Comptia Section 1 ( Threats, Attacks, and Vulnerabilities)

Phishing

Phishing

Deceptive online attempts to acquire sensitive information from individuals, often by impersonating trusted sources or organizations.

Smishing

Phishing conducted through text messages or SMS, using misleading messages to obtain personal data.

Vishing

Voice-based phishing using phone calls, where attackers pretend to be legitimate entities to extract sensitive information.

Potentially unwanted programs (PUPs)

Software that, while not inherently malicious, may have unwanted or harmful effects on a system and is typically installed without the user's consent.

Adversarial Artificial Intelligence (AI)

A branch of AI that focuses on creating AI models that are capable of defending against adversarial attacks, as well as AI models that are designed to launch such attacks, often used in cybersecurity for threat detection.

Collision Attack

Attack in cryptography where two different inputs produce the same hash value, which can be exploited in various attacks, such as collision attacks on digital signatures or password hashes.

Extensible Markup Language (XML) Injection

A type of attack where an attacker injects malicious XML content into an application, potentially leading to security vulnerabilities and data exposure.

Bluesnarfing

An attack that involves unauthorized access to information on a Bluetooth-enabled device, such as a mobile phone, often done to steal personal data or access sensitive information.

Threat Maps

Visual representations of cybersecurity threats, incidents, or vulnerabilities, often displayed on geographic or network maps to help organizations understand the threat landscape.

Weak Configurations (vulnerability)

Inadequate or insecure settings within a cloud-based environment that can be exploited by attackers to gain unauthorized access or compromise data.

Non-Intrusive Vulnerability Scanning

also known as passive scanning or non-aggressive scanning, involves examining the target systems or networks without actively probing or interacting with them. It primarily relies on observation and information gathering.

Configuration Review

The examination of system settings and configurations to identify and address potential security misconfigurations and vulnerabilities.

Application Scanning

Vulnerability scans specifically focused on identifying security issues within software applications.

User Behavior Analysis

The practice of monitoring and analyzing user actions and activities to detect abnormal or potentially malicious behavior within a system or network.

Blue-Team

The team responsible for defending against red-team attacks, often working to improve security measures and respond to threats.

Spam

Unsolicited and often irrelevant messages, frequently containing advertisements, scams, or unrelated content, sent to a large number of recipients.

SPIM (Spam over Instant Messaging)

Unwanted messages, including potential threats, sent over instant messaging platforms to disrupt users' communication.

Spear Phishing

Targeted phishing attacks that craft personalized deceptive messages, frequently with knowledge about the recipient to enhance credibility.

Dumpster Diving

Scouring discarded materials, like trash or documents, to uncover potentially confidential or sensitive information.

Shoulder Surfing

Observing someone's screen, keyboard, or activities in public to illicitly obtain private information.

Pharming

Cyberattacks that manipulate DNS settings or exploit system vulnerabilities to redirect users to fake websites.

Tailgating

Unauthorized entry into secure areas by following authorized personnel, often without proper authentication.

Eliciting Information

Using manipulation or social engineering to subtly extract confidential knowledge from individuals.

Whaling

A form of phishing that targets high-profile individuals or organizations for financial gain or data theft.

Prepending

A technique used in cyber attacks to add specific characters or data at the beginning of a file or message, often to evade security measures or manipulate data.

Identity Fraud

The act of stealing personal information, such as a person's name and financial details, to impersonate them and engage in financial fraud, such as opening fraudulent accounts or making unauthorized purchases.

Invoice Scams

Deceptive schemes involving the sending of counterfeit invoices or bills to individuals or organizations, tricking them into making payments for fictitious products or services.

Credential Harvesting

The process of collecting usernames, passwords, or other authentication data from individuals, often through deceptive means, with the goal of gaining unauthorized access to their accounts or systems.

Reconnaissance

The initial phase of a cyber attack where attackers collect specific information about potential targets, their vulnerabilities, and network configurations to plan and execute their attacks effectively.

Hoax

A deliberately false or misleading statement or piece of information that is intentionally created to deceive or mislead individuals, often for humor or misinformation.

Impersonation

The act of pretending to be someone else, either in person or online, with the intent to deceive, manipulate, or commit fraud, such as impersonating a colleague or a trusted entity to steal information.

Watering Hole Attack

An attack strategy that targets websites or locations frequently visited by specific groups or organizations, compromising these sites to infect visitors with malware or collect information about the target group.

Typosquatting

Creating websites or domain names that closely resemble legitimate ones, exploiting common typing errors, with the aim of deceiving users into visiting malicious sites or revealing sensitive information.

Pretexting

Using fabricated scenarios or pretexts to manipulate individuals into revealing confidential information, often through pretext phone calls that appear legitimate.

Influence Campaigns

Deliberate efforts, often on social media or through misinformation, to shape public opinion, behaviors, or achieve specific political, social, or economic outcomes, such as altering public perception during elections.

