3.8 Attacks & exploits: Attacks on Specialized Systems Flashcards

1
Q

Internet of Things (IoT) Devices: what is it? is it secure?

A

▪ A group of objects that can be electronic or not, which are all connected to the wider internet by using embedded electronic components
▪ IoT devices are not always secured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Internet of Things (IoT) Devices: what protocols the IoT use (7)? Explain each of them

A

▪ Wi-Fi: can be operated in either infrastructure mode or ad hoc mode to create a local area network or a personal area network
▪ Bluetooth: short-range wireless networking technology that can be used by IoT devices
▪ Radio Frequency ID (RFID): Used to interconnect badges and card keys to the network
▪ Near Field Communication (NFC): Enables two electronic devices to communicate when they come within about 4 cm of each other
▪ Infrared: Used for devices that need to communicate using a line of sight communication using light beams inside of the infrared spectrum. Infrared only covers a distance on a relatively low bandwidth solution
▪ Zwave: A short range, low latency data transfer technology that uses less power and has lower data rates than Wi-Fi
▪ ANT+: A technology used for the collection of sensor data from different IoT devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Internet of Things (IoT) Devices: how IoT devices communicate with each others (2)?

A

▪ Machine to Machine (M2M): Involves communication between the IoT device and some other traditional system like a server or a gateway
▪ Machine to Person (M2P): Involves communication between an IoT device and the end user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Internet of Things (IoT) Vulnerabilities: what is the most used OS in IoT devices? is there an issue with the hardware component?

A

o Most IOT devices use an embedded version of Linux or Android as their OS
o Many manufacturers use outdated or insecure hardware components

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Internet of Things (IoT) Vulnerabilities: how to prevent vulnerabilities on IoT devices?

A

Properly install, secure, and segment IOT devices into their own subnet, VLAN, or network outside of the normal IT production network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Internet of Things (IoT) Vulnerabilities: what are the group of vulnerability (5) and give precise vulnerability for each group?

A

1/ Insecure defaults:
● Default login credentials
● No password set
● Number of open ports
● Unauthorized connection
● Firewall being turned off
2/ Hard-coded configurations:
● Self-registering device
● Usernames and passwords in plain text
● Unchangeable settings
3/ Cleartext communication
● Sending data in plain text
4/ Data leakage
5/ Attackers also monitor Bluetooth frequencies being transmitted and conduct eavesdropping: Data modification, Data exfiltration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Internet of Things (IoT) Vulnerabilities: what issue can you have when exploit a vulnerability on IoT?

A

Be careful in which exploits you use since you can inadvertently cause the device to go offline, crash, or malfunction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Embedded Systems: what is an Embedded Systems?

A

▪ A computer system that is designed to perform a specific, dedicated function
▪ Embedded systems can be a simple device or fully complex with the use of operating systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Embedded Systems: what is Programmable Logic Controller (PLC)?

A

▪ A type of computer designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems
▪ PLC firmware can be patched and reprogrammed to fix vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Embedded Systems: what is a Programmable Logic Controller (PLC)?

A

▪ A type of computer designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems
▪ PLC firmware can be patched and reprogrammed to fix vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Embedded Systems: what is a System-on-Chip (SoC)?

A

▪ A processor that integrates the platform functionality of multiple logical controllers onto a single chip
▪ System-on-Chip are power efficient and used with embedded systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Embedded Systems: what is a Real-Time Operating System (RTOS)?

A

▪ A type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks
▪ Embedded systems typically cannot tolerate reboots or crashes and must have response times that are predictable to within millisecond tolerances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

ICS and SCADA Devices: what is an Operational Technology (OT)?

A

▪ Designed to implement an industrial control system rather than business and data networking systems
▪ Technology that interacts with the real world

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Embedded Systems: what is a Field Programmable Gate Array (FPGA)?

A

▪ A processor that can be programmed to perform a specific function by a customer rather than at the time of manufacture
▪ End customer can configure the programming logic to run a specific application instead of using an ASIC (application-specific integrated circuit)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ICS and SCADA Devices: what is Industrial Control System (ICS)?

A

● Provides the mechanisms for workflow and process automation by using embedded devices
● Interconnected ICSs create a distributed control system (DCS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

ICS and SCADA Devices: what is Fieldbus?

A

Links different programmable logic controllers together

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

ICS and SCADA Devices: what is a Programmable Logic Controller (PLC)?

A

Enables automation in assembly lines, autonomous field operations, robotics, and other applications

17
Q

ICS and SCADA Devices: what is a Human-Machine Interface (HMI)?

A

Input and output controls on a PLC that allow a user to configure and monitor the system

18
Q

ICS and SCADA Devices: what is Ladder Logic?

A

Programming language entered into the system through the creation of a graphical diagram used in the PLCs

19
Q

ICS and SCADA Devices: what is Data Historian?

A

Aggregates and catalogs data from multiple sources within an ICS by collecting all the event generated from the control loop

20
Q

ICS and SCADA Devices: what is Supervisory Control and Data Acquisition (SCADA)?

