Bash, the Crucial Exams Chat Bot
AI Bot
Threats, Vulnerabilities, and Attack Types (CCNACBR) Flashcards
Cisco CCNA Cybersecurity 200-201 CCNACBR Flashcards
Study our Threats, Vulnerabilities, and Attack Types (CCNACBR) flashcards for the Cisco CCNA Cybersecurity 200-201 CCNACBR exam with 43+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Adware | Unwanted software that displays ads often bundled with freeware; indicators include browser popups and homepage changes; mitigate with user education and reputable software sources |
| Application Layer Attack | DoS that targets application services with valid looking requests to exhaust server resources; indicators include high request rates to specific endpoints; mitigate with application firewalls and request throttling |
| Baiting | Social engineering that offers something appealing to entice victims to act; indicators include found media or unsolicited offers; mitigate with user awareness and removable media controls |
| Botnet | Network of compromised hosts controlled by a C2 server; indicators include coordinated outbound traffic and unusual DNS queries; mitigate with egress filtering and sinkholing |
| Broken Access Control | Flaws allowing users to access resources beyond their privileges; indicators include unauthorized data access and privilege abuse; mitigate with enforce server side authorization and least privilege |
| Brute Force Attack | Repeated attempts to guess credentials by trial; indicators include multiple failed login attempts and lockouts; mitigate with rate limiting and account lockout policies |
| Buffer Overflow | Memory corruption when writing beyond allocated buffer leading to crashes or code execution; indicators include application crashes and abnormal memory behavior; mitigate with bounds checking and modern memory protections |
| Business Email Compromise | Targeted fraud that manipulates corporate finance or data transfers; indicators include unusual payment requests and lookalike domains; mitigate with multi step approval and vendor confirmation |
| Command Injection | Attacker supplies input that is executed as a system command; indicators include unexpected command execution and elevated privileges; mitigate with input validation and principle of least privilege |
| Credential Stuffing | Automated reuse of breached credentials across services to gain access; indicators include many login attempts from varied IPs and reused usernames; mitigate with multi factor authentication and monitoring of login patterns |
| Cross Site Request Forgery | Attack that forces authenticated users to perform unwanted actions; indicators include unexpected state changes after visiting third party sites; mitigate with anti CSRF tokens and same site cookies |
| Cross Site Scripting | Injection of malicious scripts into web pages that run in users browsers; indicators include unexpected scripts in responses and altered page behavior; mitigate with output encoding and content security policy |
| Cryptominer | Malware that uses system resources to mine cryptocurrency; indicators include high CPU GPU usage and overheating; mitigate with resource monitoring and patching |
| Denial of Service | Attack that overwhelms a resource to render it unavailable; indicators include service slowdowns and saturation of capacity; mitigate with rate limiting and redundancy |
| Directory Traversal | Attack that accesses files outside intended directories via path manipulation; indicators include access to sensitive files and unusual file reads; mitigate with canonicalization and access controls |
| Distributed Denial of Service | DoS attack originating from many distributed sources to amplify impact; indicators include traffic spikes from many IPs and geo anomalies; mitigate with DDoS protection services and traffic filtering |
| Fileless Malware | Malware that operates in memory without touching disk; indicators include process injection and unusual PowerShell or WMI activity; mitigate with behavior monitoring and memory forensics |
| Insecure Deserialization | Vulnerability where untrusted serialized data is deserialized leading to code execution or privilege escalation; indicators include unexpected object behavior and arbitrary instantiation; mitigate with strict type checks and safe formats |
| Integer Overflow | Vulnerability when arithmetic overflows lead to incorrect sizes or logic errors; indicators include abnormal lengths and memory corruption; mitigate with bounds checking and safe integer operations |
| Keylogger | Tool that records keystrokes to capture credentials; indicators include unexpected input lag and data exfiltration; mitigate with multi factor authentication and anti malware |
| Lateral Movement | Attacker behavior to move through a network after initial compromise to expand access; indicators include unusual authentication patterns and SMB RDP connections between hosts; mitigate with network segmentation and monitoring of internal authentications |
| Pass the Hash | Technique of using hashed credentials to authenticate without cracking passwords; indicators include use of NTLM hashes and authentication anomalies; mitigate with strong endpoint protections and credential isolation |
| Pass the Ticket | Technique abusing Kerberos tickets to impersonate users and access services; indicators include reuse of tickets and abnormal service access; mitigate with short ticket lifetimes and monitoring of ticket usage |
