Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
35 Cards in this Set
- Front
- Back
|
What is Privilege Escalation?
|
The theft of privileges or access to resources that a user is not authorized to possess.
|
|
|
What are viruses?
|
Programs that are designed to spread from one system to another thorough self-replication and to perform any of a wide range of malicious activities. Require a host to infect.
|
|
|
What are Worms?
|
Designed to exploit a single flaw in a system and then use that hole to replicate itself to other systems with the same flaw. Do not require host to infect.
|
|
|
What are Trojan Horses?
|
Form of malicious software that is disguised as something useful or legitimate.
|
|
|
What are Spyware and Adware?
|
Usually unwanted software that gathers information without authorization. Spyware uses it to target advertisements or steal identities. Adware uses it to direct advertisements.
|
|
|
What are Armored Viruses?
|
Designed to be difficult to detect and analyze.
|
|
|
What are Boot sector viruses?
|
Attach themselves to the boot sector of the hard drive
|
|
|
What are Companion viruses?
|
Attaches themselves to a legitimate program and then creates a program with different file extension. When you try to run the original program, the companion program launches.
|
|
|
What are Macro viruses?
|
Live in documents and emails and exploit scripting capabilities.
|
|
|
What are Multipartite viruses?
|
Attacks your system in multiple ways. Boot sector and executables and destroys application files.
|
|
|
What are Phage viruses?
|
Modify and alter other programs and databases.
|
|
|
What are Polymorphic viruses?
|
Alter its own code in order to avoid being detected.
|
|
|
What are Retroviruses?
|
Attacks or bypasses antivirus software. Anti-antivirus.
|
|
|
What are Stealth viruses?
|
Attempts to avoid detection by masking itself from applications. Attach selves to boot sector.
|
|
|
What are Rootkits?
|
A type of malicious code that fools the OS into thinking that active processes and files don't exist. Rootkits render compromised systems completely untrustworthy.
|
|
|
What is a Botnet?
|
A network of robots or malicious software agents controlled by a hacker in order to launch massive attacks against targets.
|
|
|
What are Logic Bombs?
|
Programs or snippets of code that execute when predefined event occurs.
|
|
|
What are the security risks associated with BIOS?
|
- If attacks can alter BIOS and CMOS, they may be able to bypass security features.
- Avoid by controlling physical access and using strong malware protection |
|
|
What are the security risks associated with USB Devices?
|
- Can be used to bring malicious code or leak information
- Only protection is to fully disallow USB devices |
|
|
What are the security risks associated with Cell Phones?
|
- Can interact with internet and corporate network
- Targets of hackers and malicious code - Eavesdropping |
|
|
What are the security risks associated with Network Attached Storage?
|
- Storage system connected to LAN.
- Don't always offer strong security such as authentication and authorization |
|
|
What are Hotfixes?
|
Hotfixes are used during normal operations even though may require reboot. Install only if you are having problems.
|
|
|
What are Service Packs?
|
Service packs and support packs are comprehensive set of fixes consolidated into a single product. More thoroughly tested than hotfixes, and should be installed
|
|
|
What are Patches?
|
Patches are temporary quick fix to a problem. Corrects programming flaws and security vulnerabilities. More tested than hotfixes.
|
|
|
What are Group Policies?
|
Group Policies create restrictions that apply to workstations when users authenticate. Those are applied to the registry. Use security templates. New security requirements can be quickly distributed
|
|
|
What are security baselines (or configuration baselines)?
|
Used to maintain a hardened system
Standardized minimum level of security that all systems in the org must comply with Is defined by the organizations security policy |
|
|
Describe ActiveX vulnerabilities
|
Mobile code that runs on client. Uses current users security privileges.
Uses Authenticode for security which is a certificate technology. ActiveX components are saved to the desktop and can be run again later |
|
|
Describe CGI vulnerabilities
|
Run on web server and interact with client browser.
All folders must have execute rights. Can leak information about server. May execute commands on server. |
|
|
Describe Java applet vulnerabilities
|
Small self contained java script that is downloaded from server and runs from browser.
Run on the client but does not use current users security privileges. Run in restricted area of memory called the sandbox. It is considered safe in the sandbox. Errors can allow the aps to run outside the sandbox. Ability to execute instructions Resource Monopolization Unexpected Redirection |
|
|
Describe SMPT Relay vulnerabilities
|
Feature designed into many email servers. Allows them to forward email to other email servers. Has helped generate a great deal of spam. “Open relays” can be used to send ads and other messages.
|
|
|
What is Buffer overflow?
|
When hacker can input more data into the buffer than can be handled. Can cause system crashes, corrupt data, user privilege escalation, etc.
|
|
|
What is Host Based Intrusion Detection (HIDS)?
|
A security application designed to monitor a local computer. Anti virus and anti spyware are examples of HIDs.
Designed to run as software on a host computer system. Examine machine logs, system events and applications interactions. Don’t normally monitor network traffic on the host. If system is compromised, the log files may become corrupt or inaccurate. Must be deployed on each system that needs it. |
|
|
What is S/MIME?
|
The internet standard for encrypting and digitally signing email. Uses RSA.
|
|
|
What is PGP used for?
|
To encrypt and digitally sign email messages. It uses RSA and Diffie-Hellman.
|
|
|
What vulnerabilities are associated with Java scripts?
|
Allow file access, cache acces, file upload and email exposure.
|
