Domain 2 Flash Cards

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/108

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

109 Terms

1
New cards
Nation state
Government-sponsored entities that engage in cyber operations to further national security interests, often through sophisticated tactics.
2
New cards
Advanced Persistent Threat (APT)
Nation-backed agents or organized cybercriminal groups recognized for their capability to infiltrate specific systems and remain hidden, gradually stealing data over extended periods.
3
New cards
Unskilled attacker
Individuals who typically lack advanced technical skills and use basic tools sourced from the dark web; their motivations can range from personal gain to seeking notoriety.
4
New cards
Hacktivist
Attacks driven by ideological, political, or social motives aimed at promoting a cause, raising awareness, or enacting change, often through defacement of websites or leaking sensitive information as a form of digital protest.
5
New cards
Client-based scanning
A tool used for automating vulnerability discovery, classification, and reporting to a central management server.
6
New cards
Agentless scanning
A preferred method for threat actors that allows scanning of hosts without necessitating installations.
7
New cards
Legacy and third party software
Common targets for threats due to potential vulnerabilities.
8
New cards
Service Set Identifier (SSID)
Acts as the network name; disabling its broadcast obscures the network presence from casual attackers.
9
New cards
MAC filtering
A security measure that permits only approved MAC addresses to access the wireless network.
10
New cards
Supply Chain
The process of transforming raw materials into finished products for consumer availability.
11
New cards
Managed Service Providers (MSP)
Third-party organizations that handle all of a company's IT needs.
12
New cards
Vendors
Entities that provide goods and services to companies or consumers, often sharing sensitive information.
13
New cards
Suppliers
Third-party contributors who supply goods or services to an organization.
14
New cards
Human Vectors/Social Engineering
Methods used by attackers to manipulate individuals into divulging confidential information.
15
New cards
Pretexting
A social engineering tactic involving the creation of a fabricated scenario to extract information, such as impersonating a tech support agent.
16
New cards
Watering hole attacks
Attacks that compromise legitimate websites to implement malicious code.
17
New cards
Typo squatting
A malicious practice that exploits common typing errors to redirect users to fraudulent sites.
18
New cards
Memory Injection
The secret insertion of malicious code into a program's memory space, often remaining undetected by exploiting the dynamic nature of memory collection.
19
New cards
Buffer Overflow
Attackers flood a program's buffer with excess data, which can overwrite adjacent memory spaces and open doors for unauthorized access.
20
New cards
Race Conditions
Occurs when two instructions from separate threads try to access the same data simultaneously; TOC/TOU deals with synchronization of shared resources.
21
New cards
SQL Injection (SQLI)
Attackers exploit vulnerabilities in a website or application’s input fields to manipulate SQL queries executed on the backend database.
22
New cards

Stored Procedures

Database objects that encapsulate a sequence of SQL statements, providing a layer of security against SQL injection.

