harmful, action?
|
Malware
|
|
What are two types of malware that have the primary objective of spreading?
|
Viruses
Worms |
|
What is a malicious computer code that reproduces itself on the same computer?
|
Virus
|
|
What is a malicious program designed to take advantage of a vulnerability in an application or an operating system in order to enter a computer and then searches for another computer with the same vulnerability?
|
Worm
|
|
What kind of virus infects a programs executable file?
|
Program virus
|
|
What kind of virus is written in a script with a series of instructions that can be grouped together as a single command?
|
Macro virus
|
|
What kind of virus infects the master boot record of a hard disk?
|
Boot virus
|
|
What kind of virus adds a program to the operating system that is a malicious copycat version to a legitimate program?
|
Companion virus
|
|
What kind of malware uses a network to send copies of itself to other devices?
|
Worms
|
|
What is an executable program advertised as performing one activity, but actually does something else?
|
Trojan
|
|
What is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software by hiding or removing traces of log0in records, log entries, and related processes to change the operating system to force or ignore any malicious activity?
|
Rootkits
|
|
What is the only foolproof way to remove a rootkit infection?
|
Reformat the hard drive
|
|
What is a computer code that lies dormant until it is triggered by a specific logical event, once triggered it can perform any number of malicious activities?
|
Logic bomb
|
|
Are logic bombs easy, or difficult to detect before they are activated?
|
difficult
|
|
What is software code that gives access to a program or service that circumvents any normal security protections?
|
Backdoor
|
|
What kinds of malware are designed to profit attackers?
|
Botnets
Spyware Adware Keyloggers |
|
What is created when multiple computers are infected and remotely controlled by the attacker that turn the hosts into zombies and the user is completely unaware?
|
Botnet
|
|
Early botnets used what to remotely control zombies?
|
Internet Relay Chat (IRC)
|
|
What protocol is now widely used to remotely control botnet zombies?
|
HTTP
|
|
T or F, botnets are recognized as the primary source of sending spam e-mail?
|
True
|
|
What are some of the advantages of botnets from an attackers view point?
|
Operate in background
Conceal actions of attacker Remain active for years Large number of zombies are accessible at a given time |
|
What type of attacks are botnets capable of performing?
|
Spamming
Spreading malware Attacking IRC networks Manipulating online polls Denial of service |
|
What term describes software that spies on users by gathering information without consent, thus violating their privacy?
|
Spyware
|
|
What are some of the negative consequences of spyware?
|
Slow performance
System instability Instal new browser menus or toolbars Instal new shortcuts Hijack homepage Increased pop-ups |
|
What is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user such as banners, pop-ups, or opens new web browsers intermittently?
|
Adware
|
|
Downsides of adware for users include what?
|
Display objectionable content
Lost productivity from pop-ups Slow system performance |
|
What type of program captures and stores each keystroke that a user types on the computer's keyboard which can be later retrieved by the attacker?
|
Keylogger
|
|
What type of attack involves relying on the weakness of individuals?
|
Social engineering attack
|
|
What kind of social engineering attack is sending an email or displaying a web announcment that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information?
|
Phishing
|
|
What variation of phishing automatically redirects the user to a fake site?
|
Pharming
|
|
What variation of phishing involves targeting only a specific user?
|
Spear phishing
|
|
What variation of phishing is where an attacker calls a victim, who upon answering, hears a recorded message that pretends to be from the user's bank?
|
Vishing
|
|
What is unsolicited email?
|
Spam
|
|
Spam that targets instant messaging users instead of email users is known as what?
|
Spim
|
|
One of the primary vehicles for distributing malware is what?
|
Spam
|
|
CHAPTER 3***********
|
CHAPTER 3**********************
|
|
What is an attack that targets applications by exploiting previously unknown vulnerabilities so victims have no time to prepare or defend against the attacks?
|
Zero day attacks
|
|
What are the 2 approaches to securing web applications?
|
Hardening the Web server
Protecting the network |
|
What are some common Web application attacks?
|
Cross-site scripting (XSS)
SQL injection XML injection Command injection |
|
What type of application attack injects scripts into a Web application server that will then direct attacks at clients, it doesn't attack the server but uses it as a platform to launch attacks from?
