chapter 4

1. Wireless Networking

Technology that enables devices to connect to a network via radio signals

2. Evil Twin

A fraudulent wireless access point (AP) that masquerades as a legitimate one to intercept data.

3. Rogue Access Point

Unauthorized wireless access point set up within an organization’s network without administrative approval.

4. Bluesnarfing

Unauthorized access and theft of data from Bluetooth-enabled devices.

5. Bluejacking

Sending unsolicited messages or data (like images) to Bluetooth-enabled devices.

6. Disassociation Attack

An attack that forces a wireless client to disconnect from the network by spoofing de-authentication frames.

7. Jamming

Deliberate disruption of radio signals to create denial-of-service on wireless networks.

8. RFID (Radio Frequency Identification)

Wireless use of electromagnetic fields to identify objects tagged with RFID chips.

9. NFC (Near Field Communication)

Short-range wireless technology for data exchange over distances typically less than 10 cm.

10. Initialization Vector (IV)

Randomization data used at the beginning of cryptographic processes to ensure unique encryption.

11. On-path Attack (Man-in-the-middle)

Attacker intercepts and potentially modifies communications between two parties without their knowledge.

12. Man-in-the-Browser (MITB)

Malware-based attack that manipulates browser behavior to alter transactions or data.

13. Layer 2 Attacks

Attacks that exploit vulnerabilities at the data link layer

14. ARP Poisoning

Corrupting ARP caches by sending falsified ARP messages to redirect network traffic.

15. MAC Flooding

Flooding a network switch with fake MAC addresses to overwhelm its MAC table.

16. MAC Cloning

Changing a device’s MAC address to bypass security controls or impersonate another device.

17. DNS (Domain Name System)

Hierarchical system translating human-readable domain names to IP addresses.

18. Domain Hijacking

Unauthorized modification or theft of domain registration details.

19. DNS Poisoning (DNS Spoofing)

Inserting false DNS records into a DNS server or cache to redirect traffic.

20. URL Redirection

Attack technique that directs users from a legitimate URL to a fraudulent site.

21. Domain Reputation

Assessment of IP/domain behavior indicating reliability or maliciousness.

22. Distributed Denial-of-Service (DDoS)

Attack where multiple compromised systems flood a target with excessive traffic.

23. SYN Flooding

DoS attack that exploits TCP three-way handshake

24. Ping of Death (POD)

DoS attack involving oversized ping packets causing system crashes.

25. CLDAP Reflection Attack

Amplification DDoS attack using Connectionless Lightweight Directory Access Protocol (CLDAP) responses directed at victims.

26. Operational Technology (OT)

Networks controlling industrial and physical processes.

27. Malicious Script Execution

Automated attacks using scripting languages or automation tools.

28. PowerShell

Windows scripting language integrated with OS for administrative tasks.

29. Python

Cross-platform scripting language used for automating tasks and cyberattacks.

30. Bash (Bourne Again Shell)

Linux command interpreter that executes shell commands and scripts.

31. Macros

Scripted automation within applications like Microsoft Office or PDFs.

32. Visual Basic for Applications (VBA)

Older Microsoft scripting language used to automate tasks within Office applications.