SEC+

Card Set Information

Author:
anthonyrt2015
ID:
304971
Filename:
SEC+
Updated:
2015-07-09 09:31:12
Tags:
Threats Vulnerabilities
Folders:
SEC+
Description:
Threats
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user anthonyrt2015 on FreezingBlue Flashcards. What would you like to do?


  1. Whats the difference between Vulnerability scanning and Penetration testing?
    Scanning looks for vulnerabilities and testing tests the strength of the network
  2. ____ Makes itself difficult to detect or analyze
    Contains protective code
    Armored Virus
  3. What are 4 types of virus?
    • Armored
    • Retrovirus
    • Stealth
    • Boot Sector
    • File Infector Virus
    • Macro Viruses
    • Multipartite
    • Companion
    • Polymorphic
    • Metamorphic
  4. ___inserts malware into a system which sets off an action.
    Logic Bomb
  5. ____has the ability to hide spyware blockers, anti-virus program, and system utitlities.
    Runs at root level or admin access
    Rootkits
  6. ___self reproduces without a host application
    Worm
  7. ___ is a program that is disguised as another program and performs its malicious activity in the background.
    Trojan horse
  8. ___can be spread via malware, such as a trojan horse.  Allows access to a computer (i.e. server, workstation, network device)
    Backdoors
  9. ___Frequently refers to any software which displays advertisements
    Some are spyware or malware
    Adware
  10. ___that works on collecting information about the system and what it is used for.
    Spyware
  11. Which of the following types of malware is the MOST difficult to reverse engineer?
    A. Logic Bomb
    B. Trojan
    C. Armored Virus
    D. Ransomware
    Armored Virus
  12. ___Software that takes control of a system and demands payment to a third party
    Ransomware 

    Tip: often in the form of a trojan
  13. _____ prevents access to resources by users authorized to use those resources.
    Denial of Service (DOS)
  14. What are the most common DOS attacks?
    • Ping-of-Death
    • Land Attack
    • Teardrop
    • SYN Flood
  15. ___Amplifies a DoS by using multiple computers to conduct an attack against a single entity (Smurf Attack)
    Distributed Denial of Service (DDoS)
  16. ____A computer compromised by a hacker that is used to perform malicious task under remote direction
    Zombies
  17. _A network of compromised systems containing malware which acts as a robot.
    Botnets
  18. Impersonating someone/something else by falsifying data
    Spoofing
  19. What types of forms does spoofing occur?
    • IP address spoofing
    • MAC spoofing
    • ARP poisoning
    • Web spoofing
    • DNS spoofing
  20. Attackers use a strategy to identify a site that is visited by those they are targeting.
    Watering Hole Attack
  21. ____Vulnerability where an attacker can add comments/code to web pages which allows code injection
    Cross-Site Scripting (XSS)
  22. INSERT INTO message <Script> in here </script>
    Is an example of Cross-Site Scripting (XSS)
  23. ____Involves unauthorized commands coming from a trusted user to the website

    Think Instant messaging
    Cross-site Request Forgery (XSRF)
  24. ____Code injected into a database via a web form.

    ( is considered a breakout
    SQL Injection
  25. What is the most common SQL attack
    DoS
  26. _____is a specific form of attack that can be employed to compromise Web sites that construct LDAP statements form data provided by users
    (admin)(1(password)=*)
    LDAP Injection
  27. ____Attack technique used to manipulate or compromise the logic of an XML application or service
    XML Injection
  28. ____Strings of characters that keep your sessions information
    COOKIES
  29. (HTML)
    (body on load = document.  ('badform')
    shopppingsite.company
    example of a cookie
  30. What are the types of tools used for newtork mapping?
    • Nmap
    • SolarWinds
    • Whats Up Gold
  31. ___Software utility that allows direct testing of a user's logon password strength
    • Brute Force Decryption
    • Dictionary look-up
    • Rainbow Tables
  32. Examples of Vulnerability Scanner
    Nessus, SAINT, NMAP, Retina

What would you like to do?

Home > Flashcards > Print Preview