Attacks
Mary got an email that has a lot of misspellings and a link to "login to Facebook" from an email address that has nothing to do with Facebook telling her that she needs to log in to her account through the link is an example of this kind of attack
What is Phishing?
Software that does malicious actions on an end user system
What is Malware?
This ensures data confidentiality
What is Encryption?
These are commonly unintentional actions taken or not taken during initial set up that lead to potential risks on a network or device, not an inherent flaw in the system's security
What are Misconfigurations?
This is what it's called when we choose not to do a risky activity
What is Risk Avoidance?
This type of assessment assesses potential losses from threats
What is a Business Impact Analysis/BIA?
John received an email claiming to be from his boss instructing him to buy Gift Cards and mail them to a weird address to "pay some bills" and the email included details specific to John
What is spear-phishing?
Has little skilled knowledge, mostly uses tools made by much more skilled attackers with little knowledge of how they function
What is a Script-Kiddie?
This ensures data integrity
What is Hashing?
This potential type of risk is defined by not being aware that it could be a risk until it has been exploited
What is a Zero Day Vulnerability?
When you let someone else take responsibility for the impact of risks on your network
What is Risk Transference?
A type of assessment that reviews your adherence to laws, regulations, or standards
What is a compliance audit?
An example would be someone running an unauthorized access point in a public place with the intent of being able to record all traffic that is going through it while appearing to be an authorized wireless network in the public place
What is a Man in the Middle/MITM or Evil-Twin attack?
Uses advanced techniques and has a large if not infinite budget with which to perform attacks; shielded from prosecution in their home nation for their actions in other nations
What is an Advanced Persistent Threat or Nation State Actor?
We refer to data moving from point to point as this when talking about states of data
What is Data in Transit?
These kinds of systems present vulnerabilities due to the fact that they are no longer being given security updates
What is a Legacy system?
When you decide that the risk is something you can handle, so you do nothing about it
What is Risk Acceptance?
A type of assessment that identifies potential threats and vulnerabilities
What is a Risk Based audit?
When a large number of computers target a single network or server with the express goal of preventing anyone else being able to access it during the attack
What is a Distributed Denial of Service Attack?
Has extensive knowledge and uses it for what they feel are just goals, regardless of the legality of their actions
What is a Hacktivist?
We refer to data as at _____ when it is being stored
What is Data at Rest?
Using tools like Nessus or OpenVAS, this kind of assessment looks at the potential for an attacker to find weaknesses in a network
What is a Vulnerability Assessment?
When you implement security controls to lower your risk
What is Risk Reduction?
A type of assessment that looks at IT infrastructure in depth
What is a Technical Audit?
An example of this kind of attack would be if Dorothy notices a lot of activity from one public IP address that is taking actions to make accessing a resource impossible during the attack or until the resource can be restored
What is a Denial of Service Attack?
An example of this is finding an unauthorized access point or computer inside your network placed there by an employee who is likely not intending to present a threat, but that is not always true.
What is Shadow IT/Rouge IT?
This refers to the state of data while it is being processed
What is Data in Use?
Rating system used to describe vulnerabilities based on their qualities as opposed to the specific method, but this must be combined with potential threats to discovery what kind of risk you face from the vulnerability, rated on a scale of 0-10.
What is Common Vulnerability Scoring System/CVSS?
This is the most powerful tool we have to mitigate attacks that involve user interaction
What is User Education?
This is a particular type of assessment that probes for vulnerabilities and often requires proof of concept to prove that a vulnerability may be exploitable; do NOT do this without a signed contract with all parties involved defining goals and rules.
What is Penetration testing?