Cyber Vocab Session 7

1. Authentication (Category: General)

Authentication is the process of verifying the identity of a user, device, or entity to grant access to a system or service.

It typically involves confirming credentials such as passwords, biometric data, or security tokens.

Vulnerabilities in authentication can arise from weak or reused passwords, phishing attacks, and flaws in biometric systems or security tokens.

2. Authorization (Category: General)

Authorization is the process of granting specific access rights and privileges to a user, system, or application within an environment.

It determines what actions or resources the authenticated entity is permitted to access and use.

Vulnerabilities in authorization can include improper access controls, privilege escalation, and inadequate permission management, leading to unauthorized access or actions.

3. IP (Category: Networking)

The Internet Protocol (IP) is a set of rules governing the format of data sent over the Internet or local networks, primarily responsible for addressing and routing packets to their destinations.

IP addresses (Example: 172.16.54.1) are unique numerical labels assigned to each device connected to a network that uses IP for communication, serving as a key identifier for network interface identification and location addressing.

Vulnerabilities associated with IP and TCP include IP spoofing, TCP session hijacking, and SYN flood attacks, which can lead to unauthorized access, data interception, and denial-of-service situations.

4. Smishing (Category: Common Vulnerabilities)

Smishing is a type of phishing attack where the attacker uses text messages (SMS) to deceive recipients into revealing personal information, such as passwords or credit card numbers.

These messages often appear to be from legitimate sources and may contain links to malicious websites or request sensitive information directly.

To prevent smishing, it's essential to avoid clicking on links from unknown sources in text messages, verify the authenticity of the sender, and not provide personal information via SMS or unverified platforms.

5. Man-in-the-middle Attack (Category: Common Vulnerabilities)

A Man-In-The-Middle (MITM) attack occurs when a hacker secretly intercepts and possibly alters the communication between two parties who believe they are directly communicating with each other.

The attacker can capture, modify, and redirect data in real-time, often without the knowledge of the parties involved.

Different examples of MITM attacks include email hijacking, Wi-Fi eavesdropping, DNS spoofing, SSL stripping, and session hijacking.

Scoreboard 🏆

1. aliadansaidomar

2. girish7204777334

3. cyberbored07