What is ensuring that there is no unauthorized disclosure of data. (i.e. encryption)
100
Name some of the access controls talked about in the previous video.
What is MAC, DAC, RBAC x 2.
100
a set of malicious code that attaches itself to a host application. Must be executed to run.
What is a virus.
100
Describe a distributed denial of service attack.
What is using two or more computers against a single target. Usually include sustained high network traffic on the victim computer.
100
An attempt to modify or corrupt DNS results by modifying IP addresses to web site names.
What is DNS poisoning.
200
Definition of integrity.
What is ensuring that data has not changed, been tampered with, modified, or corrupted.
200
Describe non-repudiation.
What is being unable to deny that you did something if it is signed by you. Typically used with digital signatures.
200
a group of programs or program that hides the fact that the system has been infected or compromised by a malicious code.
What is a rootkit.
200
Spoofs the source address of a directed broadcast ping packet to flood a victim with ping replies.
What is a smurf attack.
200
Describe whaling.
What is form of spear phishing that attempts to target high level executives.
300
Define availability.
What is ensuring services are available when needed. Done through redundancy and fault tolerance.
300
Describe steganography.
What is the process of hiding data within data.
300
software installed on a users systems without their awareness or consent. Usually monitors a users activity.
What is spyware.
300
In this attack, the attacker never completes the handshake by sending the ACK packet.
What is a SYN flood attack.
400
Describe hashing.
What is a field of numbers and letters created by executing a hashing algorithm against data, such as a file or message.
400
Describe ransomware.
What is attackers taking control of a computer and then demanding the user pay a ransom to get control back.
400
a string of code embedded into an application or script that will execute in response to an event.
What is a logic bomb.
400
Type of port scan used to identify underlying details of an operating system.
What is an Xmas attack.
400
An attacker is able to create a password that produces the same hash as the users actual password. Works off of hash collision.
What is a birthday attack.
500
Describe digital certificates/signatures.
What is encrypting an email with your private key and having the receiver decrypt it with your public key. Ensures authentication and confidentiality.
500
Describe a botnet.
What is a group of multiple computers that act as software robots and function together in a network. Typically used for malicious reasons.
500
Has the ability to mutate when it replicates itself or when it executes. It's goal is to create a virus or malware with enough variations that antivirus software cannot detect it.
What is a polymorphic virus.
500
This is where an attacker replays data that was already a part of a communication session.
What is a replay attack.
500
Describe a rainbow table attack.
What is a type of attack that attempts to discover the password from a hash. Uses huge databases of precomputed hashes.