A

▪ A type of ICS that manages large-scale, multiple-site devices and equipment spread over a geographic region from a host computer
▪ Gathers data from and manage plant devices and equipment with embedded PLCs

21
Q

ICS Protocols and Vulnerabilities: what is Controller Area Network (CAN)? What is it vulnerable to?

A

▪ Designed to allow communications between embedded programmable logic controllers
▪ CAN bus protocol operates like an ethernet network
▪ Does not have source addressing or message authentication
▪ Vulnerabilities:
● OBD-II port
● Cellular modem
● Wi-Fi network

22
Q

ICS Protocols and Vulnerabilities: what is Modbus?

A

▪ Gives control servers and the SCADA host the ability to query and change configurations of each PLC over a network
▪ Modbus looks and functions differently than TCP/IP does
▪ Originally known as Modbus RTU and was run over fieldbus networks

23
Q

ICS Protocols and Vulnerabilities: what is Data Distribution Service (DDS)?

A

Provides network interoperability and facilitates the required scalability, performance, and QoS features

24
Q

ICS Protocols and Vulnerabilities: what is Safety Instrumented System (SIS)?

A

▪ Returns an industrial process to a safe state after a predetermined condition was detected
▪ Reduces the severity of an emergency by taking quick action

25
Q

Data Storage Vulnerabilities: what is Direct Attach Storage?

A

Any kind of storage that is attached to a system

26
Q

Data Storage Vulnerabilities: what is Network Attach Storage (NAS)?

A

file-level storage device that is connected to a network. NAS devices are accessed using standar file protocols (NFS, CIFS, SMB). This allow clients to mount (attacher/render dispo) the NAS device as a network drive and access the files stored on the device

27
Q

Data Storage Vulnerabilities: what is Storage Area Network (SAN)?

A

high-speed network that is used to connect storage devices to servers. SAN use block level storage protocols (Fibre Channel, ISCSI) to transport data between storage devices and servers. This allows servers to access data on storage devices as if it were local storage

28
Q

Data Storage Vulnerabilities: what are the vulnerabilities that data storage system are vulnerable to (5)?

A

▪ Misconfigurations: Improper access rights or permissions, Use of default or blank usernames and passwords, Network exposure
▪ Underlying Software Vulnerabilities
▪ Improper Error Messages and Debug Handling
▪ Injection Vulnerability: Command Line Injection, DLL Injection, SQL Injections
▪ Lack of User Input Sanitization

29
Q

Virtual Environments: explain Virtualization

A

A host computer installed with a hypervisor that can be used to install and manage multiple guest OSs or VMs

30
Q

Virtual Environments: explain Hypervisor

A

▪ Manages the distribution of the physical resources of a server to the VMs
▪ Ensure that each VM runs its own OS copy

31
Q

Virtual Environments: explain Virtual Desktop Infrastructure (VDI)

A

▪ Hosts desktop OSs within a virtualized environment hosted by a centralized server or server farm
▪ The server is going to perform all the application processing and data storage

32
Q

Virtual Environments: what are the different type of VDI model (3)?

A

▪ Centralized Model: Hosts all the desktop instances on a single server or server farm
▪ Hosted Model/Desktop as a Service (DAAS): Maintained by a service provider and provided to the end user as a service
▪ Remote Virtual Desktop Model: Copies the desktop image to a local machine prior to being used by the end user

33
Q

Virtual Environments: what is VM Escape type of attack?

A

▪ Occurs when a threat actor attempts to get out of an isolated VM and directly sends commands to the underlying hypervisor
▪ Easier to perform on a Type II hypervisor than a Type I hypervisor
▪ Ensure guest OS, host OS, and hypervisor are patched and up to date
▪ VM to hypervisor or host OS

34
Q

Virtual Environments: what is VM Hopping type of attack?

A

▪ Occurs when a threat actor attempts to move from one VM to another on the same host
▪ VM to VM
▪ Ensure guest OS and hypervisor are patched, up-to-date, and securely configured

35
Q

Virtual Environments: what is Sandbox?

A

Separates running programs to mitigate system failures or software vulnerabilities from spreading

36
Q

Virtual Environments: what is Sandbox Escape type of attack?

A

Occurs when an attacker circumvents sandbox protections to gain access to the protected OS or other privileged processes

37
Q

Virtual Environments: what is Live Migration type of attack? How to prevent from it?

A

▪ Migration of a VM from one host to another even while it is running
▪ VM images should be encrypted prior to being sent from one server to another over the network

38
Q

Virtual Environments: what is Data Remnants type of attack? How to prevent from it?

A

▪ Leftover pieces of data that may exist in the hard drive which are no longer needed
▪ Always encrypt VM storage locations and ensure encryption key is destroyed

39
Q

Virtual Environments: what is VM Sprawl type of attack?

A

Refers to creating Virtual Machine without proper change control procedures

40
Q

Virtual Environments: what is VM Repositories type of attack? How to prevent from it?

A

▪ A place where all VM images and templates are being stored
▪ Always make sure that the templates and images are digitally signed

41
Q

Containerization: what is it?

A

A type of virtualization applied by a host OS to provision an isolated execution environment for an application
● Docker
● Parallels Virtuozzo
● OpenVZ