Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Professor Messer
Professor Messer Comptia Security+
| Term | Definition |
|---|---|
| Phishing | Social engineering with a touch of spoofing. Often delivered by e-mail, text, etc. Can be very remarkable when well done. |
| Typosquatting | A type of URL hijacking, an attacker buys a similar domain to that of a popular website. Example: gpogle.com instead of google.com |
| Pretexting | Lying to get information. Attacker is a character in a situation they create. |
| Pharming | Users are redirected to a fake site. Attackers may even cause the real site to redirect by DNS poisoning or client vulnerabilities. Difficult for anti-malware to stop, and everything appears legitimate to the user. |
| Vishing | Done over the phone or voicemail. Caller ID spoofing is common, may be a call about a fake security check or a bank update. |
| Smishing | Done by text message. forwards links or asks for personal information. |
| Reconnaissance | Gather information on the victim, uses lead generation sites, LinkedIn, Twitter, Facebook, Instagram, a corporate websites, etc. From this an attacker can find out: where you work, where you bank, recent financial transactions, family and friends. |
| Spear Phishing | Targeted, using inside information. Makes the attack more believable, |
| Whaling | Targets a high-level employee, such as a CEO or CFO. |
| Impersonation | Attackers pretend to be someone they aren't. Use details from reconnaissance, may attack as someone of higher rank. Throws out tons of technical terms for confusion, or pretends to be friendly. |
| Eliciting Information | Extracting information from the victim. Victim doesn't realize this is happening, often see with vishing. |
| Identity Fraud | Your ipseity can be used by others. |
| Credit card fraud | Using your banking information, can open an account in your name. |
| Loan fraud | Information is used for a lease. |
| Government Benefit Fraud | Attacker obtains your perks that you are given from special programs. |
| Dumpster Diving | Important information gets thrown out, and is found by attackers. Is legal in the U.S, and anything thrown away is no longer owned by anyone. |
| Shoulder Surfing | An attacker looks over at your screen/keyboard to gain information |
| Hoax | A threat that isn't real but seems like it could be real. Can consume a lot of resources, and can even take your money |
| Watering Hole Attack | Hackers go to a third party website that users of a specific company uses frequently, by looking for vulnerabilities. |
| Spam | Unsolicited Messages, can come from e-mail, forums, etc. Can include commercial advertising, non-commercial proselytizing, or phishing attempts. Can cause security concerns, resource utilization issues, storage controls, management, etc. |
| Spim | Unsolicited messages from texting |
| Influence Campaigns | Sway public opinion on political and social issues. Their goal is to divide, distract, and persuade. Can also be used for advertising, enabled through social media for creating, sharing, linking, etc. They use social media to amplify their message. |
| Hybrid Warfare | A military strategy that uses both physical and digital techniques in a war. |
| Tailgating | Using an authorized person to gain access to an unauthorized access, usually be blending in, make up a seemingly legitimate reason, pretend to be on break, etc. |
| Invoice Scam | Sends a fake bill that looks legitimate, domain renewal, toner cartridges, etc. May also include a link to a website, allowing to get more info. |
| Credential Harvesting | Attackers gain login information, such as usernames, passwords, and even security questions. After gaining access through different means, they find your logins wherever they are stored on your device. |
| Social Engineering | Constantly changing, may involve multiple people, may be physical or digital |
| Authority | Tells the victim they are in charge, I'm calling from the help desk, CEO's office, police |
| Intimidation | Bad things will happen if you don't help, If you don't help, payment checks won't be processed. |
| Consensus | Convince Based on whats normally expected, "So-and-so did this for me last week." |
| Scarcity | Situation will not be this way for long, must make the change before time expires |
| Urgency | Work quickly, don't think |
| Familiarity | Someone you know, we have common friends |
| Trust | Someone who seems safe, "I'm from IT, I'm here to help." |
| Malware | Malicious software setup to gather information, become part of a botnet, show advertisements, encrypt your data, etc. |
| Virus | Malware that can reproduce itself, but must be executed first, reproduces through file systems or the network, some cause many problems, others are just annoying. |
| Crypto-malware | Using encryption to lock data until the attacker is paid, newer and less likely to avoid paying |
| Worm | Malware that self-replicates, doesn't need user input, uses the network as a transmission medium, self-propagates and spreads quickly. Can take over many systems quickly. |
| Trojan Horse | Software that pretends to be something else, doesn't really replicate, can circumvent anti-virus, |
| Rootkit | Originally a Unix technique, modifies core system files, part of the kernel. Can be invisible to the operating system and anti-viruses. May be used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network. |
| Keylogger | Malware that tracks what a user is typing. |
| Adware | Turns your computer into one big marketing promotion. Can cause performance issues, usually installed accidentally |
| Spyware | A type of malware that gathers personal information from the user, and may use it for advertising, identity theft, affiliate fraud, etc. Can trick you into installation, monitors browsing and keystrokes. |
| Botnet | A group of infected computers working together and taking commands from a command and control server. Can be used for Distributed Denial of Service (DDoS) attacks, relay spam, proxy network traffic, distribute computing tasks, etc. |
| Program Virus | It's a part of the application getting launched |
