Identifies Security Requirements Flashcards
1
Q
Deterrent Controls
A
It is security measures designed to discourage potential attackers or intruders from attempting to breach security
ex: Intalling Security Cameras and alarm systems to deter burglars from breaking in
remembering: Discourage (warn off) aka see cop // Keep Out Signs
2
Q
Detective Controls
A
They are security measures implemented to identify and detect security incidents or breaches after they have occurred
ex: Logging and reviewing access logs to identify unauthorized access attempts
remembering: Detect (find out) aka cop investigates // Security Sleuths
3
Q
Preventive Controls
A
They are security measures implemented to stop security incidents or breaches from occuring.
ex: Installing firewalls and antivirus software to block malicious software and prevent cyberattacks
remembering: Prevent (stop it) aka roadblocks // Security Barriers
4
Q
Proactive Controls
A
It is a preemptive security measure implemented to prevent or mitigate potential risks before they occur.
ex: Conducting security awareness training for employees to educate them about potential threast and how to recongize and report them
remembering: Ahead of the Game
5
Q
Physical Access Control
A
They are security measures designed to restrict and manage physical access to building , rooms, and assets
ex: Locked Doors - Using Key ; Security Guards - Personnel Stationed around ; Surveillance Cameras - Monitoring and Recording Devices
remembering Guardians of the Gate
6
Q
Interception
A
It refers to the unauthorized capture and access of data as it being transmitted over a network.
ex: a hacker would use a packet sniffer to capture and analyze network traffic
usually goes with Confidentiality
remembering: Catching something in transit
7
Q
Interruption
A
It refers to the disruption of the normal functioning of a system, service, or network.
ex: A power outage interrupts the operations of a data center
goes with Intergrity and Availability
remembering: Stopping the flow of something
8
Q
Modification
A
It refers to the unauthorized alteration of data, information of system settings
ex: A hacker alters financial records in a company’s database to commit fruad or hide illegal activites
goes with Intergrity and Availability
remembering: Changing info
9
Q
Fabrication
A
It refers to the act of creating false data, information or events with intent to deceive or mislead
ex: An attacker creates fake log entries in a security system to cover their tracks and avoid detection
goes with Intergrity and Availability
remembering: Making up fake info
10
Q
Confidentiality
A
Protects information from unauthorized access
remembering: Only right people can see it
11
Q
Integrity
A
Ensures data remains accurate and unaltered
remembering: No tampering or corruption
12
Q
Availability
A
Ensures authorized users have reliable access to information
remembering: Available when needed
13
Q
Possession/Control
A
Ensuring that an entity has control or ownership of the information
remembering: If it’s in their hands it’s in their command
14
Q
Authenticity
A
Ensurign that the data, user, or system is genuine and can be verified
remembering: Real of fake???
15
Q
Utility
A
Ensuring that information is useful for its intended purpose
remembering: Useless data helps nada
16
Q
Non-repudiation
q
A
Ensures that actions, transactions, or communications cannot be denied
remembering: Resistance is futile
17
Q
Redundancy
A
It refers to the duplication of critical components, systems or processes within a system or organization to ensure continuous op[eration and fault tolerance
ex: An organization implements redundanct network links and routers to ensure you’re connectivity and minimize downtime in the event of network failures
remembering: Backup Plan B
18
Q
Residual Data
A
It refers to traces or remmants of digital information that remain on storage devices or systems even after attempts have been made to delete or erase them.
ex: Even after formatting a USB driver, residual data may remain in unallocated space, posing a security risk if not properly erased
remembering: Ghost Files
19
Q
Residual Vulnerability
A
It refers to the remaining susceplibility to potential threats or risks that persit after implementing security controls or mitigation mearsures.
ex: After implemnting access controls, the residual vulnerability of social engineering attacks persists, as attackers may still exploit human erro to bypass security measures
remembering: Lingering Weakness
20
Q
Residual Risk
A
It refers to the level of risk that remains after risk mitigation strategies have been implemented.
ex: After implementing safety protocols, the residual risk of workplace accidents still exists, at a residual level
remembering: Leftover Danger
21
Q
Residual Impact
A
It refers to the lingering consequences of effects of a risk even that remain after risk mitigation measures have been implemented.
ex: Following the implementation of a disater recovery plan, the residual impact of a natural disater may include temporary business disruptions and loss of productivity
remembering: Aftermath Residue
22
Q
Principle of Least Privilege
A
It is a security concept that advocates granting users only the minimum levels of access or permissions necessary to perform their job functions.
ex: An IT admin is granted eveated privileges to manage network resources and systems, but access is restricted to specific task essential for their role
remembering: Just Enough Access
23
Q
Data at Rest
A
It is data that is stored but not being used at the moment
remembering: Stored Files
24
Q
Data in Motion
A
It is data that is being sent through emails or somewhere over the network basically moving
remembering: Data Moving
25
Data in Use
It is data being used and edited at that moment
## Footnote
remembering: Editing Data
26
Endpoint Protection
It is a cybersecurity measure implemented to secure individual devices, such as computers, laptops, smartphones and tablets from cyber threats or attacks
## Footnote
remembering: Device Bodyguard
27
Cryptography
It is scence and practice of secure communication in the presence of third parties, often referred to as adversaries. It involes encoding messages or data in such a way that only authorized parties can access an understand them.
ex: SSL/TLS protocols encrypt data transmitted over the internet, safeguarding sensitive information such as credit card details during online transactions
## Footnote
remembering: Coded Secrets
28
Symmetric
It is a cryptographic method where the SAME key is used for both encrption and decryption of data. It's a fast and efficent way to secure communication between two parties.
ex: AES ( Advanced Ecryption Standard) DES ( Data Encryption Standard)
## Footnote
remembering: Shared Secrets
29
Asymmetric
It is also know as public-key cryptography, it is a cryptographic method that uses a pair of keys: a public-key for encryption and a pricate-key for decryption. It provides secure communication between parties without requireing them to share a secret key.
ex: RSA and Digital Signatures
## Footnote
remembering: Lock and Key aka Public-Key
30
RC4 = Rivest Cipher 4
It is a symmertic stream cipher algorithum used for ecryption and decryption of data. It operates by generating a pseudoraudom key stream based on a secret key, which is then XORed with plaintext to produce ciphertext.
ex: A legacy web server emploes RC4 for HTTPS encryption, but modern browsers have depreated support for RC4 due to security concerns
## Footnote
remembering: Risky Cipher 4
31
3DES = Triple Data Encryption Standard
It is a symmetric encryption algoithum that applies the Data Encryption Standard (DES) cipher algorithum three times sequentially with different keys.
ex: An ATM useds 3DES encryption to secure PIN verification and financial transactions
## Footnote
remembering: Triple Security Layer
32
AES = Advanced Ecryption Standard
It is a symmetric encryption algoithum widely used for security sensitive data. It operates by submitting and permuting bytes in a fixed pattern, providing robust security with key lengths of 128, 192, or 256 bits
ex: An online banking website useds AES encryption to protect customer account information during transmission over the internet
## Footnote
remembering: Absolute Encryption Security
33
MD5 = Message Digest Algorithm
It is a widely used cryptogrphic hash function that produces a fixed-sized output ( 128-bit hash value) from veriable-length input data. It is commonly used data integrity verification and password hasing.
ex: A software developer uses MD5 to generage checksums for software downloads to ensure the integrity of the downloaded files
## Footnote
remembering: Make Data 5
34
SHA = Secure Hash Algorithm
It is a family of cryptographic has functions used to generate fixed-size values from input data. It ensure data integrity and security by producing unique hash valces for different inputs. The most common used verzons are SHA-1, SHA-256 or SHA512
ex: A blockchain network used SHA-256 to has blocks of transactions data, ensuring immutability and integrity of the blockchain ledger
## Footnote
remembering: Security Hash Algorithms
35
Shodan
It is a search engine designed to locate devices and systems connected to the internet. It indexes information about various internet-connected devices, including servers, routers, webcams and IoT devices, providing users with detailed insights into that configurations and vulnerabilities
ex: An organization uses Shodan to monitor its internet-facing devices and ensure that they are properly against secured against unauthorized access.
## Footnote
remembering: Search Engine for Internet Doors and Networks
36
PKI = Public-Key Infrastructure
It is a system that manages digital keys and certificates to secure communication over at network by encrypting and decrypting data and authenticating identities.
ex: When you visit a secure website (like your bank), the site sends you its public key to encrypt your data. only the website's private key can decrypt that data, ensuring a secure connection.
## Footnote
remembering: PKI = Public Key, Private decrypt, Infrastructure Trust
37
PGP = Pretty Good Privacy
It is a data encryption and decryption program used for secure communication and file encryption. It comination of symmetic and asymmetric cryptography, allowing users to ecrypt messages and files, as well as digitally sign and verify the authenticity of digital documents
ex: A software developer digitally signs their code using PGP, prodicting assurance of its authenticity and integrity to users
## Footnote
remembering: Pretty Good Protector
38
WPA3 = WiFi Protected Access 3
It is the latest generation of WiFi security protocols designed to enhance wireless network security and encryption. If offers stronger encryption methods, improved authentication mechanisms, and protections against common security vulnerabilities compared to precious WiFi security standards
ex: A home router supports WPA3 encryption, providing secure WifI access for all connected devices
## Footnote
remembering: WiFi Fortified
39
Wkito
It is a web vulnerability scanner that focuses on idnetifying security vulnerabilities in web applications. it helps in detecting common web security issues like SQL injection, cross-site scripting (XSS), and other vulnerabilities by scanning web servers and applications
ex: Scanning websites - scan for common vulnerabilities; web application testing - looking fto identify and fix flaws
## Footnote
remembering: Website Inspector Toolkit
40
Kismet
It is a wireless detection tool used by crybersecurity professionals for detecting, analyzing and monitoring wireless networks. It provides capabilities for indentifying nearby wireles access points, capturing network traffic and analyzing wireless protocols to access the security of wireless networks.
ex: A network administrator utilizes Kismet to monitor wireless network traffic for unauthorized devices or suspiciouse activity, such as rough access points or unauthorized users.
## Footnote
remembering: Wireless Watchers
41
Nessus
It is a widely-used vulnerabilty scanning tool used by crybersecurity professionals to identify security vulnerabilities, misconfigurations and compliance issues in networks, systems andapplications. It provides comprehensive vulnerability assessment capbilities, including scanning, detection, and reporting to help organizatioins to prioritze and remediate security risks
ex: A crybersecurity analyst uses Nessus to perform regular vulnerability scans on the organization's network infrastructure to identify weaknesses and prioritize remediation efforts
## Footnote
remembering: Security Scanner
42
Port Scanner
It is a tool used in crybersecurity to probe a server or host for open ports. It identifies which ports are open, closed or filtered on a networked device, helping to detect potential entry points for attacks or security vulnerabilities
ex: A network administrator uses a port scanner to check for open ports on a firewall to ensure no unnecessory services are exposed
## Footnote
remembering: Digtal Checker
43
Nmap
It is a network scanning tool used by cybersecurity professionals to discover and map network hosts, services and open ports. It provides capabilities for network reconnaissance, vulnerabiltiy assessment, and security auditing by sending packets to target hosts and analyzing their responses
ex: A network administrator uses Nmap to scan their organization's network to identiy active hosts, detect rogue devices, and aduit open ports for petential security vulnerabilitles
## Footnote
remembering: Network Mapper
44
TCPdump
It is a command-line packet analyze tool usedc for network troublshooting and packet capture. It allows users to intercept and display netework traffic passing through a network interface in real-time and save it to a file for later analyse. TCPdump is a commonly used for diagnosing network issues, monitoring network actively and analyzing packet contents
ex: A network adminstrator uses TCPdump to capture network packets on a router interface to diangnose connectivetity issues between two host
## Footnote
remembering: Network Spy
45
Fuzzer
It is a software testing tool used by cybersecurity professionals to identify vulnerabilities and software bugs by automatically generating and sending invalid or unexpected inputs to a target application. By fuzzing input data, fuzzers aim to discover potential security flaws, buffer overflows, or other software vulnerabilities that could be exploited by attackers
ex: A cybersecurity ressearcher uses a fuzzer to send malformed input data to a web application's input fields, aiming to identify injection vulnerabilities such as SQL or cross-site scripting (XSS)
