Bash, the Crucial Exams Chat Bot
AI Bot
Security Threats and Vulnerabilities Flashcards
ISC2 Certified in Cybersecurity (CC) Flashcards
| Front | Back |
| Adware | Software that automatically displays or downloads advertisements, sometimes malicious |
| Botnet | A network of compromised devices controlled remotely to launch attacks like DDoS |
| Brute Force Attack | Attempting to guess passwords or encryption keys through repeated trials |
| Cross-Site Scripting (XSS) | An attack where malicious scripts are injected into trusted websites to target users |
| DDoS Attack | Distributed Denial of Service attack that overwhelms a server or network with traffic to disrupt operations |
| Insider Threat | A security threat originating from within an organization, like careless or malicious employees |
| Malware | Malicious software such as viruses, worms, trojans, or ransomware designed to harm or exploit systems |
| MitM Attack (Man-in-the-Middle) | An attack where attackers intercept and alter communication between two parties |
| Phishing | A social engineering attack where attackers trick users into revealing sensitive information or credentials |
| Privilege Escalation | Exploiting a vulnerability to gain unauthorized access to higher system privileges |
| Rainbow Table Attack | Using precomputed hash values to crack passwords quickly |
| Ransomware | Malware that encrypts data and demands payment for its decryption |
| Shoulder Surfing | Physically observing personal information like passwords or PINs while the victim types |
| Social Engineering | Manipulating individuals to reveal confidential or sensitive information |
| Spyware | Malware that secretly monitors and collects user activity and information |
| SQL Injection | An attack where an attacker inserts malicious SQL queries into input fields to manipulate databases |
| Trojan Horse | A type of malware disguised as legitimate software to gain access to systems |
| Unpatched Software | Software vulnerabilities left unaddressed due to missing updates or patches |
| Weak Passwords | Easily guessable passwords that can expose systems to unauthorized access |
| Zero-Day Vulnerability | A software vulnerability unknown to the vendor, making it exploitable before detection or patching |
Front
Brute Force Attack
Click the card to flip
Back
Attempting to guess passwords or encryption keys through repeated trials
Front
Botnet
Back
A network of compromised devices controlled remotely to launch attacks like DDoS
Front
Trojan Horse
Back
A type of malware disguised as legitimate software to gain access to systems
Front
Rainbow Table Attack
Back
Using precomputed hash values to crack passwords quickly
Front
Malware
Back
Malicious software such as viruses, worms, trojans, or ransomware designed to harm or exploit systems
Front
Phishing
Back
A social engineering attack where attackers trick users into revealing sensitive information or credentials
Front
Shoulder Surfing
Back
Physically observing personal information like passwords or PINs while the victim types
Front
Spyware
Back
Malware that secretly monitors and collects user activity and information
Front
Unpatched Software
Back
Software vulnerabilities left unaddressed due to missing updates or patches
Front
MitM Attack (Man-in-the-Middle)
Back
An attack where attackers intercept and alter communication between two parties
Front
SQL Injection
Back
An attack where an attacker inserts malicious SQL queries into input fields to manipulate databases
Front
DDoS Attack
Back
Distributed Denial of Service attack that overwhelms a server or network with traffic to disrupt operations
Front
Zero-Day Vulnerability
Back
A software vulnerability unknown to the vendor, making it exploitable before detection or patching
Front
Privilege Escalation
Back
Exploiting a vulnerability to gain unauthorized access to higher system privileges
Front
Weak Passwords
Back
Easily guessable passwords that can expose systems to unauthorized access
Front
Social Engineering
Back
Manipulating individuals to reveal confidential or sensitive information
Front
Cross-Site Scripting (XSS)
Back
An attack where malicious scripts are injected into trusted websites to target users
Front
Insider Threat
Back
A security threat originating from within an organization, like careless or malicious employees
Front
Adware
Back
Software that automatically displays or downloads advertisements, sometimes malicious
Front
Ransomware
Back
Malware that encrypts data and demands payment for its decryption
1/20
This deck focuses on identifying and understanding common cybersecurity threats, attack vectors, and system vulnerabilities.