| Boot Sector Virus | Gets executed when the computer is started |
| Script Virus | Can run in the operating system or browser |
| Macro Virus | Commonly run in microsoft office apps such as word documents, excel spreadsheets, etc. |
| Fileless Virus | Avoids anti-virus detection, operates in memory of the device, AKA RAM. |
| Wannacry Worm | Infected computers search for other vulnerable systems to infect them with crypto malware by exploiting EternalBlue, then installs a backdoor and downloads itself, then continuine |
| Personal Data | Family pictures and photos, and other important documents |
| Organization Data | planning documents, employee personal information, financial information, etc. |
| Ransomware | Locking data on a computer until a sum of money is paid |
| Remote Access Trojan | Gives administrative control of a device from the attackers location, including key logging, screen recording or screenshots, copy files, etc. |
| Potentially Unwanted Program | Usually undesirable, overly aggressive browser toolbar, excessive ads, browser search engine hijacker |
| Backdoor | Once malware connects, it creates a way to connect to the system more easily next time. Sometimes comes installed accidentally with legitimate software. |
| DarkComet RAT | A type of remote access malware that allowed the attacker a multitude of control over the device, including network functions, system functions, power the computer on and off, etc. |
| Zeus/Zbot Malware | Well known for emptying bank accounts |
| Kernel Driver | A specialized program or software component that facilitates communication between the operating system and hardware devices. |
| Necurs Rootkit | When combined with malware, removes access to delete said malware. |
| Bot | An infected machine that may be apart of a larger network. It routinely checks the command and control server and waits for instructions. |
| Logic Bomb | Waits for a predefined event, may be a time and date or activate at a user event. Difficult to identify, as it has no predefined signature. |
| Plaintext | Not encrypted and can be read with little difficulty. |
| Hashing | Represents data as a fixed-length string of text, also known as a message digest. Different inputs give different outputs, but the input is impossible to recover from the output alone. A common way to store passwords. |
| Password File | Different across operating systems and applications, may use different has algorithms. |
| Spraying Attack | Attempts the most common passwords on many accounts until one works. |
| Brute Force Attack | Try every possible password combination until a hash is matched. A strong hashing algorithm can slow them down. |
| Online Brute Force Attack | Hacker continuously attempts to login, very slow, most accounts lock out after a few attempts. |
| Offline Brute Force Attack | Obtains a list of usernames and hashes, calculates a password hash and compares it to stored hashes, requires a large number of resources |
| Dictionary Attack | Use a predefined list of words to crack a password. May also use letter substitution for passwords that are common words containing symbols or numbers, such as p@ssw0rd. |
| Distributed Cracking | Uses multiple systems to more quickly discover a password. |
| GPU Cracking | Uses computational power to accelerate the process of password discovery. |
| Rainbow Table | An optimized, pre-built set of hashes, saves time and space, may not contain every has, but does contain pre-calculated has chains. Each table is unique to a singular hashing method. |
| Salt | Random data added to a password when hashing, different for each user. |
| Malicious USB Cable | Looks normal, but has additional electronics inside. Once connected, the cable takes over. |
| Malicious Flash Drive | Looks like a normal hardware storage device, but can contain malware or an HID. Older operating systems may run files from these devices automatically. Can be configured as a boot device or an ethernet adapter for an attacker to gain remote access. |
| Skimming | Stealing credit card information, usually during a trasaction. Copies card data, including the card number, expiration date, and card holders |
| ATM Skimming | Adds a device to the machine to collect card data, as well as a camera to capture your PIN. |
| Card Cloning | Creates a duplicate from details obtained from a skimmer. Can only duplicate the magnetic stripe, not the chip. |
| Machine Learning | Computers are getting smarter by identifying data to improve predictions. Requires a lot of training data. Use every day for many things such as stopping spam, product recommendation, movie recommendations, and even prevent car accidents. |
| Training Data Poisoning | Confuses AI by sending modified information that caused the AI to behave incorrectly. |
| Evasion Attack | The AI is only as good as the training, attackers can find holes and limitations in its data. |
| Supply Chain | Contains many moving parts, including raw materials, suppliers, manufacturers, distributors, customers, consumers, etc. |
| Supply Chain Attack | May infect any step among the different parts without suspicion, as people tend to trust their providers. One exploit can infect everything. |
| Cloud-based attack | Malicious activities that target weaknesses in infrastructure, misconfigurations, or vulnerabilities in these services to compromise data. |
| On-premises Attack | Malicious activities that targets an organization's internal network, infrastructure or resources located within its physical building. Exploits vulnerabilities in physical systems, devices, or applications, as well as social engineering. |
| Cloud-based Security | Centralized and costs less. No dedicated hardware or data center to secure. Handled by a third party. Data is secure, as theres no physical access. Providers are managing large-scale security. Has a limited downtime, and have scalable security options. |
| On-Premises Security | Has to be handled by the client, and is more expensive with data center security and infrastructure costs. You can hire a team to maintain uptime and availability, although it can be expensive and difficult to staff. |
