Ch7: Protecting Against Advanced Attacks Flashcards

1
Q

Spoofing attacks

A

typically change data to impersonate another system or person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ARP poisoning attacks

A

attempt to mislead systems about the actual MAC address of a system. Sometimes used in MITM attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DNS poisoning attacks

A

attempt to corrupt DNS data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Amplification attacks

A

A type of DDoS attack that increases the amount of traffic sent to or requested from a victim and can be used against a wide variety of systems, including individual hosts, DNS servers, and NTP servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Brute force attacks

A

Attempt to guess passwords by trying every combination. Online attacks guess the password of an online system. Offline attacks guess the password stored in a file, such as a database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Dictionary attacks

A

use a file of words and common passwords to guess a password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

These protect against brute force attacks

A

Account lockout policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

These can help prevent dictionary attacks

A

Complex passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Pass the hash attack

A

attempts to use an intercepted hash to access an account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Salting

A

adds random text to passwords before hashing them and thwarts many password attacks, including rainbow table attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Hash collision

A

occurs when the hashing algorithm creates the same hash from different passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Birthday attacks

A

exploit collisions in hashing algorithms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

To defeat replay attacks, use

A

timestamps and sequence numbers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Typo squatting/URL hijacking

A

Attackers purchase similar domain names. Users visit the typo squatting domain when they enter the URL incorrectly with a common typo

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Session hijacking attack

A

attacker utlizes the user’s session ID to impersonate the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Domain hijacking attack

A

attacker changes the registration of a domain name without permission from the owner

17
Q

Buffer overflows

A

occur when a program receives more data than it can handle, or receives unexpected data that exposes the system memory

18
Q

Buffer overflow attacks often include

A

nop sleds followed by malicious code. Input validation helps prevent buffer overflow attacks

19
Q

Input validation protects against

A

buffer overflow, SQL injection, command injection, and cross-site scripting attacks

20
Q

Error and exception handling helps

A

protect the integrity of the OS and controls the errors shown to users

21
Q

When errors occur, applications should…

A

show generic errors to the users but log detailed information

22
Q

Static vs dynamic code analysis

A

Static analysis examines the code without running it and dynamic analysis checks the code while it is running

23
Q

Fuzzing

A

sends random strings of data to applications looking for vulnerabilities

24
Q

Stress testing

A

verifies an application can handle a load

25
Q

Sandboxing

A

runs an application within an isolated environment to test it

26
Q

Model verification

A

ensures that the application meets all specifications and fulfills its intended purpose

27
Q

SDLC models

A

Software development life cycle models provide structure for software development

28
Q

Secure DevOps

A

an agile-aligned methodology that stresses security throughout the lifetime of the project

29
Q

Normalization

A

a process used to optimize databases. While there are several normal forms available, a database is considered normalized when it conforms to the first three normal forms

30
Q

SQL injection attacks

A

used to pass queries to back-end databases through web servers. Many attacks use the phrase “ or ‘1’=’1’” to get access

31
Q

XSS

A

Cross-site scripting attacks allow attackers to capture user information such as cookies. Input validation techniques at the server help prevent XSS attacks

32
Q

XSRF

A

Cross-site request forgery scripting causes users to perform actions on web sites, such as making purchases, without their knowledge. In some cases, it allows attackers to steal cookies and harvest passwords