Malware
This entity self-replicates
What is a worm.
A remote administration and file-copy program that supports VPNs by using port forwarding, and that runs on TCP port 22.
What is SSH (Secure Shell)?
An email-based or webbased form of phishing which targets specific individuals.
What is spear phishing?
An attack that injects a database query into the input data directed at a server by accessing the client side of the application.
What is SQL injection (Structured Query Language injection)?
A routing mechanism that conceals internal addressing schemes from the public Internet by translating between a single public address on the external side of a router and private, non-routable addresses internally.
What is NAT (network address translation)?
Keystrokes capture
What is a key logger?
Format that allows a private key to be exported along with its digital certificate.
What is P12 (Public Key Cryptography Standard #12)?
An inexperienced, unskilled attacker that typically uses tools or scripts created by others.
What is a script kiddie?
An attack where the attacker intercepts some authentication data and reuses it to try to re-establish a session.
What is a replay attack?
Maps private host IP addresses onto a single public IP address.
What is PAT (port address translation) ?
A form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.
What is MitM attack (Man-in-the-Middle attack)?
In EAP architecture, the device requesting access to the network.
what is the supplicant?
A disk drive where the controller can automatically encrypt data that is written to it.
What is a SED (self-encrypting drive)>
A spam attack that is propagated through instant messaging rather than email.
what is SPIM (spam over internet messaging)?
Passphrase-based mechanism to allow group authentication to a wireless network. The passphrase is used to derive an encryption key.
What is a PSK (pre-shared key)?
An attack when the web browser is compromised by installing malicious plug-ins or scripts, or intercepting API calls between the browser process and DLLs.
What is MitB attack (Man-in-the-Browser attack)?
A protocol that uses the HTTP over SSL protocol and encapsulates an IP packet with a PPP header and then with an SSTP header.
What is SSTP (Secure Socket Tunneling Protocol)?
A type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks.
What is an RTOS (real-time operating system)?
A type of spoofing attack where the attacker disconnects a host then replaces it with his or her own machine, spoofing the original host's IP address.
What is session hijacking?
A process in which a router takes requests from the Internet for a particular application (such as HTTP) and sends them to a designated host on the LAN.
What is port forwarding?
A sign that an asset or network has been attacked or is currently under attack.
What is IoC (indicator of compromise)?
Mechanism used to mitigate performance and privacy issues when requesting certificate status from an OCSP responder.
What is [certificate] stapling?
An appliance or proxy server that mediates client connections with the Internet by filtering spam and malware and enforcing access restrictions on types of sites visited, time spent, and bandwidth consumed.
what is an SWG (secure web gateway)?
A network-based attack where the attacker steals hashed user credentials and uses them as-is to try to authenticate to the same network the hashed credentials originated on.
What is PtH attack (pass the hash attack)?
Accessing the administrative interface of a network appliance using a separate network from the usual data network.
What is OOB (out-of-band management)?