By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.
Programming errors can result in system compromise, allowing someone to gain unauthorized privileges. This is known as privilege escalation. 1. Forms of malware include the following: Viruses: Infect systems and spread copies of themselves Worms: Similar to viruses but do not require a host to replicate Trojans: Disguise malicious code within apparently useful applications Logic bombs: Trigger on a particular condition Rootkits: Can be installed and hidden on a computer mainly for the purpose of compromising the system Ransomware: Usually demands money in return for the release of data, which may have also been encrypted using crypto-malware Spyware: May monitor browser activity and log keystrokes and may impact computer performance 2 . Spyware and adware often result in a computer running slowly and generating pop-ups. 3 . An armored virus seeks to make analysis difficult by including a metaphorical layer of armor around the virus. 4 . Phishing is a social engineering attack commonly done through email across a large audience. 5 . Spear phishing is a social engineering attack commonly done through email that targets an individual or an individual group. 6 . Whaling is similar to spear phishing but affects big targets, such as a CEO. 7 . In vishing, also known as voice phishing, the attacker often uses a fake caller ID to appear as a trusted organization and attempt to get the individual to enter account details via the phone. 8 . The term pharming is based on farming and phishing. Pharming does not require the user to be tricked into clicking on a link. Instead, it redirects victims to a bogus website, even if they correctly entered the intended site. 9 . DoS and DDoS attacks involve disruption of normal network services and include attacks based on the ICMP echo reply called Smurf attacks. 10. Spoofing is the process of making data look as if it came from a trusted or legitimate origin. 11. With a an on-path attack, a third system intercepts traffic between two systems by pretending to be the other system. 12. Replay attacks involve reposting captured data. 13. Zero-day vulnerabilities do not have patches yet and aren’t detected by antimalware software. 14. Password guessing, brute-force, and dictionary attacks involve repeated guessing of logons and passwords. 15. DNS poisoning allows a perpetrator to redirect traffic by changing the IP record for a specific domain (thus permitting attackers to send legitimate traffic anywhere they choose). 16. ARP poisoning is a Layer 2 attack that deceives a device on a network and poisons the table associations of other devices. 17. XSRF is an attack in which the end user executes unwanted actions on a web application while currently authenticated. 18. XSS vulnerabilities can be used to hijack a user’s session. 19. Injection attacks include SQL, LDAP, DLL, and XML. Such attacks insert code or malicious input to try to force unauthorized activity or access. 20. A rogue access point is an unauthorized wireless access point that is set up. 21. A rogue access point can serve as a type of on-path attack that is often referred to as an evil twin. 22. In bluejacking, attackers generate messages that appear to come from the device itself, leading users to follow obvious prompts and establish an open Bluetooth connection to the attacker’s device. 23. When a user pairs with an attacker’s device, the user’s data becomes available for unauthorized access, modification, or deletion. This is an aggressive attack referred to as bluesnarfing. 24. When traffic being sent across a network is unencrypted, packet sniffing enables an attacker to capture the data and decode it from its raw form into readable text. 25. Threat actor attributes include the actor’s relationship to the organization, motive, intent, and capability. 26. Threat actor types include script kiddies, insiders, hacktivists, organized crime, competitors, and nation-states. 27. Nation-states and organized crime are likely to have greater capabilities than other threat actors. Competitors are more likely to want to steal intellectual property to gain a competitive advantage. 28. OSINT describes information for collection from publicly available information sources, such as publications, geospatial information, and many online resources. 29. In a black-box test, the assessor has no information or knowledge about the inner workings of the system. 30. The four primary phases of a penetration test are planning, discovery, attack, and reporting. 31. White-box techniques are often tests to see whether programming constructs are placed correctly and to carry out the required actions. The assessor has knowledge about the inner workings of the system or knowledge of the source code. 32. Gray-box testing uses a combination of both white- and black-box techniques. The tester has some understanding of or limited knowledge of the inner workings. 33. Initial exploitation, escalation of privilege, pivot, and persistence occur (in this order) during the attack phase of a penetration test. 34. A vulnerability scan identifies vulnerabilities, misconfigurations, and lacking security controls. 35. A credentialed vulnerability scan helps reduce false positives. 36. A race condition can result in system malfunction and unexpected results. Resulting errors can cause crashes and may allow attackers to escalate their privileges. 37. Default accounts and passwords provide a simple means for an attacker to gain access. 38. Proper input handling prevents input that can impact data flow, allowing an attacker to gain control of a system or remotely execute commands. 39. Turning off an SSID broadcast hides the network from appearing but does not effectively protect a wireless network from attack. 40. A false positive occurs when a typical or expected behavior is identified as being irregular or malicious. 41. A false negative occurs when an alert that should have been generated did not occur. 42. SIEM tools collect, correlate, and display data feeds that support response activities. 43. SOAR combines security orchestration and automation with threat intelligence platforms and incident response platforms. 44. Threat hunting is a proactive approach to finding an attacker before alerts are triggered.
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.