Common Security Issues 2.3 Flashcards
Authentication Process Issues
Some protocols are not encrypted. FTP, STMP, IMPA, TELNET. Easily intercepted with a packet reading software.
Logs and Event Anomalies
Professionals will gather as much intel as they can about switches, routers, firewalls, servers, your network, etc. The SIEM will correlate data logs from all of your sources. Sometimes you will get random attacks that don’t make a lot of sense.
Permissions Issues
Sometimes the permissions on data will be misconfigured and create a vulnerability.
Access Violations
Sometimes the app developer will make a mistake with their programming where a 3rd party application is trying to access something it’s not supposed to.
Certificate Issues
A certificate can get outdated and become a vulnerability. Applications must perform the proper certificate checks or they will be a vulnerability. Sometimes the developers app will fail to check the security certificates.
Data Exfiltration
People inside your organization may take data out on a USB drive or DVD-ROM.
Misconfigured Devices
Leaving open doors on accident from poor software development, oversight, or outdated software. Additionally running a debut code could give up enough information for the bad guys to get inside. If firewall rules are under-configured, the attackers might find a loophole. Content filters, access points, etc. can all have misconfigurations.
Weak Security Configs
Some security setups are vulnerable through brute force or have too many flaws.
Human Condition
People make mistakes. Going to bad websites, forgetting security protocols, committing policy violations, or having more permissions than they need. Social engineering! Social Media mistakes, emails.
Unauthorized Software
Putting software on a computer connected to your network could create problems. Malware/Spyware or software conflicts that cause apps to misbehave.
Standardization
Keep everything well documented; configuration, logs, alerts, policies etc.
Software License Compliance
Licenses come in various forms through different methodologies. These can get outdated or expire and cause apps to stop working. Data loss can occur in these instances.
Asset Management
Identify all your assets and keep an eye on them Know who, what, where. Track everything and verify that all devices are up to date.