23
New cards
VM Escape
An unexpected challenge introduced by hypervisors, potentially creating a path for lateral movement and unauthorized access.
24
New cards
Resource Reuse
Improper allocation and management of resources can lead to performance issues; resource exhaustion is a major concern.
25
New cards
VM Sprawl
Uncontrolled and excessive creation of virtual machines, which can lead to unmanaged growth in the computing environment.
26
New cards
Risk of Shared Tenancy
Multiple customers sharing the same cloud infrastructure, which can expose sensitive data if not properly managed.
27
New cards
Inadequate Configuration Management
Lack of understanding or mishandling of configurations may expose resources or leave open ports vulnerable.
28
New cards
Identity and Access Management Flaws
Issues caused by misconfigured user permissions, compromised credentials, or weak authentication processes.
29
New cards
Cloud Access Security Broker (CASB)
Enforces company security policies by bridging the gap between on-premises and dynamic cloud environments.
30
New cards
Service Provider Vulnerabilities
Poorly managed third-party relationships can result in lapses in security controls and expose organizations to risks.
31
New cards
Hardware Provided Vulnerabilities
Counterfeit or compromised hardware components that can infiltrate the supply chain and pose security risks.
32
New cards
Key Compromise
Keys can be compromised due to theft, weak generation methods, or poor key management practices.
33
New cards
Side Channel Attacks
Attacks that exploit cryptographic operations leaking information through channels like power consumption, timing, or radiation.
34
New cards
Backdoor Exploitation
Access through backdoors can render encryption useless, allowing attackers to compromise cryptographic systems.
35
New cards
Certificate Revocation List (CRL)
A list that indicates which certificates are valid or revoked; essential for maintaining certificate integrity.
36
New cards
Online Certificate Status Protocol (OCSP)
A protocol enabling real-time certificate validation, regarded as superior to traditional CRLs.
37
New cards
SSL Stripping
An SSL downgrade attack that bypasses certificate-based protection, converting secure HTTPS connections to unprotected HTTP.
38
New cards
SSL/TLS Downgrade
Interception of SSL traffic by a server impersonating an older browser, enabling weaker encryption and easier data access.
39
New cards
Network Device Vulnerabilities
Open ports, weak access controls, and unpatched firmware that can facilitate DDoS and man-in-the-middle attacks.
40
New cards
Access Control Lists (ACLs)
Rules that may inadvertently grant unauthorized access to sensitive segments of the network.
41
New cards
Firewalls
Devices that act as a frontline defense against unauthorized access by filtering incoming and outgoing network traffic.
42
New cards
Jailbreaking
The process allowing Apple device users to bypass manufacturer or OS restrictions for enhanced control.
43
New cards
Rooting
Enables Android device users to bypass manufacturer or OS restrictions for greater control over their device.
44
New cards
Sideloading
The practice of using APK files to install applications on Android devices outside of authorized app stores.
45
New cards
Zero Day Vulnerabilities
Hidden flaws in software that hackers can exploit before the developers are aware, providing unrestricted access to systems.
46
New cards
Potentially Unwanted Programs (PUPs)
Programs downloaded alongside other software that overconsume computer resources, leading to performance degradation.
47
New cards
Ransomware
A type of malware that encrypts private files and demands a ransom payment for their release.
48
New cards
Prevention against Ransomware Attacks
Using endpoint protection software such as EDR or XDR tools provides enhanced security against ransomware.
49
New cards
Trojans
Malicious software that deceives users by appearing as legitimate software, potentially creating backdoor access.
50
New cards
Portable Executable Files
Common executable and binary file formats used in Windows operating systems.
51
New cards
Remote Access Trojans (RATs)
Malware that allows attackers to control compromised systems remotely.
52
New cards
Worms
Self-replicating malware that spreads through networks, consuming bandwidth and memory.
53
New cards
Spyware
Malicious software that monitors user activities, consuming system resources.
54
New cards
Bloatware
Pre-installed software on new devices that can drain performance and storage resources.
55
New cards
Polymorphic Viruses
Malware that alters its code to evade detection by traditional security measures.
56
New cards
Keyloggers
Stealthy software that records users' keystrokes to capture sensitive information.
57
New cards
Logic Bombs
Malicious code that remains dormant until triggered by a specific condition.
58
New cards
Rootkits
Malware that hides within the operating system to evade detection while providing remote control capabilities.
59
New cards
Malware Inspection
The process of analyzing suspicious software in a sandbox environment to assess its safety.
60
New cards
Radio Frequency Identification (RFID) Cloning
The unauthorized copying of signals from RFID key cards to gain access to secure areas.
61
New cards
Pivoting
When an attacker moves laterally within a network by exploiting a vulnerable host.
62
New cards
Network Mapper (Nmap) Tool
A tool used to discover hosts and services on a computer network.
63
New cards
Distributed Denial of Service (DDoS)
An attack that overwhelms a target's servers to render them inoperable by flooding them with traffic.
64
New cards
Botnet
A collection of internet-connected devices that are infected and controlled as a group for malicious activities.
65
New cards
Amplified Attack
A type of attack where a small request results in a significantly larger response, exploiting network protocols.
66
New cards
Reflected Attack
An attack where the attacker spoofs the victim's IP address to make it appear as if the victim is sending the request.
67
New cards
Domain Name System (DNS)
The system that translates human-readable domain names to IP addresses.
68
New cards
ARP Poisoning
An attack that sends forged ARP messages to a local area network to map IP addresses to the attacker's MAC address.
69
New cards
DNS Sinkhole
A security measure that redirects traffic intended for malicious domains to controlled servers.
70
New cards
DNS Cache Poisoning
A manipulation technique that alters DNS records to redirect users to malicious sites.
71
New cards
Rogue Access Points
Unauthorized wireless access points that mimic legitimate ones to steal user information.
72
New cards
Evil Twin Attack
A malicious access point that intercepts communications between users and the legitimate network.
73
New cards
Deauthentication and Jamming Attacks
Attacks that disrupt user connections to a wireless access point, forcing disconnections.
74
New cards
MAC Spoofing
The technique of changing a device's MAC address to impersonate an authorized device.
75
New cards
WiFi Analyzers
Tools used to detect and analyze wireless network traffic for security breaches.
76
New cards
On-Path Attack
Interception attacks that allow eavesdropping on data exchanges.
77
New cards
Replay Attack
An on-path attack that captures and retransmits data at a later time.
78
New cards
Credential Replay Attacks
Attacks that capture and reuse valid login credentials for unauthorized access.
79
New cards
NT LAN Manager (NTLM) Disadvantages
Being a legacy system, NTLM is particularly susceptible to various attacks.
80
New cards
Credential Stuffing
An attack that involves using stolen usernames and passwords to access multiple accounts.
81
New cards
Bash Shell Attacks
Exploits that execute unauthorized commands on a system through the bash shell.
82
New cards
Injection Attacks
Attacks that insert untrusted data into a program via inputs, leading to various exploitations.
83
New cards
Buffer Overflow
A vulnerability where excessive data overwrites memory, potentially leading to unauthorized code execution.
84
New cards
Privilege Escalation
Gaining elevated access rights to perform unauthorized actions on a system.
85
New cards
Forgery Attacks
Attacks that manipulate data to impersonate legitimate users or systems.
86
New cards
Server-Side Request Forgery (SSRF)
A vulnerability that permits attackers to send unauthorized requests from a server.
87
New cards
Directory Traversal
An attack that seeks to access restricted files by manipulating directory paths.
88
New cards
Cryptographic Attacks
Attacks that exploit weaknesses in cryptographic algorithms or protocols.
89
New cards
Downgrade Attack
An attack that attempts to weaken encryption between two communicating parties.
90
New cards
SSL/TLS Downgrade Attack
Exploits vulnerabilities to enforce insecure encryption methods during communication.
91
New cards
SSL Stripping
An attack that converts secure HTTPS connections to unprotected HTTP, allowing eavesdropping.
92
New cards
Birthday attack
An attack that exploits the probability of two inputs producing the same hash value due to collisions.
93
New cards
Pass the Hash Attack
An attack that uses the hash of a password to impersonate a user without needing to know the password.
94
New cards
Dictionary Attack
An attack using a list of words to guess passwords, without including variations like misspellings.
95
New cards
Password Spraying
An attack that uses common passwords against many accounts to find a successful login.
96
New cards
Brute Force Attack
A trial-and-error method used to decode encrypted data such as passwords.
97
New cards
Hybrid Attacks
Attacks that combine elements of both dictionary and brute force techniques.
98
New cards
Online Password Attack
An attempt to break a password using the website's login interface.
99
New cards
Offline Password Attack
Cracking passwords from storage without alerting security systems.
100
New cards
Indicators of Attack
Early warnings of potential threats through detection of suspicious activities on a network.