| Phishing | Generic method of tricking users to disclose credentials or click malicious links; indicators include suspicious sender addresses and urgent language; mitigate with email filtering and user training |
| Pretexting | Social engineering using a fabricated scenario to gain trust and information; indicators include implausible requests for privileged data; mitigate with identity verification and policies |
| Privilege Escalation | Techniques used to gain higher privileges on a system; indicators include new admin accounts and access to restricted resources; mitigate with patching and privilege separation |
| Protocol Attack | DoS targeting protocol weaknesses to exhaust resources such as connection tables; indicators include excessive half open connections and malformed packets; mitigate with protocol hardening and rate limits |
| Quid Pro Quo | Social engineering offering a service or benefit in exchange for access or information; indicators include unsolicited offers to assist with credentials; mitigate with service verification and least privilege |
| Race Condition | Vulnerability from uncontrolled concurrent access to shared resources producing inconsistent states; indicators include intermittent failures and corrupted data; mitigate with synchronization and atomic operations |
| Ransomware | Malware that encrypts or locks data and demands payment; indicators include ransom notes and mass file renaming; mitigate with offline backups and segmentation |
| Remote Code Execution | Vulnerability that allows execution of arbitrary code on a target host; indicators include unexpected processes and new service persistence; mitigate with prompt patching and exploit mitigation controls |
| Rootkit | Malware that hides presence by modifying system internals; indicators include tampered logs and hidden processes; mitigate with integrity monitoring and secure boot |
| Server Side Request Forgery | Attack that causes a server to make unintended requests on behalf of the attacker; indicators include internal service access and outbound requests to internal addresses; mitigate with network segmentation and request validation |
| Smishing | Phishing conducted via SMS messages; indicators include links to short URLs and urgent requests for codes; mitigate with SMS filtering and cautious handling of links |
| Spear Phishing | Targeted phishing tailored to a specific individual or organization; indicators include personalized content and contextual references; mitigate with verification procedures and awareness training |
| Spyware | Malware that harvests sensitive data such as credentials and keystrokes; indicators include unexplained data exfiltration and unknown processes; mitigate with endpoint detection and data loss prevention |
| SQL Injection | Injection of malicious SQL to manipulate backend databases; indicators include unexpected database errors and abnormal query patterns; mitigate with parameterized queries and input validation |
| Trojan | Malware disguised as legitimate software used to deploy other payloads; indicators include unexpected installations and outbound connections; mitigate with application allow listing |
| Use After Free | Memory vulnerability where freed memory is reused causing unpredictable behavior; indicators include crashes and memory corruption artifacts; mitigate with safe memory management and runtime checks |
| Vishing | Voice phishing using phone calls to extract information; indicators include spoofed caller ID and urgent credential requests; mitigate with caller verification and user training |
| Volumetric Attack | DoS that consumes bandwidth or network capacity; indicators include large scale packet floods; mitigate with upstream filtering and scrubbing |
| Webshell | Malicious script uploaded to a web server that provides remote command interface; indicators include new writable files in web directories and unusual web requests; mitigate with upload controls and web application monitoring |
| Worm | Self propagating malware that spreads without user action; indicators include rapid network scanning and multiple infected hosts; mitigate with network segmentation and patching |
About the Flashcards
This collection of study materials is designed to help you master the key ideas and terminology needed for your certification. Flashcards for the Cisco CCNA Cybersecurity exam provide an effective way to review the essential concepts, from threat identification to mitigation strategies. Regular review with these cards will solidify your knowledge of the core principles and definitions, building your confidence and ensuring you are prepared for test day.
The deck offers a thorough overview of critical cybersecurity topics tested on the exam. You will review a wide array of malware types, common social engineering tactics, and various attack vectors like denial-of-service and web application exploits. The content also covers fundamental vulnerabilities related to memory management, insecure deserialization, and broken access control, along with methods attackers use for privilege escalation and lateral movement within a network.
Topics covered in this flashcard deck:
- Malware Types and Characteristics
- Social Engineering Techniques
- Denial-of-Service Attack Vectors
- Web Application and Injection Attacks
- Authentication and Access Control Flaws
- Common System Vulnerabilities