Acquired Software Security Impact Flashcards
1
Q
Operating system attacks
A
attackers always search for OS vulnerabilities (buffer overflow, OS bugs, unpatched OS)
2
Q
Application level attacks
A
overflow, active content, cross-site script (XSS), DoS, SQL injection, session hijacking, phishing
3
Q
Shrink Wrap Code Attacks
A
exploiting holes in unpatched or poorly configured software you buy and install
4
Q
Misconfiguration attacks
A
target: poorly configured service or device; weak default settings