ID: C2 Deep Pt.2

an email-based or web-based form of phishing that targets senior executives or wealthy individuals.

fraudulent practice of sending emails from a seemingly known or trusted sender to induce targeted individuals to reveal confidential information.

an email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim.

social-engineering attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services (VolP).

Whaling

Spear phishing

Phishing

Vishing

CD File System / ISO 9660

legacy file system used for CD optical disc media (CD-ROM and CD-R).

Universal Disk Format / ISO 13346

an updated file system for optical media supporting multisession writing. It is the standard used by Windows, referred to as the Live File System.

NT File System

a Windows file system that supports a 64-bit address space and can provide extra features such as file-by-file compression and RAID support as well as advanced file attribute management tools, encryption, and disk quotas.

File Allocation Table 32bit FAT32

32-bit file system supported by Windows, macOS, and Linux computers.

CD File System (CDFS or ISO 9660)

Universal Disk Format (UDF or ISO 13346)

NT File System (NTFS)

File Allocation Table 32bit FAT32

an extension to TACACS (Terminal Access Controller Access Control System) and was developed as a proprietary protocol by Cisco.

Terminal Access Controller Access Control System

Remote Authentication Dial in User Service

a networking protocol that operates on port 1812 and provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service, but Cisco did not develop it.

is a network authentication protocol designed to provide strong mutual authentication for client/server applications using secret-key cryptography developed by MIT.

Challenge Handshake Authentication Protocol

used to authenticate a user or network host to an authenticating entity.

TACACS+

The Remote Authentication Dial-In User Service (RADIUS)

Kerberos

Challenge-Handshake Authentication Protocol (CHAP)

the most common vulnerability found on both Windows and Linux systems. When a security patch is released, attackers begin to reverse engineer the security patch to exploit the vulnerability.

type of injection in which malicious scripts are injected into otherwise benign and trusted websites.

a software application coding vulnerability that occurs when an attacker injects a CRLF character sequence where it is not expected.

placement of malicious code in SQL statements via web page input. Commonly used against databases, but they are not useful when attacking file servers.

Missing patches

Cross-Site Scripting (XSS)

CRLF injection

SQL injection

stores a single character, such as J, D, or Z. A character data type usually consumes one byte (8 bits) of storage.

stores a group of characters, such as Hello, PYTHON, or JasonDion.

stores a value of TRUE (1) or FALSE (0). It usually consumes only 1 bit of storage (a zero or a one).

stores a whole number, such as 21, 143, or 1024. This data type usually consumes 8 bytes of storage.

Character

String

Boolean

Integer

Wired Equivalent Privacy

encryption system based on the RC4 encryption cipher. This system uses a 40-bit encryption key and a 24-bit initialization vector by default, creating a 64-bit key.

WiFi protected access

improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. This scheme uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme.

WiFi Protected Access Version 2

replaced the original version of WPA after the completion of the 802.11i security standard. It features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks.

does not use an encryption key or preshared key to protect the network

Wired Equivalent Privacy (WEP)

Wi-Fi protected access (WPA)

Wi-Fi protected access version 2 (WPA2)

Open Network

System File Checker

primary administrative tool for defining and controlling how programs, network resources, and the operating system operate for users and computers in an organization.

used to update the group policy settings on a Windows system.

used to display the Resultant Set of Policy (RSoP) information for a remote user and computer. Because you can apply overlapping policy settings to any computer or user, the Group Policy feature generates a resulting set of policy settings when the user logs on. This command displays the resulting set of policy settings that were enforced on the computer for the specified user when the user logged on.

Deployment Image Servicing and Management

used to mount and service Windows images before deployment.

Group Policy

gpupdate command-line tool

gpresult command-line tool

Deployment Image Servicing and Management command-line tool (DISM)

attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The passcode or password is incrementally increased by one letter number each time until the right passcode/password is found.

a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.

a precomputed list of possible hashes used when trying to speed up the process of password cracking.

combines the use of a brute-force attack with a dictionary attack by using words from the dictionary's list as the basis for the brute-force attack.

Brute Force Attack

Dictionary Attack

Rainbow Table

Hybrid Password Cracking Attack

a security posture where the system will only allow an item to traverse the firewall if the traffic matches an existing rule.

a security posture where the system will allow all traffic to traverse the firewall unless there is a specific rule to prevent it.

used to mirror or synchronize directories and their contents. This tool, will check the destination directory and remove files no longer in the main tree. It also checks the files in the destination directory against the files to be copied and doesn't waste time copying unchanged files.

copies all of the files from one directory to another.

used to copy one or more files from one location to another. This command cannot copy files that are 0 bytes long or for copying all of a directory's files and subdirectories.

used in Linux to copy one or more files and directories from one location to another.

The robocopy tool

The xcopy tool

The copy command

The cp command

Simultaneous Authentication of Equals

the dragonfly handshake

Temporal Key Integrity Protocol

WiFi Protected Access Version 3

WiFi Protected Access Version 2

WiFi Protected Access

Wired Equivalent Privacy

has replaced WPA2 as the most secure wireless encryption method. This access version uses the simultaneous authentication of equals (SAE) to increase the security of preshared keys.

replaced the original version of WPA after the completion of the 802.11i security standard. WPA2 features an improved method of key distribution and authentication for enterprise networks, though the pre-shared key method is still available for home and small office networks. WPA2 uses the improved AES cipher with counter mode with cipher-block chaining message authentication protocol (CCMP) for encryption.

an improved encryption scheme for protecting Wi-Fi communications designed to replace WEP. This system uses the RC4 cipher and a temporal key integrity protocol (TKIP) to overcome the vulnerabilities in the older WEP protection scheme.

an older mechanism for encrypting data sent over a wireless connection. This is considered vulnerable to attacks that can break its encryption. WEP relies on the use of a 24-bit initialization vector to secure its preshared key.