Karten 18 Karten
Lernende 1 Lernende
Sprache English
Stufe Universität
Erstellt / Aktualisiert 19.06.2019 / 01.07.2021
Lizenzierung Keine Angabe
0 Exakte Antworten 18 Text Antworten 0 Multiple Choice Antworten
Fenster schliessen

What are the 6 steps in the kill-chain? (phases an attacker goes through)

Lizenzierung: Keine Angabe
  1. Reconnaisance
  2. First Foothold (Spear Phishing, Waterhole)
  3. Dropper as first Backdoor
  4. Lateral Movement
  5. Data Theft
  6. Data Exfiltration
Fenster schliessen

What is malware?

Malware (short for malicious software) is software designed to infiltrate or damge a computer system without the owner's being informed or giving consent. 

Once malware has compromised a system, an attacker can (sometimes fulliy) control the system.

Fenster schliessen

What are typical areas where malware can be used?

Typical areas of malware usage:

  • Cybercrime
  • Espionage
  • Disruption
  • Cyber war
  • Lawful interception
Fenster schliessen

What is the difference between targeted and non targeted malware use?

Opportunistic /non-targeted attacks (~cybercrim): Attack on a large weakly targeted population, often oppertunistic. Even if success rate is low, the absolute number of successful infections and the resulting revenue might be high.

Targeted attacks (~espionage): Attacks that are targeted at few individuals.

Fenster schliessen

What is meant by the tearm infection vector?

Infection vector: refers to the means and techniqyes for delivering a piece of malware onto the victime machine.

Fenster schliessen

Name some examples of technical vulnrabilities.

There are may differen types of technical vulnerabilities:

  • Misconfiguration of firewall, Web server, etc...
  • Weak passwords allow login, and take over
  • Etc...
  • Software vulnerabilities are particularly interesting, since they allow for very powerfull attacks. They may be deployed via different infection vectors.
Fenster schliessen

What is a software vulnerability?

Lizenzierung: Keine Angabe

A software vulnerability is a (sometimes) subtle programming error that triggers when processing maliciously crafted input data provided by an attacker, allowing the attacker to git her code executed in the victim program / process.

In short: Input data is turned into code.

Fenster schliessen

What is meant by the terms (software) exploit and patch?

The malicious data / code that triggers a vulnerability is called a (software) exploit.

patch is a software update that removes a known software vulnerability.