Attack Types Study Set | Sociology 1.2 Terms & Definitions
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt Play1/30
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
31 Terms
Malware
includes a wide range of software that has malicious intent. Installed on a system through devious means.
Ransomware
a type of malicious software designed to block access to a computer system until a sum of money is paid.
Trojans
typically looks like something beneficial, but it's actually something malicious. Can come as pirated software, a useful utility, or a game.
Worms
a self-replicating program able to propagate itself across a network, typically having a detrimental effect.
Potentially unwanted programs (PUPs)
Software that cannot definitively be classed as malicious, but may not have been chosen by or wanted by the user.
Fileless virus
a type of malicious software that runs in memory. Some techniques used are memory code injection, script-based techniques, and windows registry manipulation.
Command and Control
A computer controlled by an attacker or cybercriminal which is used to send commands to systems compromised by malware and receive stolen data from a target network
Bots
Software robots that function automatically. A botnet is a group of computers that are joined together. Attackers often use malware to join computers to a botnet, and then use the botnet to launch attacks.
Logic Bombs
A string of code embedded into an application or script that will execute in response to an event.
Spyware
a special class of adware that collects data about the user and transmits it over the Internet without the user's knowledge or permission
Keyloggers
software that tracks or logs the keys struck on your keyboard, typically in a covert manner so that you don't know that your actions are being monitored.
Remote Access Trojan (RATs)
a type of malware that allows attackers to control systems from remote locations. Often delivered by drive-by-downloads or malicious attachments in emails.
Rootkit
A set of programs that enables its user to gain administrator level access to a computer without the end user's consent or knowledge.
Backdoor
provides another way of accessing a system; bypass normal authentication methods; allow attackers to access systems from remote locations
Spraying
A Special type of brute force or dictionary attack designed to avoid being locked out.
Dictionary attack
A type of password attack that automates
password guessing by comparing encrypted passwords against a predetermined list of possible password values.
Brute Force attack
An attack on passwords or encryption that tries every possible password or encryption key.
offline attack
attempts to discover a password from a captured database or a captured packet scan.
Online attack
attempts to discover a password from an online system.
Rainbow table
A table of hash values and their corresponding plaintext values that can be used to look up password values if an attacker is able to steal a system's encrypted password file.
Malicious USB cable
A USB cable embedded with a Wi-Fi controller that can receive commands from a nearby device to send malicious commands to the connected mobile device.
Malicious flash drive
a physical device that contains malicous PDFs, files, etc that could be harmful to your computer, older systems would automatically upload from this physical device without user consent
Card cloning
acquired information from a skimmer that can be made into a duplicate card, most commonly found when duplicating gift cards, can't duplicate chips, only magnetic strips
Skimming
capturing credit card data at the point of sale
Adversarial AI
Attempts to fool AI models by supplying it with deceptive input. When successful it can cause an error or malfunction in the AI model.
Tainted training data for machine learning
Providing bad data to a machine learning algorithm in order to force the algorithm to give inconsistent results
supply chain attacks
An attempt to exploit a weakness/vulnerability in the process that produces a service.
cloud-based vs on-premises attacks
Cloud: Offsite, usually managed by third party, lower cost, no data centers, limited downtime
On-premises attack: On-site, full control of data, system check can occur at anytime, high cost and time consumption
Birthday attack
A type of password attack that exploits weaknesses in the mathematical algorithms used to encrypt passwords, in order to take advantage of the probability of different password inputs producing the same encrypted output.
Collision
When the encrypted hashes of two different strings are the same
downgrade attack
An attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode.