Sécurité informatique Flashcards

1
Q

Doxing

A

Searching or publishing private or identifying information usually with malicious intent (from docs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Limitation of https

A

Only says the traffic to the website is encrypted but the website can still be malicious

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Privileged accounts

A

Accounts with extensive rights for deploying, debugging, etc.
Controlled by standards like PCI DSS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Types of privileged accounts (5)

A

1 Personal
2 Group
3 Reusable (vaulted and rotated after each use for traceability)
4 System (e.g. access to db)
5 Robotic (to emulate human)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Good practices for privileged accounts (3)

A

1 Someone accountable even for group, etc.
2 Separate standard and privileged for the same person
3 One purpose per p account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Acronym of PCI DSS

A

Payment Card Industry
Data Security Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Phishing targeting at a specific individual

A

Spearphising

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Kafka

A

Apache Kafka is an event broker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Technique classique de hacking

A

Stack buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Méthodes de hacking reposant sur stack buffer overflow (3)

A

En entrant un input (texte utilisateur, page html, image, info reçue pr un port réseau) qui va déborder de la taille mémoire prévue pour le stocker dans la pile, on peut :
- écraser la valeur d’une variable (ex check OK)
- écraser l’adresse de retour pour mener où on veut (ex après checks de sécurité)
- écrire des lignes de codes directement dans la pile

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Virus informatique

A

Exécutable ou morceau de code dans un exe qui se propage (par ex en utilisant le stack buffer overflow pour s’écrire ailleurs). Il ne se propage sur le réseau que par fichier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Ver informatique

A

Comme un virus sauf qu’il va chercher à se propager dans le réseau en attaquant des ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Fonctionnement de base des anti-virus

A

Cherchent les portions de code des virus connus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Virus (informatiques) métamorphiques

A

Virus qui changent l’ordre de leurs instructions ou en rajoutent des inutiles pour que chaque copie soit différente et échapper aux anti-virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Parade des virus informatiques face aux anti-virus

A

Encrypte chaque copie avec une clé différente pour paraître différent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Comment les anti-virus détectent les virus métamorphiques (3)

A

En exécutant le code du suspect pour voir ce qu’il fait
En assignant des checksums aux programmes connus
Repèrent les comportements suspects (ex envoie plus d’e-mails)

17
Q

Type de phishing qui repose sur des noms de domaines mal orthographiés

A

domain spoofing

18
Q

Botnet

A

Robot network: group of infected devices used by cybercriminals

19
Q

“Zero-day” cyberattack

A

Attack on a fault that has just been discovered and provider had no time to address it

20
Q

Nom du texte comme “Getty images” sur les photos + détails

A

Watermarks, peut contenir le nom de la personne qui l’ouvre, l’heure, etc.

21
Q

DRM

A

Digital Right Management
e.g. MS solution where, depending on confidentiality, adds watermark, prevents access, etc.

22
Q

DRM classification

A
  • Public: open to any public w/o restriction (press release, etc.)
  • Confidential: only internal and to partners but wouldn’t harm the company if got out
  • Highly confidential: could harm (RFP, sales data, employee info, etc.). Comes with dedicated access rights
  • Secret: could seriously damage (M&A, etc.). Comes with dedicated access rights