## Footnote
remembering: Busy Bees
46
Core Impact
It is a prenetration testing tool used by cybersecurity professionals to simulate real-woprld attacks and identify vulnerabilities in networks, systems and applications. It provides a comprehensive platform for conducting security assessments, exploiting vulnerabilities, and assessing the impact of potential cyber threats
ex: A cybersecurity consultant uses Core Impact to conduct penetration tests on a client's network, identifying weaknesses in their systems and recommending security improvements
## Footnote
remembering: Cyber Hammer
47
Hping3
It is a command-line tool used for testing and manipulating network protocols, performing packet crafting and conducting network troubleshooting tasks. It provides capabilities for sending custom packets, performing port scanning, and assessing network performance and security
ex: A penetration tester utilizes Hping3 for SYN flood attacks to overwhelm target servers with TCP connection requests and assess their resilience to denial-of-service attacks
## Footnote
remembering: Packet Puppeteer
48
Honeypot
It is a cybersecurity technique involving the creation of a decoy system or network designed to attract and divert attackers. It mimics legitimate systems or services to gather information about cyber threats, monitor attacker behavior, and analyze attack techniques.
ex: A cybersecurity researcher deploys a honeypot network of IoT devices to monitor and maybe analyze malicious activies targeting IoT infrustructure.
| AKA = Rabbit holding honeypot out of Poohs reach
## Footnote
remembering: Trap for Cyber Bears
49
Burp Suite
It is a comprehensive web application security testing tool used by cybersecurity professionals for manual and automated security testing of web applications. It provides a suite of tools for identifying vulnerabilities, analyzing web traffic, and exploiting security weaknesses to enhance the security posture of web applications
ex: A security analyst utilizes Burp Suite's scanning capbilities to perform automated scans of a web application to identify vulnerabilities and misconfigurations
## Footnote
remembering: Web Dector
50
Packet Sniffer
It is a tool used to capture and analyze network traffic in real-time. It intercepts and logs data packets as they pass through a network interface, allowing users to inspect the contents of the packets, including data payloads, headers and protocols
ex: A network administrator uses packet sniffer to troubleshoot network issues by analyzing the data packets to identify sources of congestion or abnormal behavior
## Footnote
remembering: Digital Spy
51
Nikto
It is an open source web server scanner used by cybersecurity professionals to identify potential security vulnerabilities and misconfigurations ain web servers and web applications. It performs comprehensive tests, including checking for outdated software versions, known vulnerabilities, and common security issues.
ex: A penetration tester uses Nikto to scan a client's website for common security vulnerabilities, such as cross-site scripting (XSS) or SQL injection flaws
## Footnote
remembering: Web Detective
52
DMZ
In network security it is a segmented area of a network that sits between an internal trusted network and an external untrusted network, such as the internet. The DMZ is used to host and expost external-facing services while providing a buffer to protect the internet network from direct exposure to potential threats.
ex: Web servers: placing a company's public web server in the DMZ allows exterrnal users to access the website while protecting the internal network from direct exposure.
## Footnote
remembering: Buffer Zone
53
Stateful Firewall
It is a type of network firewall that monitors the state of active connections and tracks the context of packets traveling through it. It maintains a staate table of connection information, allowing it to make access control decisious based on the connection's state, source, destination and other attributes
ex: A stateful firewall allows inbound traffic for estrablished connection initated from within the trusted networks but blocks incoming packets that do not match any established connections
## Footnote
remembering: Connection Keeper
54
Packet Filter
It is a type of firewall that filters network packets busted on criteria such as source and destination IP addresses, ports and protocols. It inspects each packet as it passes through the firewall and makes decisions on whether to allow, block or forward the packet based on predefined filtering rules.
ex: A packet filter firewall allows inbound traffic on port 80 (HTTP) but blocks traffic on port 22 (SSH) to restrict remote access to the network
## Footnote
remembering: Traffic Cop
55
Stateful Packet
It refers to a network packet that is analyzed within the context of its associated connection state. Stateful packet inspection is a firewall technique that monitors the state of active network connections to make decisions about allowing or blocking incoming and outgoing traffic based on predefined rules.
