Chapter 7 Flashcards
Protecting Against Advance Attacks
DoS
Denial-of-Service is and attack from a single source that attempts to disrupt the services provided by the attacked system
DDoS
Distributed Denial of Service is an attack on a system launched from multiple sources intended to make a computers resources or services unavailable to users
DDoS attacks typically include sustained, abnormally high network traffic
Escalation
Filler
Privilege
Filler
MAC Spoofing
An attack that changes the source MAC address
IP Spoofing
An attack that changes the source IP address
MITM
Man-in-the-Middle is an attack using active interception or eavesdropping
It uses a third computer to capture traffic sent between two other systems
ARP Poisoning
An attack that misleads systems about the actual MAC address of a system
ARP Request
filler
ARP Reply
filler
DNS Poisoning
An attack that modifies or corrupts DNS results
DNSSEC helps prevent DNS poisoning
DNSSEC
Domain Name System Security Extensions is a suite of extensions to DNS used to protect the integrity of DNS records and prevent some DNS attacks
Amplification Attack
An attack that increases the amount of bandwidth sent to a victim
Brute Force
A password attack that attempts to guess a password
Online brute force attacks guess passwords of online systems
Offline attacks guess passwords contained in a file or database
Dictionary
A password attack that uses a file of words and character combinations
The attack tries every entry within the file when trying to guess a password
Hash
A number created by executing a hashing algorithm against data, such as a file or message
Hashing is commonly used for integrity
Common hashing algorithms are MD5, SHA-1, and HMAC
MD5
Message Digest 5 is a hashing function used to provide integrity
MD5 creates 128-bit hashes, which are also referred to as MD5 checksums
Experts consider MD5 cracked
SHA
Secure Hash Algorithm is a hashing function used to provide integrity
Versions include SHA-1, SHA-2, and SHA-3
Pass the Hash
A password attack that captures and uses the hash of a password
It attempts to log on as the user with the hash and is commonly associated with the Microsoft NTLM protocol
Birthday
A password attack named after the birthday paradox in probability theory
The paradox states that for any random group of 23 people, there is a 50 percent chance that 2 of them have the same birthday
Collision
A hash vulnerability that can be used to discover passwords
A hash collision occurs when two different passwords create the same hash
Rainbow Table
A file containing precomputed hashes for character combinations
Rainbow tables are used to discover passwords
PBKDF2 and bcrypt thwart rainbow table attacks
Salt
A random set of data added to a password when creating the hash
PBKDF2 and bcrypt are two protocols that use salts
Replay Attack
An attack where the data is captured and replayed
Attackers typically modify data before replaying it
Known Plaintext
A cryptographic attack that decrypts encrypted data
In this attack, the attacker knows the plaintext used to create chiphertext
Typo Squatting
The purchase of a domain name that is close to a legitimate domain name
Attackers often try to trick users who inadvertently use the wrong domain name
Also called URL hijacking
Hosting a Malicious Website
filler
Earning Ad Revenue
filler
Reselling the domain
filler
Clickjacking
An attack that tricks users into clicking something other than what they think they’re clicking
Session Hijacking
An attack that attempts to impersonate a user by capturing and using a session ID
Session IDs are stored in cookies
Domain Hijacking
An attack that changes the registration of a domain name without permission from the owner
Man-in-the-Browser
An attack that infects vulnerable web browsers
It can allow the attacker to capture browser session data, including keystrokes
Shimming
A driver manipulation method
It uses additional code to modify the behavior of a driver
Refactoring
A driver manipulation method
Developers rewrite the code without changing the driver’s behavior
Zero-day Vulnerability
A vulnerability or bug that is unknown to trusted sources but can be exploited by attackers
Zero-day attacks take advantage of zero-day vulnerabilities
Memory Leak
An application flaw that consumes memory without releasing it
Integer Overflow
An application attack that attempts to use or create a numeric value that is too big for an application to handle
Input handling and error handling thwart the attack
Buffer Overflow
An error that occurs when an application receives more input, or different input, than it expects
It exposes system memory that is normally inaccessible
Pointer Deference
A programming practice that uses a pointer to reference a memory area
A failed dereference operation can corrupt memory and sometimes even cause an application to crash
DLL Injection
An attack that injects a Dynamic Link Library (DLL) into memory and runs it
Attackers rewrite the DLL, inserting malicious code
Compiled Code
Code that has been optimized by an application and converted into an executable file
Compare with runtime code
Runtime Code
Code that is interpreted when it is executed
Compare with compiled code
Input Validation
A programming process that verifies data is valid before using it
Verifying Proper Characters
Filler
Implementing Boundary or Range Checking
Filler
Blocking HTML Code
Filler
Preventing the use of certain characters
Filler
Race Condition
A programming flaw that occurs when two sets of code attempt to access the same resource
The first one to access the resource wins, which can result in inconsistent results
Error-Handling
A programming process that handles errors gracefully
Errors to users should be general
Fillers
Detailed information should be logged
Filler
Encryption
A process that scrambles, or ciphers, data to make it unreadable
Encryption normally includes a public algorithm and a private key
Compare with asymmetric and symmetric encryption
Authentication
The process that occurs when a user proves an identity, such as with a password
Dead Code
Code that is never executed or used
It is often caused by logic errors
obfuscation
An attempt to make something unclear or difficult to understand
Steganography methods use obfuscation to hide data within data
Static code analyzers
Filler
Dynamic Anlysis
Filler
Stress testing
Filler
Sandboxing
The use of an isolated area on a system, typically for testing
Virtual machines are often used to test patches in an isolated sandbox
Application developers sometimes use the chroot command to change the root directory
Model Verification
Filler
Waterfall
A software development life cycle model using a top-down approach
It uses multiple stages with each stage starting after the previous stage is complete
Compare with agile
Secure DevOps
A software development process using an agile-aligned methodology
It considers security through the lifetime of the project
Security Automation
Filler
Continuous Integration
Filler
Baselining
Filler
Immutable System
Filler
Infrastructure as Code
Filler
Change Management
The process used to prevent unauthorized changes
Unauthorized changes often result in unintended outages
Version Control
A method of tracking changes to software as it is updated
Apache
Filler
Internet Information Services (IIS)
Filler
Normalization
The process of organizing tables and columns in a database
Normalization reduces redundant data and improves overall database performance
Homer Simpson
Filler
Stored Procedures
A group of SQL statements that execute as a whole, similar to a mini-program
Developers use stored procedures to prevent SQL injection attacks
Injection Attack
An attack that injects code or commands
Common injection attacks are DLL injection, command injection, and SQL injection attacks
XSS
A web application vulnerability
Attackers embed malicious HTML or JavaScript code into a web site’s code, which executes when a user visits the site
XSRF
A web application attack
XSRF attacks trick users into performing actions on web sites, such as making purchases, without their knowledge
Framework
A structure used to provide a foundation
Cyber security frameworks typically use a structure of basic concepts and provide guidance to professionals on how to implement security
Regulatory
Filler
Non-regulatory
Filler
National Versus International
Filler
Industry-Specific
Filler
