Shared Flashcard Set

Details

Security+ SY0-501 9 Threats, Attacks
Security+ SY0-501 Threats, Attacks
37
Other
Not Applicable
07/27/2018

Additional Other Flashcards

 


 

Cards

Term
Armored Virus
Definition
The virus is designed to make itself difficult to detect or analyze. Those viruses cover themselves with protective code that stops debuggers or disassemblers
from examining critical elements of the virus.
Term
Companion Virus
Definition
This virus attaches itself to legitimate programs and then creates a program with a different filename extension.
Term
Macro Virus
Definition
This virus exploits the enhancements made to many application programs that are used by programmers to expand the capability of applications
Term
Multipartite Virus
Definition
virus attacks your system in multiple ways. It may attempt to infect your boot sector, infect all of your executable files, and destroy your application files.
Term
Phage Virus
Definition
This virus modifies and alters other programs and databases. The virus
infects all of these files. The only way to remove this virus is to reinstall the programs that are infected.
Term
Polymorphic Virus
Definition
viruses and malware of any type—though
viruses are the only ones truly prevalent—change form in order to avoid detection. These types of viruses attack your system, display a message on your computer, and delete files on
your system.
Term
Retrovirus
Definition
this virus attacks or bypasses the antivirus software installed on a computer, considered to be an anti-antivirus, can directly attack your
antivirus software and potentially destroy your virus definition database file.
Term
Stealth Virus
Definition
This virus attempts to avoid detection by masking itself from applications.
It may attach itself to the boot sector of the hard drive. When a system utility or program runs, this virus redirects commands around itself in order to avoid detection.
Term
malware
Definition
This term is used to refer to software that does harm—intentionally (such as a
virus) or unintentionally (such as poorly written code).
Term
software exploitation
Definition
This term refers to attacks launched against applications and higher-level services.
Term
Ransomware
Definition
software—often delivered through a Trojan, takes control of a system and demands that a third party be paid.
Term
Worm
Definition
It functions as a stand-alone piece of software in that it can spread without intervention by another program (or human), and it focuses on spreading
Term
Trojan
Definition
is a program that enters a system or network under the guise of another program, may be included as an attachment or as part of an installation program. The Trojan horse could create a backdoor or replace a valid program
during installation.
Term
Rootkits
Definition
the software exploitation program du jour, programs that have the ability to hide certain things from the operating
system. is able to do this by manipulating function calls to the operating system and filtering out information
that would normally appear. Theoretically, could hide anywhere that there is enough memory to reside: video cards, PCI cards, and the like.
Term
Keylogger
Definition
it is a piece of software that records keystrokes pressed into a log file
and then allows that log file to be viewed so that passwords and other sensitive data can be seen.
Term
Adware
Definition
the malware application is to deliver ads
Term
Spyware
Definition
Often, it is gathering information about the user to pass on to marketers, or intercepting personal data such as credit card numbers, it almost always exists to provide commercial gain.
Term
Bots / zombie
Definition
form of software that runs automatically and autonomously.
Term
remote administration tool (RAT)
Definition
it is one that, as the name implies, allows a
remote user to access the system for the purpose of administering it.
Term
Buffer overflows
Definition
This attack occurs when an application receives more data than it’s programmed to accept.
Term
SQL injection attack (also known as a SQL insertion attack )
Definition
an attacker manipulates the database code to take advantage of a weakness in it.
Term
LDAP injection attack
Definition
attack exploits weaknesses in LDAP (Lightweight Directory Access Protocol) implementations.
Term
traversal attack
Definition
an attacker is able to gain access to restricted directories (such as the root directory) through HTTP
Term
cross-site scripting (XSS)
Definition
Using a client-side scripting language, it is possible for an attacker to trick a user who visits the site into having code execute locally
Term
Cross-site request forgery (XSRF)
Definition
session riding, and one-click attack—
involves unauthorized commands coming from a trusted user to the website. This is often
done without the user’s knowledge, and it employs some type of social networking to pull it off.
Term
Privilege escalation
Definition
it involves a user gaining more privileges than they should have
Term
ARP poisoning (also known as ARP spoofing )
Definition
the MAC (Media Access Control)
address of the data is faked. By faking this value, it is possible to make it look as if the data
came from a network that it did not. This fake address can be used to gain access to the network, to fool the router
Term
Amplification attacks
Definition
it is usually employed as a part of a DDoS attack. The ratio achieved is known as the * factor , and high numbers are possible with UDPbased protocols such as NTP, CharGen, and DNS.
Term
DNS poisoning (DNS spoofing)
Definition
the DNS server is given information about a name server that it thinks is legitimate when it isn’t. fast flux is one of the most popular techniques.
Term
domain hijacking
Definition
it involves an individual changing the domain registration information for a site without the original registrant’s permission
Term
pass-the-hash attack
Definition
Due to a weakness in NTLM and LanMan, it is possible for an attacker to send an authenticated
copy of the password hash value (along with a valid username) and authenticate to
any remote server (Windows, Unix, or any other operating system) that is accepting LM or NTLM authentication
Term
hijacking
Definition
Whenever someone takes over an entity other than the responsible party
Term
session hijacking
Definition
The term describes when the item used to validate a user’s session, such
as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party.
Term
Typo squatting
Definition
this is the act of registering domains that are similar to
those for a known entity but based on a misspelling or typographical error.
Term
shimming and refactoring
Definition
Within an operating system or application, one way to inflict harm is to change the data
with which the driver is working. This manipulation causes the driver(s) to be bypassed
altogether or to do what it was programmed to do—just not with the values that it should be receiving.
Term
shim
Definition
it s a small library that is created to intercept API calls transparently and do one of three things: handle the operation itself, change the arguments passed, or redirect the request elsewhere.
Term
Refactoring
Definition
it is the name given to a set of techniques used to identify the flow and then modify the internal structure of code without changing the code’s visible behavior.
Supporting users have an ad free experience!