ex: An intrusion detection system (IDS) analysis stateful packets to detect and prevent suspicious network activity that deviates from normal connection behaviour
## Footnote
remembering: Remembered Packets
56
Sandbox
It is a controlled environment where software programs or code can be executed safety, isolated from the rest of the system. It provides a secure space for testing, analyzing or running untrusted applications without risking harm to the underlying system or network
ex: Antivirus software may utilize sandboxes to execute suspcious files in a secure environment, observing their behavior without endangering the users' computer
## Footnote
remembering: Playground for Software
57
Multilevel Access Control
It is a security framework that uses multiple levels of classification to manage access to data and resources. Users and data are assigned different levels of security labels, and access is granted based on the user's clearance level and the data's classification level.
ex: In a military setting, information might classified as "Unclassified", "Confidential", "Secret" or "Top Secret" only users with appropriate clearance level can access data at or below their clearance
## Footnote
remembering: Access by Layers
58
Buffer Overflow
It is a software vulnerability that occurs when a program writes morer data to a buffer, or temperory storage area, than it can hold. This can result in the overflowed data overwriting adjacent memory locations, leading to unpredictable behavior, crashes, or even security vulnerabilities that attackers can exploit.
ex: A buffer overflow in a video player software allows an attack to send a specially certified HTTP request that overflows a buffer, causing the server to crash or execute malicious code.
## Footnote
remembering: Data Overflow
59
Role-Based Access Control
It is a security model where access permissions are assigned to users based on their roles within an organization. Each role has a predefined set of permission that determine what actions the user can perform and what resources they can access
ex: In a company, an "admin" role may have full access to all systems features and data, while a "user" role may only have access to the basic features and their own data
| answer RBAC if ROLE is in question
## Footnote
remembering: Access by Role
60
Mandatory Access Control
It is a security model where access to resources is governed by a central authority based on strict policies. In MAC, users and resrouces are assigned security labels, and access decisions are made based on these labels. Unlike Discretionary Access Control (DAC), users cannot alter permissions, as the rules are enforced by the system
ex: In a governement system, documents may be classified as "Top Secret", "Secret", "Confidential" and only users with the corresponding security clearance can access them
| answer MAC if based off government
## Footnote
remembering: Strict Rules
61
Discretionary Access Control
It is a security model where the owner of the resource(such as a file or database) has the authority to determine who can access it and what kind of access they have. The owner sets the permissions based on their discretion, and these permissions can be modified at any time
ex: In a file-sharing the creator of a document can decide who has permission to read, write or modify the document
| answer DAC if based on owner
## Footnote
remembering: Owners' Choice
62
Attribute-Based Access Control
If is a security framwork where access to resources is granted based on a combination of attributes. These attributes can relate to the user, the resource, the environment, or the action being performed. ABAC provides fine-grained control and allows for complex context -aware polices
ex: A company uses ABAC to allow access to confidential documents only if the user's role is "Manager", they are accessing the daata from a company device, and it is during Business hours
| answer ABAC if based on If-Then rules; Context-based; Conditions; Attrib
## Footnote
remembering: Access by Attributes
63
Rule-Based Access Control
It is also known as Rule-Based Access, is a security policy mechanism where assess permissions are granted or denied to users based on a set of predefined rules. These rules are often based on attributes such as the user's role, time of access, location or the specific type of resources being accessed
ex: In a data management system, rules are set so that only users from specifi IP addresses can access sensitive financial data
| answer RBAC if talks about RULES
## Footnote
remembering: Access by Rules
64
Defense in Depth
It is a security strategy that uses multiple layers of defense to protect information and systems. By deploying a veriety of security measures at different layers, the strategy aims to provide comprehensive protection and mitigate the risk of a single point of failure.
