CHP 8 Flashcards
EOL
End-of-Life (EOL) Systems: Systems or software that have reached the end of their support lifecycle as defined by the manufacturer. After the EOL date, the manufacturer no longer provides updates, patches, or support.
Legacy Systems: Older systems or software that are still in use but may not be supported or maintained actively. These systems are often based on outdated technologies that may not integrate well with modern systems.
UEFI
Unified Extensible Firmware Interface (UEFI) is a modern firmware interface for computers that provides a flexible and robust environment for booting and managing system settings. UEFI is designed to replace the traditional Basic Input/Output System (BIOS) firmware interface.
Fact
MD5 and SHA-1, once widely used cryptographic hash functions, are now considered insecure due to vulnerabilities that allow for collision attacks
KRACK
KRACK (Key Reinstallation Attacks) is a security vulnerability in the WPA2 (Wi-Fi Protected Access II) protocol, which is widely used to secure Wi-Fi networks. Discovered in 2017, KRACK exploits weaknesses in the WPA2 protocol’s 4-way handshake process, allowing attackers to decrypt and intercept Wi-Fi traffic.
DES
The Data Encryption Standard (DES) algorithm, once a popular symmetric encryption standard, was found to be vulnerable to brute force attacks due to its 56-bit key size. Now AES rules
BEAST
(Browser Exploit Against SSL/TLS):
What it is: An attack that exploits weaknesses in older versions of SSL/TLS encryption used by web browsers.
Impact: Allows attackers to intercept and decrypt secure communications between a browser and a website
POODLE
(Padding Oracle On Downgraded Legacy Encryption):
What it is: An attack that exploits a vulnerability in an older encryption protocol (SSL 3.0) by forcing the use of this less secure protocol.
Impact: Enables attackers to read encrypted information sent over the internet.
Rooting
Gaining superuser-level access over an Android-based mobile device.
sideloading
Installing an app to a mobile device without using an app store.
Fact
Sideloading is generally associated with Android devices utilizing APK (Android Application Package)
fact
Mobile Device Management (MDM) platforms can detect and restrict rooting, jailbreaking, and sideloading
TOCTOU
Time-of-Check to Time-of-Use (TOCTOU) is a type of race condition vulnerability that occurs when a system’s state changes between the time a check is performed on a resource and the time the resource is used.
ASLR
Address Space Layout Randomization (ASLR) A security technique that randomizes the memory addresses used by system and application processes. Think “randomizes memory addresses so hackers cant see where their buffer overflow attack will go”
DEP
Data Execution Prevention (DEP) A security feature that marks certain areas of memory as non-executable. Prevents Buffer Overflow attacks by being preventable
DOM
The Document Object Model (DOM) is a programming interface for web documents. It represents the structure of a document as a tree of objects, allowing programs and scripts to dynamically access and update the content, structure, and style of web pages.
CASB
A Cloud Access Security Broker (CASB) is a security policy enforcement point placed between cloud service users and cloud applications to monitor and enforce security policies. CASBs help organizations secure their data and manage risks associated with cloud services.
SBOM
A Software Bill of Materials (SBOM) is like a detailed list of ingredients for a software application. It shows everything that goes into the software, including parts from other sources.
SCA
Software Composition Analysis (SCA) is a method used to identify and manage open-source components within a software application. It helps ensure that all parts of the software are secure, up-to-date, and compliant with licensing requirements.
OTX
Open Threat Exchange (OTX) is a community-driven platform where security professionals share and collaborate on threat intelligence to help detect and defend against cyber threats.
CTI
cyber threat intelligence (CTI)
The process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources.
fact
Threat data can be packaged as feeds that integrate with a security information and event management (SIEM) platform
ISACs
Information Sharing and Analysis Centers (ISACs) are organizations that collect, analyze, and share critical information about threats and vulnerabilities within specific industries to enhance cybersecurity and resilience.
OSINT
Open-source intelligence (OSINT)
OSINT is used to identify vulnerabilities and threat information by gathering data from many sources such as blogs, forums, social media platforms, and even the dark web.
PCI DSS
Payment Card Industry Data Security Standard (PCI DSS)
The information security standard for organizations that process credit or bank card payments.