Network Security Flashcards
SQL injection targets this layer
application
buffer overflow
injects too much info into a form which causes the app to crash, targets application layer
man in the middle attacks target these layers
various
VLAN hopping targets this layer
data link
DoS/DDoS targets this layer
transport
ping of death and ping flood targets this layer
network
SMURF DDoS attack targets these layers (2)
network and transport
deauth attack targets this layer
presentation
RPC exploit targets this layer
session
how to mitigate viruses
antivirus software
how to mitigate worms
don’t download attachments, antivirus software
how to mitigate trojans
firewall software
how to mitigate rootkits
avoid opening suspicious emails, don’t download cracked software, keep OS updated, antimalware w/rootkit detection
how to mitigate ransomware
scan emails for known malware strains, keep firewalls and endpoint protections up to date
how to mitigate a zero day attack
a fix/patch needs to be released
CIA - confidentiality
access to information should be granted on a need-to-know basis
CIA - integrity
information should be kept the same from source to destination
CIA - availability
a company’s services should be available
authentication
who and what are you (1st step)
authorization
what are you allowed to do (2nd step)
accounting
keeps track of what you do (3rd step)
team responsible for defending and securing an org’s IT infrastructure and assets
blue security team
a person who hacks a system without fully understanding what they’re doing (perhaps with downloaded scripts) is a
script kiddie
term is used to describe the likelihood and impact of a threat exploiting a vulnerability
risk
group of security PROFESSIONALS who simulate attacks on a network to identify vulnerabilities
red team
method or tool used to take advantage of a vulnerability
exploit
group in an org that observes penetration testing
white team
when both red and blue teams engage and debrief, they are considered
purple team
