• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/13

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

13 Cards in this Set

  • Front
  • Back

What is Social Engineering?

A hacker trying to trick an employee into compromising security through social contact such as a phone call or e-mail message.

Six types of social engineering attacks are?
  1. Impersonation (Session Highjacking)
  2. Phishing
  3. Shoulder Surfing or Dumpster Diving
  4. Tailgating
  5. Hoaxes
  6. Whaling and Vishing

Reasons why Social engineering is effective.
  1. Authority
  2. Intimidation
  3. Consensus/Social Proof
  4. Scarcity
  5. Urgency
  6. Familiarity
  7. Trust

Name four types of Network Attacks?
  1. Denial of Service (DoS): Overloading the system
  2. Distributed (DDoS): Uses systems i.e. smurf
  3. Spoofing: Fakes IP, MAC, E-mail to fool user
  4. Eavesdropping: sniffs packets for viewing
  5. Man-in-the-Middle: Inserts self between 2 systems (MiTM)

Name three types of Spoofing packets?
  1. Nemesis: Linux Spoofs ARP and TCP packets
  2. Hping2: Linux Spoofs creates ping packets
  3. Macchanger: Linux Spoofs MAC addresses

Two Types of Poisoning are?
  1. DNS is when the DNS Servers entries names point to incorrect IP addresses. The locale DNS cache is also corrupted so that the client receives incorrect IPs. (Pharming)
  2. ARP IP->MAC stores in memory ARP cache. The default Gateway IP is stored there and can be highjacked a.k.a. MiTM

The LMhost file is used to?

Resolve NetBIOS names to IP addresses.

What is Spoofing?

A spoof attack is when hacker modifies the source address of the packet. IPs, Macs, and email address can be spoofed.

Name two methods to prevent ARP poisoning?
  1. Static ARP entries
  2. Physical Security

Name one methods to prevent DNS poisoning?

Patching

What is Domain kiting?

Hacker uses the five day grace period over and over again without paying.

What is Cross Scripting (XSS)?

Inserting script code into a web page of that processes are re-directed to the hackers page.

What is the difference between Blue-jacking and Blue-snarfing?

Blue-jacking is text message and Blue-snarfing uses blue tooth devices.