A network administrator is working with the cyber forensics team to investigate the circumstances behind a recent attack. The attackers overwhelmed a critical server on the network by using a group of "zombified" PCs to send ping requests until the server crashed. This "ping of death" style attack is a variation of a ____ attack in which multiple attacker controlled PCs are used to overwhelm a target PC with data until it crashes. After some investigation, it is discovered that the attackers targeted a very old server running the Windows Vista software. The Windows Vista OS is no longer supported by Microsoft, which means that the vulnerability exploited in this scenario was an ____. After overwhelming the server, the attackers then installed malware on the server that would encrypt all data behind a paywall. The malware used in the scenario was ____ . This is an email received by the IT helpdesk from a user: "Help! I received an email from my bank stating that my password was compromised and that I should change it immediately. I did, and then I received a call from my bank stating that someone had made a large withdrawal from my account." In this scenario, the attackers used a ____ to gain access to the user's banking account. The same user then receives a call from the bank's helpdesk department stating that they were notified of the attack. They request that the user grant them remote access to their PC so that they can gather more data about the attack. The user does so and then sees the tech install a program that locks the PC and demands a million dollars of crypto as payment! The attackers used ____ to trick the user into giving them remote access to the PC so they could install the ransomware. You may wonder why they keep attacking this same user. Well, this user is the head of the company's payroll department and they are responsible for issuing checks to employees, so this is an example of a ____. Attackers were able to gain access to two employee email accounts using the following methods. The first attacker utilized a password cracking method where they repeatedly entered different passwords until they were able to access the CEO's account. The attackers performed a ____ . In the second attack, the attacker used a hacking tool that contained a list of commonly used passwords to crack the user's account. This is an example of a ____ . Some variants of this tool contain a table that has a list of pre-computed hash values of commonly known passwords, known as a ____ . The attackers exploited the use of ____ to gain access to user accounts. The rainbow table's effectiveness can be greatly reduced by using a hashing algorithm that employs ____. This technique adds additional "flavor" to the hashed value of passwords to make them harder to crack. Identify the social engineering attack being used. As the ISSCDC IT tech is walking into the school he is approached by a woman who states that she wants to enroll in classes. Little does he know, she is aiming to hack the network and steal information. The woman follows Josh into the school without his knowledge, performing a successful ____. The woman then places a fake ISSCDC IT support badge on her hip and walks into the office of Ms. Lou so that she can observe what is on her screen while she pretends to help her. This is an example of a ____, where a malicious actor observes the information on a user's device without their knowledge or consent. She adds an Access Point to the network and gives it the same SSID as the school network. She hopes that unsuspecting users will connect to this ____ so that she can capture their traffic and observe it. This is a form of a ____ where the attacker intercepts communication between two entities. Any threat that originates from within an organization, say a disgruntled employee, or an employee who sells proprietary company info is labelled as a ____. Some insiders may look through trash or dumpsters to see if they can find improperly destroyed sensitive material. This type of social-engineering attack is referred to as a ____. Other more sophisticated attacks may be performed by insiders who attempt to ____ another user. This could involve creating fake credentials, badges, etc. or the careful application of charisma and psychological manipulation tactics. ____ are performed by altering the code used in a database, website, app etc. and redistributing it to users. The goal of these attacks is to alter the behavior of the target and use it to either distribute malware, or transmit sensitive user information such as credit card info, logins, etc. In a ____, the attacker modifies the code used to access a database so that it returns information stored in it to the attacker. SQL is a ____ that is used to query, that is to request, information from databases on the internet. For example the target.com website may use a SQL database to store all target.com user login credentials, credit card info, home addresses etc. If a hacker could modify the database, they could access all of this information! The other code injection attack listed on the exam objectives is a ____, where an attacker modifies a website by inserting malicious code into the website and sending that infected link to users. Once users access the infected website they may download malware or shop on the compromised version of the site, exposing their information to hackers. Websites are written in the ____. The XSS attack is performed by inserting malicious snippets of HTML code into the website, and then redistributing the website URL to potential targets. Vulnerabilities There are several vulnerabilities that malicious actors exploit to install malware and compromise systems and networks. ____ are those that are not compliant with regulations such as PCI-DSS (Payment Card Industry-Data Security Standard) or GDPR. These standards outline procedures and standards that regarding customer data security and privacy that must be upheld. A ____ will not meet these standards and may potentially expose customer data to an attacker, a security vulnerability. An ____ could be exploited in numerous ways, this is why it is important to apply the latest security updates and patches in a timely manner. All systems should have security measures such as anti-virus or a firewall. An ____ that does not have these things is like a house with no doors! Anybody can walk in. If an organization employs a ____, mobile device management (MDM) software should be required to secure employee devices and protect against data loss.

2.5: Social Engineering Attacks, Threats and Vulnerabilities.

by
Print
Embed

Leaderboard

Visual style

Options

Switch template

Continue editing: ?