Attacks
more likely to inject malware into our networks, as they do not necessarily know the risk of the web sites they frequent, or the files they download.
Junior and non-trained personnel.
software that displays advertisements whether or not the user consents to the display.
What is ADWARE.
process in which an attacker attempts to acquire information about your network and system by social means, such as talking to people in the organization.
What is Social Engineering.
attacker simply fakes the source of packets in order to appear as part of an internal network.
What is Spoofing.
will help prevent social engineering, phishing attempts via email or website, and increase overall security awareness for your command
What is a Education and training. (annual IA training)
A group or individuals who attack networks and systems seeking to exploit the vulnerabilities in operating systems or other flaws.
HACKERS.
A type of malware that is standalone software and do not require a host program or human help to propagate.
What is WORM.
attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. These attacks are commonly sent via email.
What is Phishing.
an intruder injects him/herself into an ongoing dialog between two computers so that he/she can intercept and read messages being passed back and forth without the knowledge of either end user.
What is Man-in-the-Middle Attacks.
provide an entry point for access to your systems and their resources.
HINT: Ensure all unnecessary _____ and _____ are closed on your network and a proper base line is created.
What is Ports and Protocols.
In order to prevent against attacks, we must also know how to construct attacks.
What is System Administrators.
piece of code intentionally inserted into a software system, designed to execute or “explode” under circumstances such as a lapse of a certain amount of time or the failure of a user to respond to a program command.
What is LOGIC BOMB.
targeted phishing attack that appear to be emails from within your organization such as your CO, admin, or IT department..
What is Spear Phishing.
involves the unauthorized use of an established communications session. It is a security attack on a user session and involves taking over TCP and web application user sessions.
What is Session Hijacking.
View your email in plain text versus html, as html code can trigger the malware executables and Delete email from senders you do not know.
What is Preventing Malicious Code.
attacks are designed to harm the system or system components..
What is MALICIOUS ATTACKS.
A type of malware that propagates by inserting a copy of itself into and becoming part of another program.
What is Virus.
an attempt to make a computer or network resource unavailable to its intended users.
What is Denial of Service (DoS) Attacks.
occurs when information is leaked from a higher classification level to a lower classification level.
What is SPILLAGE.
Scans and removes Viruses.
What is VSE.
actions can be equally damaging to system security, regardless of the fact that they are unintentional.
What is Non-malicious attacks.
malware or malicious code that appears to the user to perform a desired function but in fact facilitates unauthorized access to the user’s computer system..
What is TROJAN HORSE.
designed to encourage you to forward email messages by warning of viruses, promoting money making schemes, or citing fictitious causes.
What is Internet Hoaxes.
abuse of electronic messaging systems to send unsolicited bulk messages indiscriminately.
What is SPAM.
Designed to stop a user from preforming an unauthorized action.
What is HIPS.