Security+ Chapter 4 Physical Attacks
0.0(0)
Learn
Practice Test
Spaced Repetition
Match
FlashcardsCard Sorting
1/10
There's no tags or description
Looks like no tags are added yet.
Study Analytics
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
11 Terms
1
New cards
Physical Attack Examples
Malicious Flash Drive Attacks,
Malicious USB Cables,
Card Cloning Attacks,
Skimming Attacks,
Supply Chain Attacks
Malicious USB Cables,
Card Cloning Attacks,
Skimming Attacks,
Supply Chain Attacks
2
New cards
Malicious Flash Drive Attacks
when devices have shipped or been delivered with malware included either from the factory or through modifications made in the supply chain.
Sometimes effectively a trojan
any USB-connected device that can store files is a potential carrier for this type of attack, even if it isn't a USB thumb drive.
Sometimes effectively a trojan
any USB-connected device that can store files is a potential carrier for this type of attack, even if it isn't a USB thumb drive.
3
New cards
Two categories of Malicious Flash Drive Attacks
Penetration testers (and potentially attackers) may drop drives in locations where they are likely to be picked up and plugged in by unwitting victims at their target organization.
accomplished by labeling the drives with compelling text that will make them more likely to be plugged in: performance reviews, financial planning, or other key words that will tempt victims.
accomplished by labeling the drives with compelling text that will make them more likely to be plugged in: performance reviews, financial planning, or other key words that will tempt victims.
4
New cards
Malicious USB Cables
The advantage of a malicious USB cable is that it can be effectively invisible when it replaces an existing cable and will not be noticed in the same way that a flash drive might be. Malicious cables are often configured to show up as a human interface device (e.g., a keyboard) and may be able to interface with the computer to send keystrokes or capture data in addition to deploying malware.
5
New cards
Card Cloning Attacks
focus on capturing information from cards like RFID and magnetic stripe cards often used for entry access.
Card cloning can be difficult to detect if the cards do not have additional built-in protection
Card cloning can be difficult to detect if the cards do not have additional built-in protection
6
New cards
What additional built in protection helps defeat card cloning
Cryptographic certificates and smart chips
7
New cards
Magnetic Stripe and RFID based cards
can be easily cloned can often be detected only by visual inspection to verify that they are not the original card.
8
New cards
Skimming Attacks,
that use hidden or fake readers or social engineering and hand-held readers to capture (skim) cards, and then employ cloning tools to use credit cards and entry access cards for their own purposes.
9
New cards
Supply Chain Attacks
attempt to compromise devices, systems, or software before it even reaches the organization.
10
New cards
How to combat against Supply Chain Attacks
but buying from trusted vendors rather than secondary market providers, as well as ensuring that devices are not modified by third parties by using physical security measures like tamper-evident holographic seal stickers, can help ensure that supply chain attacks are less likely to occur.
11
New cards
Trusted Foundry program
ensures that the supply chain for classified and unclassified integrated circuits, devices, and other critical elements are secure and that manufacturers stay in business and are protected appropriately to ensure that trusted devices remain trusted.
Note 
Flashcards (31)