Hybrid Warfare

A military and political strategy combining conventional and unconventional tactics, including cyber attacks, disinformation, and propaganda, to achieve strategic objectives in conflict or competition, often with the aim of sowing confusion and achieving political influence.

Authority

Social engineers employ this technique to take advantage of the perception of power and control, exploiting individuals' trust in someone who appears to have legitimate influence or superiority, leading to their manipulation.

Intimidation

Social engineers use tactics that induce fear and anxiety, coercing individuals into complying with their demands due to the fear of potential negative consequences or harm.

Consensus

This method relies on creating a false sense of agreement or peer pressure to manipulate individuals into conforming to what they believe is the collective choice, thus guiding their actions.

Scarcity

Social engineers leverage the concept of limited resources or time-sensitive opportunities, encouraging targets to take hurried actions they might not otherwise contemplate.

Familiarity

By appearing familiar or known to the target, social engineers exploit the trust that naturally arises from such familiarity, which can lead to the disclosure of sensitive information or the granting of access.

Trust

The foundation of many social engineering attacks is the establishment of trust through rapport building, impersonation, or affiliations that are not what they seem, ultimately gaining the target's confidence and cooperation.

Urgency

Attackers create a sense of time pressure to force targets into quick decisions without the opportunity for careful consideration, leading to impulsive actions that serve the attacker's objectives.

Ransomware

Malicious software that encrypts a victim's files and demands a ransom for the decryption key, often causing data loss and financial damage.

Trojans

Malware disguised as legitimate software, which, once installed, provides unauthorized access or functionality to an attacker.

Worms

Self-replicating malware that spreads across networks and systems, often consuming network resources and causing damage.

Fileless virus

Malware that operates in system memory rather than on disk, making it harder to detect and remove.

Command and control (C&C)

A server or communication channel used by malware to receive instructions and transmit data to and from an attacker, allowing them to control infected systems.

Bots

Automated software programs that perform tasks on the internet, often used for malicious purposes, such as launching DDoS attacks.

Cryptomalware

Malware that encrypts data, rendering it inaccessible until a ransom is paid, making it a type of ransomware.

Logic bombs

Code or software that is set to execute under specific conditions, often designed to cause harm or damage when triggered.

Spyware

Software that covertly collects information about a user's online activities, such as browsing habits and personal information, typically for malicious purposes.

Keyloggers

Malicious software or hardware that records keystrokes, often used to capture sensitive information like passwords and credit card details.

Remote access Trojan (RAT)

Malware that allows an attacker to gain remote control of an infected computer, potentially for purposes such as spying or data theft.

Rootkit

A type of malware that provides unauthorized access and control over a computer or network while hiding its presence, making it hard to detect and remove.

Backdoor

A hidden or undocumented means of gaining access to a computer or network, often exploited by attackers to maintain persistent access.

Spraying

A type of attack where an attacker attempts to gain unauthorized access by trying a small number of common passwords against a large number of accounts, reducing the likelihood of account lockouts.

Dictionary

A list of words or commonly used passwords that attackers often use for password guessing attacks, like dictionary attacks.

Online Brute Force

An attack in which an attacker systematically tries a wide range of possible passwords or encryption keys until the correct one is found, typically by making numerous login attempts against an online service.

Offline Brute Force

An offline attack which the attacker has obtained a copy of encrypted data (e.g., password hashes) and can crack them without direct access to the target system.

Rainbow Table

A precomputed table of encrypted or hashed passwords, used to speed up password cracking by looking up the hash to find the corresponding plaintext password.

Plaintext/unencrypted

Data that is in its original, readable form, not protected by encryption or hashing, and is vulnerable to theft or manipulation if not properly secured.

Malicious Universal Serial Bus (USB) cable

A USB cable modified or designed to carry out malicious activities when connected to a device, such as data theft, malware injection, or device compromise.

Malicious flash drive

A USB storage device that contains malware or malicious software, often used to infect computers or networks when inserted.

Card cloning

The process of duplicating the information stored on a payment card's magnetic stripe or chip, allowing attackers to create counterfeit cards for fraudulent transactions.

Skimming

A technique used to steal sensitive data from payment cards, such as credit card information, by placing a device (skimmer) on a legitimate card-reading system, like an ATM or gas pump, to capture card data without the victim's knowledge.

Tainted training data for Machine Learning (ML)

Training data that has been intentionally manipulated or poisoned to mislead machine learning models, potentially leading to incorrect predictions or decisions.

Security of machine learning algorithms

The practices and measures taken to protect machine learning algorithms and models from various threats, including adversarial attacks, data poisoning, and model theft.

Supply-chain attacks

Cyberattacks that target the supply chain, aiming to compromise hardware or software components during the production, distribution, or installation process, which can lead to widespread security breaches.

Cloud-based attack

threats and exploits that target cloud computing infrastructure, services, or data stored in the cloud. These attacks take advantage of vulnerabilities in cloud environments and services, such as IaaS, PaaS, and SaaS

Cryptographic attacks

Attacks that exploit weaknesses or vulnerabilities in cryptographic systems to compromise data security or privacy, including methods to break encryption.

