Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Comptia A+ Core 2 > 2.4 - Zero-Day Attacks > Flashcards

2.4 - Zero-Day Attacks Flashcards

1
Q

Zero-day attacks

A

Zero-day attacks
* Many applications have vulnerabilities
– We’ve just not found them yet
* Someone is working hard to find the
next big vulnerability
– The good guys share these with developers
* Attackers keep these yet-to-be-discovered
holes to themselves
– They want to use these vulnerabilities for personal gain
* Zero-day
– The vulnerability has not been detected or published
– Zero-day exploits are increasingly common
* Common Vulnerabilities and Exposures (CVE)
– https://cve.mitre.org/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Zero-day vulnerabilities

A
  • December 9, 2021 - Log4j remote code execution
    – Java-based logging utility provided as
    an Apache service
    – Installed on millions of servers
    – Vulnerability introduced on September 14th, 2013
  • December 14th - Fix is released
    – Extensive patching
  • December 17th -
    – Two new issues fixed
    – Everyone is looking for bugs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Comptia A+ Core 2 (69 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions