Comptia 1102 Security

Worm

• is a standalone malware computer program that replicates itself to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.

• This can spread on its own

Virus

 is malicious software designed to infect computer files or disks when it is activated.

May be programmed to carry out other malicious actions, such as deleting files or changing system settings

Trojan

is a type of malware that looks legitimate but can take control of your computer.

Designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network.

To operate, it will create numerous processes that run in the background of the system.

Ransomware

is a type of malware designed to deny access to a computer system or data until a ransom is paid.

typically spreads through phishing emails or by unknowingly visiting an infected website.

Once infected, a system or its files are encrypted, and then the decryption key is withheld from the victim unless payment is received

Spywear

is a program that monitors user activity and sends the information to someone else.

It may be installed with or without the user's knowledge.

It invades the device, steals sensitive information and internet usage data, and relays it to advertisers, data firms, or external users.

Keylogger

• actively attempts to steal confidential information by capturing the data when entered into the computer by the user. This is done by recording keystrokes entered into a web browser or other application.

• A software ___ can be run in the background on a victim's computer. A hardware ____ may be placed between the USB port and the wired keyboard. 

Rootkit

• is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence.

• is generally a collection of tools that enables administrator-level access to a computer or network.

• They can often disguise themselves from detection by the operating system and anti-malware solutions.

• If a ____ is suspected on a machine, it is best to reformat and reimage the system.

Spoofing

is often used to inject the attacker into the conversation path between the two parties.

is the act of disguising a communication from an unknown source as being from a known, trusted source.

Cross-Site Scripting (XSS):

A type of injection in which malicious scripts are injected into otherwise benign and trusted websites.

SQL injection

is a code injection technique used to attack data-driven applications. Malicious SQL statements are inserted into an entry field for execution, such as dumping the database contents to the attacker.

Zero-day

attack happens once a flaw, or software/hardware vulnerability, is exploited, and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerability

On-path

attack is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.

The attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection.

The attacker will intercept all relevant messages passing between the two victims and inject new ones

Distributed Denial of Service (DDoS)

attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.

Tailgating

is a social engineering technique to gain access to a building by following someone unaware of their presence.

Brute-force

attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly.

Phishing

is an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim.

Spear phishing

is the fraudulent practice of sending emails from a seemingly known or trusted sender to induce targeted individuals to reveal confidential information.

This attack is focused on a targeted set of people, not just an indiscriminate large group of random people.

Whaling

is an email-based or web-based form of phishing that targets senior executives or wealthy individuals. such as CIO, CEO

Vishing

is a social-engineering attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services (VoIP).