What's Your Password?
This attack consists of an attacker using automated scripts to try out possible passwords until the correct one works. They are very time consuming because they take a systematic approach to trying all possible permutation of characters in a sequence. The longer the password, the longer it takes.
What is a Brute-Force Attack?
This network security technology allows us to control the flow of traffic to and from the network.
What is a firewall?
This is a group of internet-connected devices, each of which are used to perform attacks, steal data, send spam, and allow the attack to access the device and its connection.
What is a botnet?
This type of malware misleads users of its true intent by disguising itself as a standard program.
What is a trojan?
MFA stands for this.
What is Multi-Factor Authentication?
This attack consists of an attacker putting lists of commonly used passwords into attack dictionaries. Threat actors typically use automated scripts to match the original password with the suggestions from the gathered attack dictionary.
What is a Dictionary attack?
This is a monitoring system that detects suspicious activities and generates alerts when they are detected.
What is an Intrusion Detection System?
This set of tools and techniques that attackers use to maintain communication with compromised devices following their initial exploitation is known as this.
What is Command and Control (C2)?
This type of malware is software that "spies" on its users, by recording and/or reporting their activities. This could include keylogging, recording how a user uses a program, browser history, etc.
What is spyware?
IDS stands for this.
What is Intrusion Detection System?
With this attack, bad actors take advantage of the tendency for users to reuse the same usernames and passwords for multiple accounts. By using credentials exposed in data breaches, the automate the process of trying those credentials on multiple sites at the same time.
What is Credential Stuffing Attack?
This term refers to a network of physical devices, vehicles, appliances, and other physical objects that are embedded with sensors, software, and network connectivity, allowing them to collect and share data.
What is IoT (Internet of Things)?
This DDOS tool was used by Anonymous for several attacks, targetting a site and flooding the server with TCP, UDP or HTTP packets. Has capabilities of allowing your host machine to join a voluntary botnet.
What is the Low Orbit Ion Cannon (LOIC)?
This is a type of malware that allows hackers to monitor and control your computer or network.
What is a RAT (Remote Access Trojan)?
*Daily Double*
TPM stands for this.
What is Trusted Platform Module?
This attack is a different mixture of password-cracking attacks. It's performed whenever the hacker knows a leaked password of yours and assumes you use a variation of it. The hacker uses a predefined list of phrases people often use to create passwords but extends them by adding variables - random symbols and numbers.
What is a Hybrid Attack?
This is a network security technology that detects suspicious activities and actively prevents identified threats from being carried out.
What is an Intrusion Prevention System?
This Windows-only password recovery tool handles an enormous variety of tasks, including recovering passwords by sniffing the network, cracking encrypted passwords using dictionary, brute-force and cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
What Cain and Abel?
This type of malware remains dormant for a period of time until triggered. They can be triggered by an event, or a specific data/time.
What is a Logic Bomb?
IOC stands for this.
What is Indicators of Compromise?
This type of attack uses password hashes that the bad actor has gathered. They can then see if it matches any of the precomputed hashes in their own database table.
What is a Rainbow Table Attack?
This is a type of security solution that provides real-time analysis of security alerts and events generated by network hardware and applications.
What is a SIEM (Security Information and Event Management)?
This DDOS tool specializes in shutting down hosts, network devices and servers by overwhelming them with different protocols such as UDP/TCP, ICMP, HTTP, L2CAP, ARP, and IEEE.
What is Raven-Storm?
This type of malware modifies the files in the kernel of the operating system, effectively becoming invisible to antivirus and anti-malware software.
What is a rootkit?
IAM stands for this.
What is Identity and Access Management?