| Cryptographic Attack | A breach that attempts to steal encrypted data so that the hacker can attempt to decrypt it. |
| Birthday Attack | A hacker will generate multiple versions of plaintext to match the hashes in an attempt to find hash collisions. |
| Hash Collisions | Two plaintexts give the same result. |
| Message Digest Algorithim 5 | First published in 1992, and collisions were discovered in 1996. |
| Downgrade Attack | Force a system to fallback their security so that there are more vulnerabilities that the hacker can exploit. |
| Privilege Escalation | Gaining higher-level access to a system, either by exploiting a vulnerability, bug, or design flaw. This gives the attacker more capabilities. These are high-priority and should be fixed quickly. |
| Horizontal Privilege Escalation | User A is able to use User B's resources. |
| Cross-site Scripting | Originally got its name from browser security flaws, as information from one site could be shared with another. One of the most common web application development errors that takes advantage of a users trust. |
| Non-persistent XSS Attack | Websites allow scripts to run from user input, typically the search box. |
| Persistent XSS Attack | Hacker posts a message to a social network including the malicious payload. Has no specific target, and spreads quickly over social media. |
| Code Injection | Adding your own information into a data stream, enabled due to bad programming. |
| SQL Injection | Modifying relational database management system requests, which an application should not allow. |
| Structured Query Language | Most common relational database management system type. |
| Extensible Markup Launguage | A set of rules for data transfer and storage |
| XML Injection | Modifying data transfer and storage rule requests, a good application will validate |
| Lightweight Directory Access Protocol | Created by telephone companies, now used by almost everyone. |
| LDAP Injection | Modifying a protocol that used to be used by telephone companies to manipulate application results. |
| Dynamic-link Library | A windows product containing code and data, can be used by many applications. |
| DLL Injection | By having an application run a program, the app will run as part of the target process. |
| Buffer Overflow | Overwriting a section of memory by spilling into other memory areas. |
| Replay Attack | Hacker gets access to raw network data, using malware, ARP poisoning, etc. Then uses the data as if they are the original user. Not an on-path attack, as the original workstation isn't required. |
| Pass the Hash | Attacker captures authentication data, and uses this data to send his own authentication request as the client. |
| Cookie | Information stored on your computer by your browser. Used for tracking, personalization, and session management. Could be considered a privacy risk, as it contains lots of personal information. |
| Session ID | A unique Identifier assigned to an interaction between a client and a server. It enables the system to track individual interactions, allowing for a personalized experience. |
| Session Hijacking | An attacker takes control of a valid interaction between a user and a system by gaining unauthorized access to the interaction, and impersonating the user and perform actions on their behalf. |
| Header Manipulation | Attacker first gathers information, then may exploit any weaknesses found, and may modify the leading tags and cookies. |
| Cross-site requests | Common and legitimate. A website server may load content from other websites. |
| Client | The workstation being used. It accesses resources, services, or information provided by another computer system. |
| Server | A computer system or program that provides services, resources, and data to other computers on a network. |
| Cross-Site Request Forgery | Takes advantage of the trust a web application has for a user. |
| Server-Side Request Forgery | Attacker finds a vulnerable web application, sends request to that application, and the website performs the request on behalf of the attacker. |
| Zero Day | An attack that exploits a previously unknown vulnerability and software hardware or firmware. |
| Drivers | The interaction between the hardware and your operating system. Hardware interactions contain sensitive information, such as video, keyboard and mouse. |
| Shimming | Filling in the space between two objects. Included with windows, backwards compatibility with previous windows versions, Application compatibility cache. Malware authors write their own. |
| Refactoring | a fundamental practice in software engineering that enables developers to continuously improve the design, structure, and maintainability of software systems while minimizing the risk of introducing defects or regressions. |
| Metamorphic malware | A different program is time its downloaded. It looks different each time. Intelligently redesigns itself. Difficult to match with signature-based detection |
| SSL Stripping | AKA HTTP Downgrade, combines an on-path attack with a downgrade attack., by un-encrypting the webpage from a proxy server, ARP Spoofing, etc. |
| Secure Sockets Layer Two | Terminated in 2011. designed to provide secure communication over the internet. It was released in 1995 and introduced several security features, including encryption and authentication, to protect data transmitted between clients and servers. |
| Secure Sockets Layer Three | Vulnerable to the POODLE attack. Terminated in June 2015, released in 1996. Added support for stronger encryption algorithms, including the use of HMAC for integrity protection, which helped mitigate certain types of attacks. |
| Transport Layer Security One | Released in 1999, includes support for stronger cryptographic algorithms, improved key exchange mechanisms, and enhanced integrity checks. |
| Transport Layer Security One Version One | Terminated in 2020 by modern browsers. Designed to address security vulnerabilities and weaknesses identified in earlier versions. Created in 2006. |
| Transport Layer Security One Version Two | |
| Transport Layer Security One Version Three |
Created by:
Jpaylay