Session 10: Vulnerabilities Flashcards
1
Q
Types of vulnerabilities?
A
- Hardware Vulnerabilities
- Software Vulnerabilities
- Data Vulnerabilities
2
Q
Hardware vulnerabilities?
A
- Processor Vulnerabilities
* Speculative Execution Attacks
* Side Channel attacks - Firmware vulnerabilities
- Peripheral Device Vulnerabilities
- Embedded System and IoT Devices vulnerabilities
- Supply Chain Attacks
3
Q
Software Vulnerabilities?
A
- SQL Injection
- Cross Site Scripting
- Broken authentication and Session management
- Insecure direct object reference
- Cross site request forgery
- Security misconfiguration
- Insecure cryptographic storage
- Failure to restrict URL access
- Insufficient transport layer protection
- Invalidated Redirects and Forwards
4
Q
Data vulnerabilities?
A
- Insufficient encryption
- Weak authentication and access control
- Insecure storage practices
- Data leakage
- Lack of data backup and recovery
- Third party risks
