Security Flashcards
What is the Principle of Least Privilege?
The Principle of Least Privilege is when users are only given the minimum levels of permissions necessary to perform the intended function. Enforced by the Operating System.
What kind of Permissions does Windows have?
Windows has granular permissions. Allow and deny separately/explicitly. Has “Full Control” option.
What is Buffer Overflow?
Buffer Overflows occur when a process attempts to write data outside the bounds of the buffer. The result is data is written into an area used for some other purpose resulting in the corruption of that memory.
What is a Buffer Overflow attack?
A Buffer Overflow attack is when a program is exploited to access the memory space beyond the buffer, causing it to overwrite adjacent memory locations. It can cause program crashes or execute Arbitrary Code.
What is a Buffer?
A Buffer is a temporary area where data is stored in the main memory (RAM)
What is Arbitrary Code Execution?
Arbitrary Code Execution is an attacker’s ability to run any commands or code of the attacker’s choice on a target machine or in a target process.
What can Arbitrary Code Execution do?
Arbitrary Code Execution can install any code the attacker wants on your computer/phone/smart AI powered toothbrush. It can activate camera, remotely control the device, snoop on emails, steal passwords, credit card details, it can perform privilege escalation
What is Buffer Overread?
The opposite of Buffer Overflow. A Buffer Overread occurs during a read operation. When reading from a buffer, the program goes over the buffer boundary and reads adjacent memory.
What are SQL Injections?
An SQL Injection is a common attack that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed, such as sensitive company data, user lists or private customer details.
What does rooting/jailbreaking a phone do?
Allow privilege escalation, effectively making user a supervisor. It bypasses the file system and OS protections put in place by the device, meaning malicious applications could read and manipulate any data on the device. Changes basic security model of the device.