Birthday Attack

type of cryptographic attack that exploits the birthday paradox and refers to the likelihood of two different pieces of data having the same hash value when using hash functions, which can be exploited in collision attacks.

Downgrade attack

A security attack where an attacker forces a system to use older or less secure protocols or encryption methods, making it vulnerable to known vulnerabilities.

Privilege Escalation

The process by which an attacker gains elevated permissions or privileges, often going from a lower-privileged user to a higher-privileged user, enabling them to access restricted resources or execute unauthorized actions.

Cross-Site Scripting (XSS)

A web security vulnerability where attackers inject malicious scripts into web pages viewed by other users, potentially stealing their data, compromising their sessions, or performing other malicious actions.

Structured Query Language (SQL) Injection

An attack that occurs when an attacker injects malicious SQL statements into input fields of a web application, exploiting vulnerabilities in the application's code to access or manipulate the database.

Dynamic-Link Library (DLL) Injection

A technique where an attacker injects malicious code or libraries into a running process, often used to exploit vulnerabilities in software, gain control over a system, or compromise its security.

Lightweight Directory Access Protocol (LDAP) Injection

An attack where an attacker manipulates LDAP queries to a directory service, often used to gain unauthorized access, retrieve sensitive information, or perform other malicious actions.

Pointer/Object Dereference

A security issue that arises when a program attempts to access memory or an object that has not been initialized or is no longer valid, potentially leading to crashes or security vulnerabilities.

Directory Traversal

An attack where an attacker attempts to access files and directories outside of the intended path, exploiting vulnerabilities in an application's input validation to gain unauthorized access to sensitive files.

Buffer Overflows

A vulnerability in which an attacker writes more data to a buffer (temporary data storage) than it can handle, potentially leading to memory corruption, system crashes, or the execution of malicious code.

Time of Check/Time of Use Race Conditions

These vulnerabilities occur when a program checks the state of a resource or condition at one time and then uses that information at a later time without considering that the state may have changed in the interim, potentially leading to security issues.

Error Handling

The process of identifying and responding to errors in a program or system to prevent them from causing security vulnerabilities or compromising the functionality and reliability of the software.

Improper Input Handling

Refers to the failure to validate, sanitize, or properly process user inputs, which can lead to various vulnerabilities, including injection attacks or buffer overflows.

Replay Attack

An attack in which an attacker intercepts and reuses valid data packets or requests to gain unauthorized access to a system or impersonate a legitimate user.

Session Replays

Attacks where an attacker records and replays a user's session or authentication credentials to gain unauthorized access to a system, often used to impersonate the victim.

Integer Overflow

Occurs when an arithmetic operation generates a result that is too large to be represented using the data type, potentially leading to unexpected behaviors or security vulnerabilities.

Server-side Request Forgery (SSRF)

An attack where an attacker tricks a server into making unintended requests to internal resources or other external systems, potentially exposing sensitive information or causing security issues.

Cross-Site Request Forgery (CSRF)

A type of attack where an attacker tricks a user into performing actions on a web application without their knowledge or consent, often leading to unintended or malicious operations being executed.

Application Programming Interface (API) Attacks

Attacks that target the interfaces used by applications to communicate with other software components or services. These attacks can exploit vulnerabilities in the API, potentially leading to unauthorized access or data exposure.

Resource Exhaustion

A type of denial-of-service (DoS) attack in which an attacker consumes all available system resources (such as CPU, memory, or bandwidth), making a service or application unavailable to legitimate users.

Memory Leak

Occurs when a program or application fails to release memory that it no longer needs, gradually depleting available memory and potentially causing performance issues or system crashes.

Secure Sockets Layer (SSL) Stripping

A type of attack where an attacker downgrades a secure HTTPS connection to an unencrypted HTTP connection, allowing them to intercept and manipulate data sent between the user and the web server.

Shimming

A technique used to modify or extend the functionality of a software component, often with malicious intent, by inserting additional code between the application and the component.

Refactoring

The process of restructuring existing source code without changing its external behavior, typically done to improve code readability, maintainability, or performance.

Pass the Hash

An attack where an attacker captures a hashed version of a user's password and then uses this hash to gain unauthorized access to a system or network without needing to crack the actual password.

Evil Twin

A rogue wireless access point that mimics a legitimate Wi-Fi network, often used to trick users into connecting to it and potentially intercept their data or launch attacks.

Rogue Access Point (RAP)

An unauthorized or malicious wireless access point that provides network access to users without proper authorization, potentially leading to security risks.

Bluejacking

A harmless form of wireless hacking where an attacker sends unsolicited messages or data to a Bluetooth-enabled device, typically for fun or to annoy the user.

Disassociation

A method used by attackers to forcibly disconnect a device from a wireless network, potentially leading to service disruption or facilitating other attacks.