Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

7CCSMSEN Security Engineering > Linux > Flashcards

Linux Flashcards

1
Q

What is an environment attack?

A

Environment is a set of predefined variables that controls the behaviour of the shell. Attacker could manipulate environment, for example “path substitution attack” where attacker modifies PATH to point to a malicious program (which will be executed with privileges of application)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a path traversal attack?

A

When attacker provides a manipulated file path as input that is not sanitised properly, allowing them to gain access to sensitive files.
e.g. using .. to traverse back directories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a symlink attack?

A

When application interacts with files without checking the type and status of the files, so a symlink can be created to e.g. compare a file with itself and mistakenly authenticate attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a command injection attack?

A

If the -exec option is used with the find command then attacker can execute any command they like.
Or if attacker uses special shell characters (e.g. ; for chaining commands) to execute commands

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

7CCSMSEN Security Engineering (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions