The flashcards below were created by user anthonyrt2015 on FreezingBlue Flashcards.

  1. Whats the difference between Vulnerability scanning and Penetration testing?
    Scanning looks for vulnerabilities and testing tests the strength of the network
  2. ____ Makes itself difficult to detect or analyze
    Contains protective code
    Armored Virus
  3. What are 4 types of virus?
    • Armored
    • Retrovirus
    • Stealth
    • Boot Sector
    • File Infector Virus
    • Macro Viruses
    • Multipartite
    • Companion
    • Polymorphic
    • Metamorphic
  4. ___inserts malware into a system which sets off an action.
    Logic Bomb
  5. ____has the ability to hide spyware blockers, anti-virus program, and system utitlities.
    Runs at root level or admin access
  6. ___self reproduces without a host application
  7. ___ is a program that is disguised as another program and performs its malicious activity in the background.
    Trojan horse
  8. ___can be spread via malware, such as a trojan horse.  Allows access to a computer (i.e. server, workstation, network device)
  9. ___Frequently refers to any software which displays advertisements
    Some are spyware or malware
  10. ___that works on collecting information about the system and what it is used for.
  11. Which of the following types of malware is the MOST difficult to reverse engineer?
    A. Logic Bomb
    B. Trojan
    C. Armored Virus
    D. Ransomware
    Armored Virus
  12. ___Software that takes control of a system and demands payment to a third party

    Tip: often in the form of a trojan
  13. _____ prevents access to resources by users authorized to use those resources.
    Denial of Service (DOS)
  14. What are the most common DOS attacks?
    • Ping-of-Death
    • Land Attack
    • Teardrop
    • SYN Flood
  15. ___Amplifies a DoS by using multiple computers to conduct an attack against a single entity (Smurf Attack)
    Distributed Denial of Service (DDoS)
  16. ____A computer compromised by a hacker that is used to perform malicious task under remote direction
  17. _A network of compromised systems containing malware which acts as a robot.
  18. Impersonating someone/something else by falsifying data
  19. What types of forms does spoofing occur?
    • IP address spoofing
    • MAC spoofing
    • ARP poisoning
    • Web spoofing
    • DNS spoofing
  20. Attackers use a strategy to identify a site that is visited by those they are targeting.
    Watering Hole Attack
  21. ____Vulnerability where an attacker can add comments/code to web pages which allows code injection
    Cross-Site Scripting (XSS)
  22. INSERT INTO message <Script> in here </script>
    Is an example of Cross-Site Scripting (XSS)
  23. ____Involves unauthorized commands coming from a trusted user to the website

    Think Instant messaging
    Cross-site Request Forgery (XSRF)
  24. ____Code injected into a database via a web form.

    ( is considered a breakout
    SQL Injection
  25. What is the most common SQL attack
  26. _____is a specific form of attack that can be employed to compromise Web sites that construct LDAP statements form data provided by users
    LDAP Injection
  27. ____Attack technique used to manipulate or compromise the logic of an XML application or service
    XML Injection
  28. ____Strings of characters that keep your sessions information
  29. (HTML)
    (body on load = document.  ('badform')
    example of a cookie
  30. What are the types of tools used for newtork mapping?
    • Nmap
    • SolarWinds
    • Whats Up Gold
  31. ___Software utility that allows direct testing of a user's logon password strength
    • Brute Force Decryption
    • Dictionary look-up
    • Rainbow Tables
  32. Examples of Vulnerability Scanner
    Nessus, SAINT, NMAP, Retina
Card Set
Show Answers