3.2 Analyze and differentiate among types of attacks
DDOS or Distributed Denial Of Service is an attempt to make a computer or network resource unavailable to its intended users, generally consisting of the concerted efforts of a person, or multiple people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.
DoS or Denial of Service is an attempt to make a computer or network resource unavailable to its intended users, generally consisting of the concerted efforts of a person, or multiple people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.
- Smurf attack
Internet spam is essentially no more than electronic junk mail, typically unsolicited. It is usually designed to offer you some form of merchandise or service at a price, but may also be used to conceal security threats.
There are a variety of ways that your email address can become the target of spam. You may have registered to an online service or newsletter of some sort. Generally, these services require an email address for registration. In most cases, your email address is added to a mail list and used for regularly scheduled mailings. In some cases, it may also be added to a larger listing and sold to commercial advertisers. Email address that are posted on websites for contact purposes can also be extracted through the use of programs called "spiders" that scan millions of web pages daily for addresses.
Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information.
- Spear phishing
- Xmas attack
- Privilege escalation
- Malicious insider threat
- DNS poisoning and ARP poisoning
- Transitive access
- Client-side attacks