ex: An organization implements firewalls, intrustion detection systems (IDS), and ecrytption to protect it's network, ensuring that even if one defense is bypassed, others remain in place
## Footnote
remembering: Onion Security
65
Denial-of-Service = DOS
It is a type of cryberattack aimed at making a computer system, network or server unavailable to it's intended users by overwhelming it with a flood of illegitimate requests, causing it to crash or become unresponsive
ex: A network is flooded with malicious packets, exhausting its resources and disrupting normal operations
## Footnote
remembering: Traffic Jams
66
Access Control List = ACL
It is a list of permission associated with a system resources that specifies which users or system processes are granted access and the type of access they are allowed. It acts as a security mechanism to regulate access to resources based on perdefinied roles
ex: A router's ACL may allow only certain IP addresses to access a network, blocking other from entering
## Footnote
remembering: Access Permission Slips
67
Authentication
It is the process of verifying the identity of a user or system, ensuring that they are who they claim to be. It typically involves the presentation of credentials, such as passwords, PINs or biometric datas toa gain access to a resources, system or server
## Footnote
remembering: Identity Confirmation
68
Identification
It is the process of verifying the identity of an individual, typically through the presentation of credentials, such as an ID card, username or biometric data. It confirms that they person is who they claim to be, enabling access to resoruces, services or privileges
ex: A security guard checks vistors' ID before granting them access to the restricted area
## Footnote
remembering: Identity Validation
69
Segmentation
It involves dividing a network into smaller, isolated segments or zones to enhance security, optimize performance, and control access. It seperate different parts of the network to limit the scope of potential security breaches and contain the impact of network incidents.
ex: Using VLAN (Virtual Local Area Networks) to separeate departments within a company, such as finance and marketing, to restrict access to sensitive financial information
## Footnote
remembering: Digital Dividers
70
Parkerian Hexad
It is the framwork used in information seucrity to analyze and evaluate the components of security measures. It considts of the six elements: CONFIDENTIALITY, INTEGRITY, AVAILABILITY, AUTHENTICITY, POSSESSION/CONTROL, and UTILITY, providing a comprehensive approach to understanding security requirements.
ex: A biometric authentication system verifies the authenticity of a users' identitees using unique physiological features, ensuring possession by requireing physical presence, and providing ulitiy by enabling confenient access to authorized resources
## Footnote
remembering: CIAA PU
71
Brewer and Nash Model
It is also known as the Chinese Wall Model, it is a security model designed to prevent cconflict of interest in organizations handling sensitive information. It enforces rules based on the user's past access, ensuring that users cannot access conflicting information. Specifically, once a user accesses data from one company or subject, they are restricted from accessing data from competing entiies to prevent misuse or bias
ex: In a financial consulting firm, if an analyst accesses financial information from Company A, they are then restricted from accessing financial information from competing Company B, ensuring inpartiality and preventing conflict of interest.
## Footnote
remembering: Protective Barrier
72
Bell-LaPadula Model
It is a security model focused on data confidentiality and controlled access to classified information. It enforces two main principles: the "No Read Up" (simple Security Property) and "No Write Down" (Star * Property) rules. This means that subjects (users) cannot read data at a higher security level than their own (no read up) and cannot write data to a lower security leverl (no write down). the model is primarily used in environments where protecting sensitive information is critical
ex: In a goverment, a user with "Confidential" clearance cannot access "Secret" or "Top Secret" data (no read up), and cannont downgrade classifed data to "Unclassified" (no write down)
| it's all about Secrecy
## Footnote
remembering: Security Ladder
73
Biba Model
In this model it is focused on maintaining data integrity, ensuring that information is not altered in an unauthorized manner. It operates on two main principles: the "No Write Up" and "No Read Down" rules. This means that subjects (users) cannot write to higher integerity level (to prevent corrupting more trustworthy data) and cannot ready data from a lower integrity level (to prevent using trustworthy data). The Biba Model is often used in scenarios where data accuracy and trustrworthiness are critical
ex: In financial system, an entry-level employee cannot modify financial statements (no writ up), and financial analysts cannot base their reports on unverified data sources (no read down)
| it's all about Accuracy
## Footnote
remembering: Integrity Shield
74
What is Redundant Array of Inexpensive Disks?
