Phishing
Type of social engineering attack
AES
Advanced Encryption Standard
How can authority be used in a Phishing attack
Root Account
Account that has a high level access or privilege.
Brute Force
Type of password attack where the attacker tries every possible combination.
Scarcity
Social Engineering principle that plays on the limited amount of an item to try to get people to act quickly without thinking.
DDoS
Distrubuted Denial of Service
What is Synflood
Port for SSH
22
Rainbow Table
Type of password attack where the attacker uses a has a has a hashing table.
Vishing
Phishing over the phone
DLL
Dynamic Link Libary
What is SIEM
Security Incident Management Systems, provides security alerts in real time
Open Ports
Ports that can be used by a computer to talk to a sever and potentialy get into the system.
Spraying
Type of password attack where the attacker tries a few times per account, then moves on.
Supply Chain Attack
Attack a target by going through a known vendor of their victim. Victim buys the tainted hardware or software.
IPSec
Internet Protocol Security
What is Behavior Analysis
Observe the network traffic for the abnormalities and known signatures of attacks.
Packet Capture
A collection of all network traffic, shows the sender, receiver, packet type etc.
Dictionary Attack
Password attack where the attacker tries passwords from a "database" of passwords.
Plaintext attack
FTP
File Transfer Protocol, ports 20, 21
Why would Log Collection be important?
It helps to monitor what is happening on the network, NOC can see what is occurring on the network and monitor all connections
Whaling
Social engineering attack where the attacker targets someone with a lot of money.
Botnet
Attacker creates zombie computers from their victims and uses all the computers together to form an attack.