Type of attack relies on mistakes made by users when they input web addresses
What is Url Hijacking / Typo Squatting ?
What is a multipart virus?
What is a brute force attack?
Protects the DB from poorly written SQL statements and SQL injection attacks
ICMP
What is Internet Control Message Protocol?
Special type of phishing over the telephone
What is Vishing?
A group of computers that are hacked when a malicious program is installed on them and remotely triggered.
What is a Botnet?
Uses promiscuous mode
What is packet sniffing?
An application that id's security issues on a network an gives suggestions on how to prevent the issues.
What is a vulnerability scanner?
XSRF
What is Cross Site Request Forgery?
Malicious access to a physical data center by using someone else's credentials
What is Piggybacking?
A collection of programs that grants a hacker admin access to a computer or network.
What is a Rootkit?
When unauthorized commands are executed by a trusted user on a web server.
What is an XSRF attack?
Team in charge of offensive attacks with in a security team
What is the red team?
DDoS
An e-mail spoofing attack appears to come from a figure of authority seeking confidential data
An app downloaded as a part of another program (ie adware, spyware)
What is a PUP (potentially unwanted program)?
Name 2 types of virtual machine attacks
- Scooby Doo
- RedPill
- LDT (Local Discriptor Table)
A test conducted with the assessor having no knowledge about the system under test.
What is a black box test / unknown environment?
ROE
What is Rules of Engagement?
An attacker exploits an application design flaw to gain elevated access to protected resources
Brute force attack that feeds a large number of usernames into a site, then loops through a large # of passwords
What is Spraying?
Uses a compromised system to attack another system.
What is a pivot attack?
A digital timestamp prevents this type of attack
What is a repeat attack?
MITM
What is Man In the Middle?