Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Software-security > Offensive Security > Flashcards

Offensive Security Flashcards

1
Q

What does CAPEC stand for ?

A

Common Attack Pattern Enumeration and Classification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is CAPEC ?

A

Collection of 500+ attack patterns and techniques

  • Related to CWEs (Common Weakness Enumeration)
  • Link attack (CAPEC-ID) to vulnerability (CWE-ID)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is CAPEC useful for ?

A

Helps in understanding attacks and attackers’ mindset

  • Helps in choosing preventive measures
  • Design application
  • Configure environment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which categories of attack mechanisms exist in CAPEC ?

A
  • Planning of attacks, collection of information
  • Input handling
  • Deceptive interactions, spoofing [authenticity]
  • Injection [integrity]
  • Abuse of existing functionality [availability]
  • Probabilistic techniques: brute force/fuzzing
  • Subversion of access control
  • Manipulation of data structures (internal state)
  • Manipulation of timing and state; race conditions
  • Manipulation of system resources (environment)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are possible Attack vectors ?

A
  • Code (transition function)
  • Internal state
  • Input
  • User (provides code, input)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Fuzzing ?

A
  • Providing random input to program

- Observing how input leads to changes in control flow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the most likely results of fuzzing ?

A
  • Program does not accept input
  • Program crashes (-> availability; integrity)
  • Program reveals data (-> confidentiality)
  • Exception is thrown, security mechanisms are bypassed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is reverse engeneering ?

A

Reverse engineering: find out rules of a machine/program by looking
only at machine/program and its behaviour without access to sourcecode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Where is the main difference between fuzzing and reverse engeneering ?

A

More systematic than fuzzing, uncover code paths that are hard (i.e.
unlikely) to trigger by random input

Insight into program behaviour

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which tools are used in reverse engeneering ?

A
  • Decompiler
  • Disassembler
  • Debugger
  • Virtual machine
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does a decompiler do ?

A
  • Tool that converts machine code into source code

- Original names of methods, parameters, variables often not retrievable from binary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what does a dissassembler do ?

A
  • Tool that converts machine code (machine-readable) into assembly
    language (human-readable)
  • Reveal control flow, call graphs, code patterns
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what does a debugger do ?

A
  • Tool that attaches to and controls processes

- Breakpoints, step-wise execution, internal state (memory)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

what does a virtual machine do ?

A
  • Similar to program execution by debugger

- Observe program behaviour during controlled execution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Software-security (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions