Sec+ Domain 3 Terms

Terms in this set (49)

Arbitrary Code Execution

The ability for an attacker to execute commands or run programs on a target system and can be remotely.

Uses one or more techniques like complex code or encryption, to make it difficult to reverse engineer.

An attack that misleads computers or switches about the actual MAC address of a system.

Provides another way of accessing a system, bypassing normal authentication methods.

Banner Grabbing

Determines what software is running on each open port where the attack connects to each port and collects the response from the server.

Birthday Attack

Named after the birthday paradox in mathematical probability theory. The birthday paradox states that for any random group of 23 people, there is a 50 percent chance that 2 of them have the same birthday.

The practice of sending unsolicited messages to other Bluetooth devices.

Any unauthorized access to or theft of information from a Bluetooth connection.

Brute Force Attack

Password attack that involves using password-cracking software to mathematically calculate every possible password.

Buffer Overflow

Attack sends more data or unexpected data to an application with the goal of accessing system memory.

Client-Side Inspection

The practice of checking data for validity before using it as a client/system to protect against many attacks, such as buffer overflow, SQL injection, command injection, and cross-site scripting attacks.

A line-by-line review of code by peer programmers and can help detect vulnerabilities, such as race conditions or susceptibility to buffer overflow attacks.

Command Injection

An attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application.

Cookie and Attachment

A cookie is a text file stored on a user's computer and used for multiple purposes, including tracking a user's activity. Attachments are typically associated with emails.

Cross-Site Scripting

Attackers embed malicious HTML or JavaScript code into an email or web site error message. If responded to, it executes the code where the attacker can then access some information.

Cross-Site Scripting Prevention

Primarily at the web application with input validation techniques to block the use of HTML tags and JavaScript tags.

Determine Attack Surface

A vulnerability assessment technique to look at the system attack surface which refers to the attack vectors available on a system, such as open ports.

Dictionary Attack

Password attacks which attempts to use every word in the dictionary to see if it works.

Directory Traversal

A specific type of command injection attack that attempts to access a file by including the full directory path, or traversing the directory structure.

Attempts to modify or corrupt DNS results.

Created by Adobe Flash Player and is different from a traditional text cookie. Also called Locally Shared Objects (LSO's).

Header Manipulation

The insertion of malicious data, which has not been validated, into a HTTP response header.

A message, often circulated through email, that tells of impending doom from a virus or other security threat that simply doesn't exist

In relation to password attacks, uses a combination of two or more types of methods to crack a password.

Pretending you're someone/something else to gain info.

Integer Overflow

Attempts to create a numeric value that is too big for an application to handle causing an error.

Type of scan which attempts to exploit vulnerabilities; penetration testing.

Type of wireless network attack that targets the initialization vector of WEP due to the weakness from it's small bit size and repetition.

An attack which transmits noise or another radio signal on the same frequency used by a wireless network that can reduce performance or even availability.

Attacks that attempt to access or modify data hosted on directory service servers by taking advantage of poor application input validation.

A string of code embedded into an application or script which executes in response to an event, such as when a specific application is executed or a specific time arrives.

Malicious Insider Threat

A malicious insider is anyone who has legitimate access to an organization's internal resources, but exploits this access for personal gain or damage against the organization.

Man-in-the-Middle

A form of active interception or active eavesdropping where the attacker inserts themselves in the middle of two systems that are communicating.

Near Field Communication

A group of standards used on mobile devices that allow them to communicate with other mobile devices when they are close to them

Penetration Testing

Actively assesses deployed security controls within a system or network.

Pharming Attack

Redirects a web site's traffic to another web site and can do so by modifying the hosts file on the user's system; similar to DNS poisoning.

Privilege Escalation

When a user or process accesses elevated rights and permissions. Having administrators use two accounts and with the administrative account being use sparingly reduces the potential for privilege escalation.

Polymorphic Malware

Has the ability to morph or mutate when it replicates itself, or when it executes making it difficult for antivirus software to track/find.

Method where huge databases of precomputed hashes are used to speed up the process of performing a password attack.

Captures data in a session with the intent of later impersonating one of the parties in the session.

Rogue Access Point

An unauthorized device that the network administrator is unaware of that could be setting for an attack if accessed.

A group of programs (or, in rare instances, a single program) that hides the fact that the system has been infected or compromised by malicious code and has system-level access.

Session Hijacking

An attack where the attacker learns the user's current established communication ID and uses it to impersonate the user, usually removing that user in the process.

When an attacker enters additional data into the web page form to generate different SQL statements in efforts of retrieving details and information on the database.

Typo Squatting/URL Hijacking

A domain name that is close to a legitimate domain name in efforts to lead users to the non-legitimate website with malicious intent.

Watering Hole Attack

An attack where someone determines a frequently visited website then compromises the site by planting viruses or malicious code on them, attempting to infect a user's computer.

A type of port scan used to identify underlying details of an operating system in addition to what ports are open.

When an attacker inserts additional data in XML format that could expose data to retrieval or modification from databases.

Attackers exploiting unknown or undocumented vulnerabilities before they are patched.

YOU MIGHT ALSO LIKE...

OTHER SETS BY THIS CREATOR

THIS SET IS OFTEN IN FOLDERS WITH...

;