Module 2: MALICIOUS ATTACKS, THREATS, VULNERABILITIES AND RISK MANAGMENT

It is any item that has value; it generally applies to those items that have substantial value.

It involves the use of hardware and software as key pieces of an organization’s infrastructure.

These viruses harden code that makes it difficult to reverse-engineer and build an antivirus for the malware.

It is a new form of malware linked to a time clock, forcing the victim organization to pay a ransom to prevent its data from being deleted.

It is a specific form of ransomware that encrypts critical files or data until the victim pays a ransom to obtain the decryption keys.

It is harmful malware as it can morph, or change, making it difficult to see and be remediated with antivirus or anti-malware applications.

It is a property that is the center of many organizations; an asset of an organization that can be a unique business process or actual data such as customer data. Examples include patents, drug formulas, engineering plans, scientific formulas, and recipes.

They are among the highest-profile assets in any organization. These assets can take various forms. They can be real financial assets, such as bank accounts, trading accounts, purchasing accounts, corporate credit cards, and other direct sources of money or credit. Alternatively, they can be data that allows access to real financial assets.

It refers to computer applications that provide specific services and availability that help organizations conduct business operations.

It is the time during which a service is not available due to failure or maintenance; it can be intentional or unintentional.

It is a type of downtime that is usually the result of technical failure, human error, or attack.

It is the amount of money a company loses due to downtime. It is usually referred to by organizations as true downtime cost.

It is considered to be one of the most important things that information security professionals try to protect together with brand image. Companies that suffer from security breaches and malicious attacks that expose any assets are likely to face serious negative consequences in the public eye.

It is often described as someone who breaks into a computer system without authorization. Regardless of good or bad, they are considered to be experts and tinkerers, but because of the way the media negatively portrays the term, they are often the subject of some controversy.

They are a type of hacker who tries to break IT security and gain access to systems with no authorization in order to prove technological prowess.

They are a type of hacker, which could also be referred to as an ethical hacker, who has the authorization to identify vulnerabilities and perform penetration testing.

They are a type of hacker with average abilities who may one day become black-hat hackers but could also opt to become white-hat hackers.

They are kind of bad people who break or violate the system or a computer remotely with bad intentions to harm the data and steal it. They have hostile intent, possess sophisticated skills, and may be interested in financial gain.

It is a software program, which could also be referred to as a packet sniffer, that enables a computer to monitor and capture network traffic, whether on a LAN or a wireless network.

It is a tool used to scan IP host devices for open ports that have been enabled. This provides attackers with valuable information that can be used in the attack.

It is a software program that allows an attacker to send a variety of packets to an IP host device, hoping to determine the target device’s operating system (OS) from the responses.

It is a software program that is used to identify and, when possible, verify vulnerabilities on an IP host device. It lists all known software vulnerabilities and prioritizes them as critical, major, or minor.

It is an application that incorporates known software vulnerabilities, data, and scripted commands to “exploit” a weakness in a computer system or IP host device. It is a program that can be used to carry out some form of malicious intent.

It is a computer program that dials telephone numbers, looking for a computer on the other end. The program works by automatically dialing a defined range of phone numbers. It then logs and enters into a database those numbers that successfully connect to the modem.

It is a software program that performs one of two functions: a brute-force password attack to gain unauthorized access to a system or a recovery of passwords stored as a cryptographic hash on a computer system.

It is an equation used to verify the validity of data. Also, It is an algorithm that converts a large amount of data to a single (long) number.

It is a type of surveillance software or hardware that can record to a log file every keystroke a user makes with a keyboard. It might store the log file locally for later retrieval or send it to a specified receiver.

It is any event that results in a violation of any of the confidentiality, integrity, or availability (CIA) security tenets.

They are attacks that result in downtime or the inability of a user to access a system. They impact the availability tenet of information systems security. They are coordinated attempts to deny service by occupying a computer to perform large amounts of unnecessary tasks.

They are a type of DoS attack that uses software flaws to crash or seriously hinder the performance of remote servers.

They are a type of DoS attack that overwhelms the victim’s computer’s CPU, memory, or network resources by sending large numbers of useless requests to the machine.

It is an attack that uses a directed broadcast to create a flood of network traffic for the victim’s computer.

