Denial of service attack (DoS) ?

A denial-of-service (DoS) attack is a type of cyber attack in which  attacker

meant to shut down a machine or network, making it inaccessible to its
intended users. 

DoS attacks accomplish  (achieve) this by flooding the target with traffic, or
sending it information that triggers a crash. In both instances, the DoS
attack deprives (वंचित करनाDebar), legitimate users (i.e. employees, members,
or account holders) of the service or resource they expected.

There are two general methods of DoS attacks: flooding services or crashing
services. An additional type of DoS attack is the Distributed Denial of
Service (DDoS) attack. 

Flood attacks occur when the system receives too much traffic for the
server to buffer, causing them to slow down and eventually stop.
Popular flood attacks include:

 Buffer overflow attacks – the most common DoS attack. The

concept is to send more traffic to a network address than the
programmers have built the system to handle. It includes the
attacks listed below, in addition to others that are designed to
exploit bugs specific to certain applications or networks

ICMP flood – leverages(laabh uthaata ) misconfigured network

devices by sending spoofed packets that ping every computer on the
targeted network, instead of just one specific machine. The network is
then triggered to amplify the traffic. This attack is also known as the
smurf attack or ping of death.

 SYN flood – sends a request to connect to a server, but never

completes the handshake. Continues until all open ports are
 saturated with requests and none are available for legitimate
users to connect to.

A DDoS attack occurs when multiple systems orchestrate a synchronized

DoS attack to a single target. The essential difference is that instead of
being attacked from one location, the target is attacked from many
locations at once. 

Backdoor Attack?
A backdoor is a typically covert method of bypassing normal authentication or
encryption in a computer, product, embedded device (e.g. a home router)

The backdoor attack is a type of malware that is used to get

unauthorized access to a website by the cybercriminals. The
cybercriminals spread the malware in the system through unsecured
points of entry, such as outdated plug-ins or input fields. The malware
is entered in the system through the backdoor and it makes it ways to
the company’s sensitive data including customer personally
identifiable information.
Smaller and middle-sized businesses are usually attacked by the
backdoor attack as they have fewer resources to close off entry points
and identify successful attacks.

Trapdoor
A trap door is a secret entry point into a program that allows someone that is aware of the trap
door to gain access without going through the usual security access procedures. Trap doors
become threats when they are used by unscrupulous programmers to gain unauthorized
(shameless ) access.

A trap door is an entrance point in an information processing system which circumvents the
normal safety measures.
Sniffing Attack
A sniffing attack is an act of intercepting or capturing data while in transit
through a network.

sniffing attacks focus on stealing customer information. These attacks

are executed behind safe and secure channels. The attacks involve
constantly monitoring and capturing the data transferred via packets in
the network. 

Sniffing attacks are also called “packet sniffing” or “network sniffing”

attacks because the cybercriminals sniff data packets within a network. 

 A data packet is a unit of data sent and received on a network. When

you send an email, for example, your message travels the network in the
form of data packets. And when an attacker sniffs this packet, they
would have access to your email’s content and know who its recipient is.

Types of Sniffing Attacks

Sniffing attacks fall into two categories—active and passive. 

Active sniffing attacks

Active sniffing occurs when an attacker interacts with network traffic as in a

traffic-flooding attack. The victim could detect someone sniffing data from
his/her network during such an attack.
Passive sniffing attacks

Passive sniffing attacks, on the other hand, are more dangerous as victims
may not know that an attacker is spying on them for a long time without
getting detected. In such an attack, an attacker listens in and intercepts
network traffic without interacting with it.

Spoofing Attack?
Spoofing is the act of disguising a communication from an unknown source
as being from a known, 

Spoofing can be used to gain access to a target’s personal information,

spread malware through infected links or attachments, bypass network
access controls,

Spoofing attacks come in many forms, primarily:

 Email spoofing
 Website and/or URL spoofing
 Caller ID spoofing
 Text message spoofing
 GPS spoofing
 Man-in-the-middle attacks
 Extension spoofing
 IP spoofing
 Man-in-the-middle attack
Man-in-the-middle attacks (MITM) are a common type of
cybersecurity attack that allows attackers to
eavesdrop(chhipakar baaten sunana) on the communication
between two targets. The attack takes place in between two
legitimately communicating hosts, 
Man-in-the-middle  attack is a cyberattack where the
attacker secretly relays and possibly alters the
communications between two parties who believe that they
are directly communicating with each other.
Replay Attack?
A replay attack (also known as a repeat attack or playback attack) is
a form of network attack.
Replay Attack is a type of security attack to the data sent
over a network.
In this attack, the hacker or any person with unauthorized
access, captures the traffic and sends communication to its
original destination, acting as the original sender.
The receiver feels that it is an authenticated message but it
is actually the message sent by the attacker. The main
feature of the Replay Attack is that the client would receive
the message twice, hence the name, Replay Attack.

Malware 
Malware is a program or software that is designed to damage and destroy
computers and computer systems. Malware is a contraction for “malicious
software .” Examples of common malware includes viruses, worms, Trojan
viruses, spyware, adware,etc.
Viruses
A virus is the most commonly known malware type that is capable of infecting
(संक्रमित)other files and spreading to other computers. They spread to other
computers by attaching themselves to other programs when a user launches
an infected program. In this sense, they do not spread on their own and
require an unsuspecting user to execute them for the initiation of the malicious
behavior.

Logic bomb
A logic bomb is a piece of code intentionally inserted into
a software system that will set off a malicious function when specified
conditions are met.
A Logic Bomb is a piece of often-malicious code that is intentionally
inserted into software. It is activated upon the host network only when
certain conditions are met.

ORGANIZATION/OPERATIONAL SECURITY

Installing unauthorized software/hardware

Unauthorized software can be a big problem for some companies. Attackers are
constantly looking for vulnerable targets to hack by tricking users into
downloading malicious files. Unauthorized software increases the risk of
outsiders gaining access to sensitive data.
Without the knowledge of agency software, IT managers cannot fully protect their
data and information.

The Department of Homeland Security included Software Asset Management

(SWAM) is in phase one of its Continuous Diagnostic and Mitigation (CDM)
program to put more focus on the problem of unauthorized software. The
objective of SWAM is to give IT administrators visibility into the software installed
and used on their network. By gaining visibility they can remove and manage any
potentially harmful software.
Security awareness
Security awareness has long been a goal of organizations that strive
to provide a safe and secure environment for their employees,
customers, and those who want to defend precious assets.
Security awareness provides a framework of established policies and
procedures that the participants employ by reporting unsafe
conditions, suspicious activity, and noticing general safety breaches.

Security awareness training is a strategy used by IT and security

professionals to prevent and reduce user risk. These programs
are designed to help users and employees understand the role
they play in helping to combat(मक
ु ाबला) information security
breaches(उल्लंघनों). Effective security awareness training helps
employees understand proper cyber hygiene(स्वच्छता). the
security risks associated with their actions and to identify cyber
attacks they may encounter via email and the web.