|
Cross-site scripting
|
|
What are the 2 requirements of the targeted web site needed to perform an XXS attack?
|
Accepts user input without validation
Uses input in a response without encoding it |
|
What application attack targets SQL servers by injecting commands used to manipulate data stored in relational databases?
|
SQL injection
|
|
What type of application attack is similar to SQL injection but uses XML instead?
|
XML injection
|
|
XML injection uses ___________________ inection
|
XPath
|
|
___________ directory is a specific directory on a Web server's file system that users are typically restricted to using and can only access directories directly below
|
Root
|
|
What command can be used to enter text-based commands in windows based root directories?
|
Cmd.exe
|
|
What linux command can be used to access user account information in the root directory?
|
passwd
|
|
What kind of attack takes advantage of vulnerability in the Web application program or the Web server software that a user can move from the root directory to other restricted directories?
|
Directory traversal
|
|
Directory traversal could enable an attacker to gain access to confidential files or even enter ________________ which executes commands on a server.
|
Command injection
|
|
________________ attacks targets vulnerabilities in client applications that interact with a compromised server or process malicious data. In this case the client initiates the connection with the server that could result in an attack.
|
Client side
|
|
What kind of client side attacks generate a zero pixel frame to avoid visual detection and embeds an html document inside the main document?
|
Drive-by download
|
|
Changing a web page header is a form of what kind of attack?
|
HTTP header manipulation
|
|
User-specific information from previously visited web pages that are stored on the local computer are know as what?
|
cookies
|
|
T or F, once a cookie is created on your computer, then only the Web site that created the cookie can read it.
|
True
|
|
This kind of cookie is created from the web site that a user is currently viewing.
|
First-party cookie
|
|
This kind of cookie comes from advertisements on the site that record the users preferences to tailor advertising.
|
Third-party cookie
|
|
This kind of cookie is stored in RAM and only lasts for the duration of visiting a Web site and expires when the browser is closed or the user has not interacted with the site in a given period of time.
|
Session cookie
|
|
This kind of cookie is recorded on the hard drive of the computer and does not expire when the browser closes.
|
Persistent cookie
|
|
This kind of cookie is only used when a browser is visiting a server using an encrypted connection.
|
Secure cookie
|
|
This kind of cookie is named after an Adobe app, can be very large (100,000 bytes), saved in multiple locations on the hard drive, and cannot be deleted through a browsers normal configuration settings.
|
Flash cookie
|
|
What are the security risks related to cookies?
|
May be stolen and used to impersonate user
Used to tailor advertising Can be exploited by attackers |
|
What is an attack which an attacker attempts to impersonate the user by using his session token cookie or attempting to guess it, and purchase goods online with it?
|
Session hijacking
|
|
What are programs that provide additional functionality to Web browsers by providing multimedia or interactive Web content?
|
Add-ons
|
|
What kind of attack is when a process attempts to store data in RAM beyond boundaries of fixed-length storage and overflows into adjacent memory locations that may cause the computer to stop functioning or redirect to memory address containing malware code?
|
Buffer overflow
|
|
What type of attack attempts to prevent a system from performing its normal functions?
|
DoS
|
|
What type of DoS attack uses ICMP ping to send a large number of echo requests to the victim to overwhelm it?
|
Ping flood attack
|
|
What type of DoS attack uses a ping request to all computers but spoofs the address of the target computer to which all the network hosts reply thereby overwhelming the target machine?
|
Smurf attack
|
|
What type of DoS attack takes advantage of TCP/IP procedures for establishing a connection with hosts that do not exist and hang the server up waiting for aknowledgements?
|
SYN flood attack
|
|
What type of DoS attack uses zombie hosts to execute a SYN flood attack?
|
Distributed denial of service
|
|
Intercepting legit communication and forging a fictitious response to the sender is what kind of an attack?
|
Man-in-the-Middle
|
|
What kind of attack is similar to a man-in-the-middle attack except the attacker makes a copy of the transmission and uses it at a later time?
|
Replay attack
|
|
An attacker modifies the MAC address in the ARP cache to point to a different computer. This is what kind of an attack?
|
ARP poisoning
|