13979324
Description
Flashcards by Tyler Hampton, updated more than 1 year ago
|
Created by Tyler Hampton
almost 6 years ago
|
|
| Question | Answer |
| What is a Man-in-the-Middle attack? | An attack that occurs when someone/something that is trusted intercepts packets and re-transmits them to another party. Man-in-the-middle attacks have also been called TCP/IP hijacking in the past |
| What is a DoS attack? | Denial-of-Service. A type of attack that prevents any users—even legitimate one— from using a system. |
| What is a DDoS attack? | Distributed Denial-of-Service. A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public. This can be accomplished through the use of compromised systems, botnets, etc. |
| What is a Replay attack? | An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection. |
| What is a Smurf attack? | An attack in which large volumes of ICMP echo requests (pings) are broadcast to all other machines on the network and in which the source address of the broadcast system has been spoofed to appear as though it came from the target computer. When all of the machines that received the broadcast respond, they flood the target with more data than it can handle. |
| What is Spoofing? | An attempt by someone or something to masquerade as someone/something else. |
| What is Spam? | Unwanted, unsolicited email sent in bulk. |
| What is a Phishing attack? | A form of social engineering in which you simply ask someone for a piece of information that you are missing by making it look as if it is a legitimate request. Commonly sent via email. |
| What is Vishing (really?)? | Combining phishing with Voice over IP (VoIP). |
| What is a Spear Phishing? | A form of phishing in which the message is made to look as if it came from someone you know and trust as opposed to an informal third party. |
| What is an Xmas attack? | An advanced attack that tries to get around detection and send a packet with every single option enabled. |
| What is Pharming? | A form of redirection in which traffic intended for one host is sent to another. |
| What is Privilege Escalation? | The result when a user obtains access to a resource they wouldn’t normally be able to access. |
| What is a Malicious Insider Threat? | A threat from someone inside the organization intent on doing harm. |
| What is DNS Poisoning? | An attack method in which a daemon caches DNS reply packets, which sometimes contain other information (data used to fill the packets). The extra data can be scanned for information useful in a break-in or man-in-the-middle attack. |
| What is Transitive Access? | A form of trust relationship often used between domains. |
| What is a Brute Force password attack? | A type of attack that relies purely on trial and error and tries all possible combinations. |
| What is a Dictionary password attack? | The act of attempting to crack passwords by testing them against a list of dictionary words. |
| What is a Hybrid password attack? | A password attack that uses a combination of dictionary entries and brute force. |
| What is a Birthday password attack? | A probability method of finding collision in hash functions. |
| What are Rainbow Tables in relation to a password attack? | A table of hashed phrases/words that can be used in a password attack. |
| What is Typo Squatting? | Creating domains that are based on the misspelling of another. |
| What is a Watering Hole attack? | Identifying a site that is visited by those that they are targeting, poisoning that site, and then waiting for the results. |
Want to create your own Flashcards for free with GoConqr? Learn more.