CHP 8 Flashcards
EOL
End-of-Life (EOL) Systems: Systems or software that have reached the end of their support lifecycle as defined by the manufacturer. After the EOL date, the manufacturer no longer provides updates, patches, or support.
Legacy Systems: Older systems or software that are still in use but may not be supported or maintained actively. These systems are often based on outdated technologies that may not integrate well with modern systems.
UEFI
Unified Extensible Firmware Interface (UEFI) is a modern firmware interface for computers that provides a flexible and robust environment for booting and managing system settings. UEFI is designed to replace the traditional Basic Input/Output System (BIOS) firmware interface.
Fact
MD5 and SHA-1, once widely used cryptographic hash functions, are now considered insecure due to vulnerabilities that allow for collision attacks
KRACK
KRACK (Key Reinstallation Attacks) is a security vulnerability in the WPA2 (Wi-Fi Protected Access II) protocol, which is widely used to secure Wi-Fi networks. Discovered in 2017, KRACK exploits weaknesses in the WPA2 protocol’s 4-way handshake process, allowing attackers to decrypt and intercept Wi-Fi traffic.
DES
The Data Encryption Standard (DES) algorithm, once a popular symmetric encryption standard, was found to be vulnerable to brute force attacks due to its 56-bit key size. Now AES rules
BEAST
(Browser Exploit Against SSL/TLS):
What it is: An attack that exploits weaknesses in older versions of SSL/TLS encryption used by web browsers.
Impact: Allows attackers to intercept and decrypt secure communications between a browser and a website
POODLE
(Padding Oracle On Downgraded Legacy Encryption):
What it is: An attack that exploits a vulnerability in an older encryption protocol (SSL 3.0) by forcing the use of this less secure protocol.
Impact: Enables attackers to read encrypted information sent over the internet.
Rooting
Gaining superuser-level access over an Android-based mobile device.
sideloading
Installing an app to a mobile device without using an app store.
Fact
Sideloading is generally associated with Android devices utilizing APK (Android Application Package)
fact
Mobile Device Management (MDM) platforms can detect and restrict rooting, jailbreaking, and sideloading
TOCTOU
Time-of-Check to Time-of-Use (TOCTOU) is a type of race condition vulnerability that occurs when a system’s state changes between the time a check is performed on a resource and the time the resource is used.
ASLR
Address Space Layout Randomization (ASLR) A security technique that randomizes the memory addresses used by system and application processes. Think “randomizes memory addresses so hackers cant see where their buffer overflow attack will go”
DEP
Data Execution Prevention (DEP) A security feature that marks certain areas of memory as non-executable. Prevents Buffer Overflow attacks by being preventable
DOM
The Document Object Model (DOM) is a programming interface for web documents. It represents the structure of a document as a tree of objects, allowing programs and scripts to dynamically access and update the content, structure, and style of web pages.
CASB
A Cloud Access Security Broker (CASB) is a security policy enforcement point placed between cloud service users and cloud applications to monitor and enforce security policies. CASBs help organizations secure their data and manage risks associated with cloud services.
SBOM
A Software Bill of Materials (SBOM) is like a detailed list of ingredients for a software application. It shows everything that goes into the software, including parts from other sources.
SCA
Software Composition Analysis (SCA) is a method used to identify and manage open-source components within a software application. It helps ensure that all parts of the software are secure, up-to-date, and compliant with licensing requirements.
OTX
Open Threat Exchange (OTX) is a community-driven platform where security professionals share and collaborate on threat intelligence to help detect and defend against cyber threats.
CTI
cyber threat intelligence (CTI)
The process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources.
fact
Threat data can be packaged as feeds that integrate with a security information and event management (SIEM) platform
ISACs
Information Sharing and Analysis Centers (ISACs) are organizations that collect, analyze, and share critical information about threats and vulnerabilities within specific industries to enhance cybersecurity and resilience.
OSINT
Open-source intelligence (OSINT)
OSINT is used to identify vulnerabilities and threat information by gathering data from many sources such as blogs, forums, social media platforms, and even the dark web.
