M1 - Cybersecurity Threats and Attacks
20 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What type of attack involves creating a fake identity or scenario to elicit urgent responses?

  • Pretexting (correct)
  • Vishing
  • Phishing
  • Spear Phishing

    • What is the primary risk associated with foreign-sourced attacks?

  • Physical threats to devices
  • Malware on personal computers
  • Loss of encryption
  • Surveillance using products sold by governments (correct)

    • Which phase of a cyberattack involves gaining higher-level access?

  • Covering Tracks
  • Gaining Access
  • Reconnaissance
  • Escalation of Privileges (correct)

    • Which attack involves the use of telephony systems with spoofed caller IDs?

    <p>Vishing</p> Signup and view all the answers

    What is a primary concern with cloud computing in terms of data security?

    <p>Compliance violations</p> Signup and view all the answers

    Which of the following best describes 'watering hole attacks'?

    <p>Identifying and exploiting weaknesses in frequently visited websites</p> Signup and view all the answers

    Which of these is a methodology used for threat modeling that includes risk analysis?

    <p>PASTA</p> Signup and view all the answers

    What is the impact of improperly managed Internet of Things (IoT) devices?

    <p>Device mismanagement and increased vulnerabilities</p> Signup and view all the answers

    Which of the following refers to an attack that entails reworking network devices without authorization?

    <p>Tampering</p> Signup and view all the answers

    What is an example of social engineering that involves manipulating trust through electronic communications?

    <p>Spear phishing</p> Signup and view all the answers

    What technique does an attacker use in a denial of service attack?

    <p>Congesting the system with large volumes of traffic</p> Signup and view all the answers

    Which type of attack uses an intermediary to intercept communications?

    <p>Man-in-the-Middle attack</p> Signup and view all the answers

    What is the primary goal of an SQL injection attack?

    <p>To gain unauthorized access to a web server</p> Signup and view all the answers

    Which of the following is NOT a characteristic of social engineering attacks?

    <p>Using technical vulnerabilities in software</p> Signup and view all the answers

    In a reverse shell attack, what is the attacker's primary strategy?

    <p>Initiating communication from inside the target's network</p> Signup and view all the answers

    What type of malware is characterized by mutating to avoid detection?

    <p>Polymorphic virus</p> Signup and view all the answers

    Which attack method involves taking advantage of a system performing operations out of order?

    <p>Race condition</p> Signup and view all the answers

    What is an example of a network-based attack?

    <p>Denial of Service (DoS)</p> Signup and view all the answers

    What is spoofing primarily concerned with?

    <p>Creating false identities and impersonating others</p> Signup and view all the answers

    Which of the following is a common internal threat agent?

    <p>Insiders</p> Signup and view all the answers

    Study Notes

    Cybersecurity Threats and Attacks

    • Cybersecurity protects an organization's IT infrastructure and data from malicious actors through technology, internal controls, and best practices.

    Threat Agents

    • Attacker/Hacker: Individuals seeking unauthorized access.
    • Adversary: Motivated to attack due to conflict or incentive.
    • Government/State-Sponsored: Funded by nation-states.
    • Hacktivist: Driven by social or political causes.
    • Insider: Someone with authorized access to systems.
    • External Threats: Attacks originating outside the organization.

    Cyberattack Types

    • Network-Based Attacks: Exploit network infrastructure.
      • Backdoors/Trapdoors: Secret access points.
      • Covert Channels: Non-intended data transmission methods.
      • Buffer Overflows: Injecting malicious code by exceeding buffer capacity.
      • Denial-of-Service (DoS): Overwhelm a system with traffic.
      • Distributed Denial-of-Service (DDoS): DoS attacks from multiple sources.
      • Man-in-the-Middle (MITM): Attacker intercepts communication.
      • Replay Attacks: Attacker replays intercepted communications.
      • Port Scanning: Identify open ports.
      • Reverse Shell Attacks: Bypass firewalls.
      • Return-Oriented Attacks: Combine legitimate code sequences.
      • Spoofing: Impersonation (e.g., IP, MAC, DNS, hyperlink).
    • Application-Based Attacks: Target application vulnerabilities.
      • SQL Injection: Inject malicious SQL code into applications.
      • Cross-Site Scripting (XSS): Inject malicious scripts into websites.
      • Race Condition: Exploit timing vulnerabilities.
      • Mobile Code (Malicious): Self-replicating from computer to computer.
    • Host-Based Attacks: Target a single host.
      • Brute-Force Attacks: Systematically try passwords.
      • Keystroke Logging: Record keystrokes.
      • Malware: Unauthorized software (viruses, worms, Trojans, adware, spyware).
      • Rogue Mobile Apps: Malicious applications disguised as legitimate ones.
    • Social Engineering Attacks: Exploit human psychology.
      • Phishing: Deceptive emails/messages.
      • Spear Phishing: Targeted phishing attacks.
      • Business Email Compromise (BEC): Targets executives.
      • Pretexting: Create a fake scenario.
      • Vishing: Phishing over the phone.
    • Physical (On-Premises) Attacks: Exploit physical access.
      • Piggybacking: Following someone into a restricted area.
      • Tampering: Physically altering equipment.
      • Theft: Unauthorized removal of assets.
    • Supply Chain Attacks: Exploit vulnerabilities in the supply chain.
      • Embedded Software Code: Malicious software within hardware/software.
      • Foreign-Sourced Attacks: Malicious code disguised as legitimate products.
      • Watering Hole Attacks: Target websites used by multiple organizations.

    Cyberattack Stages

    • Reconnaissance: Gathering information.
    • Gaining Access: Entering the target system.
    • Privilege Escalation: Increasing access level.
    • Maintaining Access: Staying in the system.
    • Network Exploitation and Exfiltration: Malicious activity.
    • Covering Tracks: Hiding the attack.

    Risks in Different Technologies

    • Cloud Computing: Additional exposure, malware, compliance violations, data/control loss, visibility loss, multi-cloud management, intellectual property theft.
    • Mobile Technologies: Malware, lack of updates/encryption, physical threats, unsecured Wi-Fi, location tracking.
    • Internet of Things (IoT): Device mismanagement, spoofing, escalated cyberattacks, expanded footprint, information theft, outdated firmware, malware, network attacks.

    Threat Modeling Methodologies

    • PASTA (Process for Attack Simulation and Threat Analysis): Define objectives, scope, decomposition, threat/vulnerability analysis, attack modeling/simulation, and risk analysis.
    • VAST (Visual, Agile, and Simple Threat): Flexible model for scaling threat analysis.
    • STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial-of-Service, Elevation of Privilege): Categorizes various threats.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers various cybersecurity threats and attacks, focusing on different threat agents and attack types. Learn about the distinctions between hackers, insider threats, and state-sponsored attacks, as well as methods like DoS and DDoS attacks. Enhance your understanding of the measures needed to secure IT infrastructure.

    More Like This

    Use Quizgecko on...
    Browser
    Open
    Browser
    Browser