Cybersecurity Lecture Notes - Social Engineering, Malware, and Cryptography (Pages 1-8)

Flashcards covering social engineering, malware, and cryptography concepts from the given lecture notes.

What are some characteristics of social engineering?

Social engineering is hard to deflect, track, and catch. Education is the only solution.

What are the five motivations and methods of manipulation used in social engineering?

Moral obligation, trust, threats, greed, and ignorance.

What is the process of a social engineering attack?

Research, development, and exploitation.

What happens during the development phase of a social engineering attack?

During the development phase, an attacker selects individual targets and forms relationships with them.

What are some actions that can occur during the exploitation phase of a social engineering attack?

The victim might be tricked into disclosing their username and password, providing social proof, inserting a malicious payload, opening an infected attachment, exposing trade secrets, or performing pretexting.

What are some characteristics of social engineers?

Social engineers exploit human weaknesses, are detail-oriented, are patient observers, are skilled manipulators, and clean up their tracks.

What is malware?

Malware is software that serves a malicious purpose and is typically installed without the user's consent or knowledge.

What is a Trojan?

A Trojan is a malicious software program that is hidden within software that appears to be harmless. It is often used to compromise the security of the target computer.

What are PUPs and PUAs?

PUPs (potentially unwanted programs) and PUAs (potentially unwanted applications) are software that may or may not have been chosen or wanted by the user.

What is a virus?

A virus is malicious code that is inserted into an executable file. When the file is run, the malicious code is executed and can deliver a payload, like attempting to infect other files.

What is a malicious process?

A malicious process is a process that is executed without proper authorization from the system owner and is intended to damage or compromise the system.

What is a backdoor?

A backdoor is a mechanism that subverts or bypasses the normal method of authentication to gain access to a computer.

What is a Remote Access Trojan (RAT)?

A RAT is malware that creates a backdoor remote administration channel, which allows an attacker to access and control the infected host.

What is a botnet?

A botnet is a group of infected hosts or devices controlled by a program called a bot, which allows attackers to exploit them to mount attacks.

What is a Command and Control (C2 or C&C)?

C2 or C&C is infrastructure of hosts and services that attackers use to direct, distribute, and control malware over botnets.

What is a covert channel?

A covert channel is a type of attack that subverts network security systems and policies to transfer data without authorization or detection.

What is a Rootkit?

A Rootkit is a type of malware that modifies system files, often at the kernel level, to conceal its presence.

What is Ransomware?

Ransomware is malware that attempts to extort money from the victim by blocking the normal operation of their computer and/or encrypting their files and demanding payment.

What is a Fileless Virus?

A Fileless Virus has no footprint and is mostly undetectable because it operates in memory. It is often delivered through social engineering.

What are some methods to prevent and repair damage from malware?

To prevent and repair damage from malware, you should: use the latest version of your browser, install the latest patches, use antivirus, anti-spyware, and anti-rootkit software, use a firewall, use a pop-up blocker, perform regular scans, and quarantine or delete infected files.

What is Cryptography?

Cryptography is the science and practice of altering data to make it unintelligible to unauthorized parties.

What is Plaintext?

Plaintext is unencrypted data that is intended to be encrypted before transmission, or the result of the decryption of encrypted data.

What is Ciphertext?

Ciphertext is data that has been enciphered and cannot be read without the cipher key.

What is an algorithm in the context of cryptography?

An algorithm is a set of operations that transforms plaintext into ciphertext with cryptographic properties. It is also called a cipher.

What is Cryptanalysis?

Cryptanalysis is the science, art, and practice of breaking codes and ciphers.

What is symmetric encryption?

Symmetric encryption uses the same key to lock and unlock data.

What is asymmetric encryption?

Asymmetric encryption uses two different keys: one to lock the data and a different one to unlock it. These are known as public and private keys.

What are some characteristics of hashes?

Hashes convert one value into another, are deterministic, are created quickly, are not decryptable, and differ with different data.

What are some applications of hashing?

Hashing can be used for password