Social Engineering
Malware
Other Attacks
Attack Prevention
Acroynoms
100

Type of attack relies on mistakes made by users when they input web addresses

What is Url Hijacking / Typo Squatting ?

100
Type of virus that can infect executable files and boot sectors of hard disk drives

What is a multipart virus?

100
an exhaustive password attack

What is a brute force attack?

100

Protects the DB from poorly written SQL statements and SQL injection attacks

What are Stored Procedures?
100

ICMP

What is Internet Control Message Protocol?

200

Special type of phishing over the telephone

What is Vishing?

200

A group of computers that are hacked when a malicious program is installed on them and remotely triggered.

What is a Botnet?

200

Uses promiscuous mode 

What is packet sniffing?

200

An application that id's security issues on a network an gives suggestions on how to prevent the issues. 

What is a vulnerability scanner?

200

XSRF

What is Cross Site Request Forgery?

300

Malicious access to a physical data center by using someone else's credentials

What is Piggybacking?

300

A collection of programs that grants a hacker admin access to a computer or network.

What is a Rootkit?

300

When unauthorized commands are executed by a trusted user on a web server.

What is an XSRF attack?

300

Team in charge of offensive attacks with in a security team

What is the red team?

300

DDoS

What is Distributed Denial of Service?
400

An e-mail spoofing attack appears to come from a figure of authority seeking confidential data

What is Spear Phishing?
400

An app downloaded as a part of another program (ie adware, spyware)

What is a PUP (potentially unwanted program)?

400

Name 2 types of virtual machine attacks 

- Scooby Doo

- RedPill

- LDT (Local Discriptor Table)

400

A test conducted with the assessor having no knowledge about the system under test. 

What is a black box test / unknown environment?

400

ROE

What is Rules of Engagement?

500

An attacker exploits an application design flaw to gain elevated access to protected resources

What is privilege escalation? 
500

Brute force attack that feeds a large number of usernames into a site, then loops through a large # of passwords

What is Spraying?

500

Uses a compromised system to attack another system.

What is a pivot attack?

500

A digital timestamp prevents this type of attack

What is a repeat attack?

500

MITM

What is Man In the Middle?

M
e
n
u