PCI DSS
Payment Card Industry Data Security Standard (PCI DSS)
The information security standard for organizations that process credit or bank card payments.
NVTs
network vulnerability tests (NVTs)
Network Vulnerability Tests (NVTs) are procedures and tools used to identify security weaknesses and vulnerabilities in a computer network. These tests help organizations find and fix potential security issues before attackers can exploit them.
NVD
The National Vulnerability Database (NVD) is a comprehensive database of information about security vulnerabilities. It is maintained by the National Institute of Standards and Technology (NIST) and provides details on known vulnerabilities in software, hardware, and firmware.
SCAP
Security Content Automation Protocol (SCAP)
SCAP is a set of tools and standards that help computers talk about and manage security issues in a consistent way. Many vulnerability scanners use the Security Content Automation Protocol (SCAP) to obtain feed or plug-in updates
CVE
Common Vulnerabilities and Exposures (CVE) is a dictionary of vulnerabilities in published operating systems and applications software
CVSS
Common Vulnerability Scoring System (CVSS)
A risk management approach to quantifying vulnerability data and then taking into account the degree of risk to different types of systems or information.
EF
Exposure factor (EF)
In risk calculation, the percentage of an asset’s value that would be lost during a security incident or disaster scenario.
environmental variables
In vulnerability assessment, factors or metrics due to local network or host configuration that increase or decrease the base likelihood and impact risk level.
A cybersecurity specialist is preparing to perform a vulnerability scan on an organization’s infrastructure. The organization’s management wants the scan to be as thorough as possible without directly compromising any systems or accessing sensitive data. The cybersecurity specialist considers both credentialed and non-credentialed scans to determine which will best suit the organization’s requirements. In the described situation, if aiming to gather detailed vulnerability data from the system by logging into it using pre-defined accounts, which type of scan is the specialist planning to conduct?
A.Credentialed scan
B.Non-credentialed scan
C.Passive network scan
D.External perimeter scan
A
A cybersecurity specialist is conducting a comprehensive security assessment focusing on the organization’s use of cryptographic technologies and the configuration of its systems to safeguard against vulnerabilities. Which two of the following activities are essential for the specialist to perform to effectively assess the security posture regarding cryptographic algorithms? (Select the two best options.)
A.Evaluating the strength of cryptographic keys
B.Inspecting network traffic for encrypted malicious payloads
C.Checking for default passwords in software applications
D.Reviewing the aesthetics of the user interface
A and B
A leading fintech company plans to migrate its primary financial application to a public cloud environment. Before the transition, the cloud security specialist reviews the application’s architecture to ensure its resistance against potential cloud-based application attacks. Given the specific vulnerabilities associated with cloud platforms, which attack method would be the MOST effective against a cloud-based application that has not appropriately secured its Application Programming Interface (API)?
A.Distributed denial of service (DDoS) against the cloud infrastructure
B.Brute force attack on application user accounts
C.Injection attack targeting the application’s API
D.Social engineering attack on cloud provider personnel
C
A system administrator at a software development company is working on integrating package monitoring into the organization’s vulnerability management strategy. The administrator aims to track software packages and applications to ensure they remain free from vulnerabilities and continue to support the firm’s security framework. As the system administrator incorporates package monitoring into the vulnerability management process, which actions will MOST likely get prioritized to enhance the effectiveness of this approach? (Select the two best options.)
A.Tracking outdated software packages
B.Manually updating software every day
C.Monitoring software repositories for new updates
D.Buying the latest antivirus software every month
A and C
A software development company has recently integrated new tools for dependency analysis and Software Bill of Materials (SBOM) into its development pipeline. The security team ensures that these tools effectively identify and manage vulnerabilities. When leveraging dependency analysis and SBOM tools in a software development environment, which key factors should the security team prioritize to address potential vulnerabilities more efficiently? (Select the two best options.)
A.Recognizing outdated software dependencies
B.Tracking the frequency of software updates
C.Identifying undisclosed open-source components
D.Calculating the software’s runtime speed
A and C