RAID is a strage technology that combines multiple physical hard drives into a single logical unit to improve performance, increase storage capacity and provice redundancy. RAID uses configurations or "Levels" to balance these aspects based on specific needs
ex: Raid 0 - stripes data across multiple disks to increase preformance
ex: Raid 1 - Mirror data across multiple disks for high redundancy
ex: Raid 5 - Stripes data and parity information across multiple disks
ex: Raid 10 - combines both RAID 0 and RAID 1
## Footnote
remembering: Disk Arrays with backup
75
What is OpenVAS (Open Vulnerability Assessment System)?
It is an Open-Source vulnerability scanning and management tool used to idenitify security vulnerabilities in networks, systems and applications. It provides automated scanning capabilities, vulnerability detection, and preporting to help organizations assess and renediate security risks.
ex: A cybersecurity team integrates OpenVAS into their security testing workflow to perform regular scans and prioritize remediation efforts based on identified vulnberabilities
## Footnote
remembering: Security Radar
76
What is Client-Side Attack?
It is a type of cyberattack that targets vulnerabilities in client-side softwareor applications, typically running on end-user devices such as computers, smartphones, or web browsers. These attacks exploit weaknesses in software or user interaction to compromise the security of the device or extract sensitive information
ex: A website serves malicious code through an updated browser vulnerability, allowing attackers to excute scripts on visitor's devices without their knowledge.
## Footnote
remembering: End-User Ambush
77
What is Server-Side Request Forgery (SSRF)?
It isa web security vulnerability that allows attackers to manipulate the server into making unauthorized requests to other internal or external resources. Attackers can exploit SSRF to access sensitive information, pivot within a network, or perform other malicious actions.
ex: By exploiting SSRF, an attacker forces a server to make requests to external services, such as cloud meta data servers, to retrieve sensitive information like access credentials.
## Footnote
remembering: Server-Side Rogue
78
What is Metasploit?
It is a penetration testing framwork by cybersecurity professionals for exploiting security vulnerabilities, conducting penetration tests, and developing and executing security assessments. It provides a suite of tools and resources for identifying, exploiting and mitigating security weaknesses in networks, systems and applications.
ex: A seuciry consultant utilizes metasploit to conduct simulated cyberattacks on a client's network to identify weaknesses and recommand security improvements
## Footnote
remembering: Cyber Arsenal
79
What is Black Box?
In cybersecurity it refers to a testing method where the tester has limited or no knowledge of the internal workings or architecture of the system being tested. This apporach simulates an attacker's perspective, focusing on assessing the system's external behavior and vulnerabilities without access to its internal code or design.
ex: A security consultant conducts a black box assessment of a network firewall, attempting to identify potential weaknesses in its configurations and rule sets without access to its internal policies.
## Footnote
remembering: Blindfold Testing
80
What is White Box?
It is known as a clear box or glass testing, it is a testing method where the tester has full knowledge of the internal workings, architecture, and source code of the system being tested. This apporach allows for comprehensive testings of the internal logic, paths, and structures to identify potential vulnerabilities and ensure thorough test coverage.
ex: A security analyst conducts a white box assessment of a web application, examining its source code and ddata base scheme to identify security weaknesses and design flaws
## Footnote
remembering: Transparent Testing
81
What is Gray Box?
It is a testing method that combines elements of both Black Box and White Box testing. In Gray Box testing, the tester has partial knowledge of the internal workings and architecture of the system being tested, allowing for a balance between assessing external behavior and leveraging some knowledge of internal logic for more targeted tested.
ex: In a Gray Box penetration test, the tester is provided with some information about the target network's architecture and security controls, enabling them to conduct more targeted attacks while still simulating an attacker's perspective
## Footnote
remembering: Shaded Testing
82
What is Ethical Hacking?
It is also known as penetration testing or white hot hacking, is the practice of deliberately identifying and exploiting vulnerabilities in computer systems, networks or applications with the permission of the system owner. Ethical hackers use their skills and knowledge to simulate real-world cyber attacks, access security controls and identify weaknesses to help organziations improve their security posture and protect against malicous threats.
ex: A cybersecurity firm conducts an ethical hacking engagement for a financial insitution, attempting to prenerate the organziations network defenses to identify weaknesses and recommend security enchancements.
## Footnote
remembering: White Hate Hero
