Sec+ Domain 3 Terms
Protocols omitted. All terms singular. Acronyms where applicable.
Terms in this set (49)
Arbitrary Code Execution
The ability for an attacker to execute commands or run programs on a target system and can be remotely.
Uses one or more techniques like complex code or encryption, to make it difficult to reverse engineer.
An attack that misleads computers or switches about the actual MAC address of a system.
Provides another way of accessing a system, bypassing normal authentication methods.
Determines what software is running on each open port where the attack connects to each port and collects the response from the server.
Named after the birthday paradox in mathematical probability theory. The birthday paradox states that for any random group of 23 people, there is a 50 percent chance that 2 of them have the same birthday.
The practice of sending unsolicited messages to other Bluetooth devices.
Any unauthorized access to or theft of information from a Bluetooth connection.
Brute Force Attack
Password attack that involves using password-cracking software to mathematically calculate every possible password.
Attack sends more data or unexpected data to an application with the goal of accessing system memory.
The practice of checking data for validity before using it as a client/system to protect against many attacks, such as buffer overflow, SQL injection, command injection, and cross-site scripting attacks.
A line-by-line review of code by peer programmers and can help detect vulnerabilities, such as race conditions or susceptibility to buffer overflow attacks.
An attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application.
Cookie and Attachment
A cookie is a text file stored on a user's computer and used for multiple purposes, including tracking a user's activity. Attachments are typically associated with emails.
Cross-Site Scripting Prevention
Determine Attack Surface
A vulnerability assessment technique to look at the system attack surface which refers to the attack vectors available on a system, such as open ports.
Password attacks which attempts to use every word in the dictionary to see if it works.
A specific type of command injection attack that attempts to access a file by including the full directory path, or traversing the directory structure.
Attempts to modify or corrupt DNS results.
Created by Adobe Flash Player and is different from a traditional text cookie. Also called Locally Shared Objects (LSO's).
The insertion of malicious data, which has not been validated, into a HTTP response header.
A message, often circulated through email, that tells of impending doom from a virus or other security threat that simply doesn't exist
In relation to password attacks, uses a combination of two or more types of methods to crack a password.
Pretending you're someone/something else to gain info.
Attempts to create a numeric value that is too big for an application to handle causing an error.
Type of scan which attempts to exploit vulnerabilities; penetration testing.
Type of wireless network attack that targets the initialization vector of WEP due to the weakness from it's small bit size and repetition.
An attack which transmits noise or another radio signal on the same frequency used by a wireless network that can reduce performance or even availability.
Attacks that attempt to access or modify data hosted on directory service servers by taking advantage of poor application input validation.
A string of code embedded into an application or script which executes in response to an event, such as when a specific application is executed or a specific time arrives.
Malicious Insider Threat
A malicious insider is anyone who has legitimate access to an organization's internal resources, but exploits this access for personal gain or damage against the organization.
A form of active interception or active eavesdropping where the attacker inserts themselves in the middle of two systems that are communicating.
Near Field Communication
A group of standards used on mobile devices that allow them to communicate with other mobile devices when they are close to them
Actively assesses deployed security controls within a system or network.
Redirects a web site's traffic to another web site and can do so by modifying the hosts file on the user's system; similar to DNS poisoning.
When a user or process accesses elevated rights and permissions. Having administrators use two accounts and with the administrative account being use sparingly reduces the potential for privilege escalation.
Has the ability to morph or mutate when it replicates itself, or when it executes making it difficult for antivirus software to track/find.
Method where huge databases of precomputed hashes are used to speed up the process of performing a password attack.
Captures data in a session with the intent of later impersonating one of the parties in the session.
Rogue Access Point
An unauthorized device that the network administrator is unaware of that could be setting for an attack if accessed.
A group of programs (or, in rare instances, a single program) that hides the fact that the system has been infected or compromised by malicious code and has system-level access.
An attack where the attacker learns the user's current established communication ID and uses it to impersonate the user, usually removing that user in the process.
When an attacker enters additional data into the web page form to generate different SQL statements in efforts of retrieving details and information on the database.
Typo Squatting/URL Hijacking
A domain name that is close to a legitimate domain name in efforts to lead users to the non-legitimate website with malicious intent.
Watering Hole Attack
An attack where someone determines a frequently visited website then compromises the site by planting viruses or malicious code on them, attempting to infect a user's computer.
A type of port scan used to identify underlying details of an operating system in addition to what ports are open.
When an attacker inserts additional data in XML format that could expose data to retrieval or modification from databases.
Attackers exploiting unknown or undocumented vulnerabilities before they are patched.