It is a type of DoS attack that also impacts a user’s ability to access a system. It overloads computers and prevents legitimate users from gaining access.

It is the surreptitious electronic monitoring of telephone, telegraph, cellular, fax , or Internet-based communications through the placement of a monitoring device informally known as a bug on the wire in question or through built-in mechanisms in other communication technologies. It can be active, where the attacker makes modifications to the line. It can also be passive, where an unauthorized user simply listens to the transmission without changing the contents.

This type of active wiretapping does not alter the messages sent by the legitimate user but inserts additional messages into the communication line when the legitimate user pauses.

This type of active wiretapping intercepts and modifies the original message by breaking the communications line and routing the message to another computer that acts as a host.

They are hidden access methods implemented by software developers in their programs. They give developers or support personnel easy access to a system without having to struggle with security controls.

They are malicious software programs designed to be hidden from normal methods of detection. They allow an attacker to gain access to a computer system.

It refers to data that are purposely or accidentally modified to impact the integrity tenet of information systems security. These are also considered security breaches.

It is referred to as an unwanted email.

Apart from spam, this consists of instant messages or IM chats.

It is some act intended to deceive or trick the receiver. It normally travels in email messages. Often these messages contain warnings about devastating new viruses.

It is simply a text file that contains details gleaned from past visits to a website.

It is the destruction of property or obstruction of normal operations.

It is the act of spying to obtain secret information, typically to aid another nation state.

It is a type of cryptographic attack that is used to make brute-force attacks of one-way hashes easier. It is a mathematical exploit that is based on the birthday problem in probability theory.

It is an attack where the attacker tries different passwords on a system until one of them is successful.

It is a simple attack that relies on users making poor password choices.

It is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.

It is a type of attack in which the attacker takes control of a session between two machines and masquerades as one of them.

In this type of hijacking, the attacker uses a program to take control of a connection by masquerading at each end of the connection.

In a browser or URL hijacking attack, the user is directed to a different website than what he or she requested, usually to a fake page that the attacker has created. This type of attack is also known as typosquatting.

In session hijacking, the attacker attempts to take over an existing connection between two network computers. The first step in this attack is for the attacker to take control of a network device on the LAN, such as a firewall or another computer, in order to monitor the connection. This enables the attacker to determine the sequence numbers used by the sender and receiver.

It is an attack that involves capturing data packets from a network and retransmitting them to produce an unauthorized effect.

It takes advantage of the multi-hop process used by many types of networks. In this type of attack, an attacker intercepts messages between two parties before transferring them to their intended destination

It is an attack where one user or computer pretends to be another user or computer.

It is an attack that occurs when a host sets its network interface on promiscuous mode and copies packets that pass by for later analysis.

It is an attack that involves tricking authorized users into carrying out actions for unauthorized users. It is the art of one human attempting to coerce or deceive another human into doing something or divulging information.

It is a slang term that describes the activity of a subculture of people who study, experiment with, or explore telephone systems, telephone company equipment, and systems connected to public telephone networks. It is the art of exploiting bugs and glitches that exist in the telephone system.

It is a type of fraud in which an attacker attempts to trick the victim into providing private information such as credit card numbers, passwords, dates of birth, bank account numbers, automated teller machine (ATM) PINs, and Social Security numbers.

It is a type of attack that seeks to obtain personal or private financial information through domain spoofing.

It is malware that attaches itself to or copies itself into another program on a computer. Users copy infected files from another computer on a network, from a flash drive, or from an online service.

It is a self-contained malware that replicates and sends copies of itself to other computers, generally across a network, without any user input or action.

It is malware that masquerades as a useful program.

It is malware that modifies or replaces one or more existing programs to hide traces of attacks.

It is a type of malware that specifically threatens the confidentiality of information. It gathers information about a user through an Internet connection, without his or her knowledge.

It involves performing intrusive monitoring, packet capturing, and penetration tests on a wireless network.

It involves performing intrusive penetration tests on public-facing web servers, applications, and back-end databases.

It is the process of identifying, assessing, prioritizing, and addressing risks. Any organization that is serious about security will view risk management as an ongoing process.

It is a formal analysis of an organization’s functions and activities that classifies them as critical or non-critical.

what does BIA stand for?

It is a written plan for a structured response to any events that result in an interruption to critical business activities or functions.

what does BCP stand for?