Threat, Vulnerabilities and Mitigations: Digital System Threats Flashcards
What are the three methods you need to consider when assessing Digital System Vulnerabilities?
When considering application vulnerabilities, there are important factors to consider, including whether an app is client-based or agentless, web- or network-based, and those that are unsupported or have weak credential requirements.
Client and agentless apps
Client-based apps include:
Web browsers
Dedicated software apps
Email clients
Agentless apps include tasks that are executed via “built-in” tools and/or protocols, such as Simple Network Management Protocol (SNMP) and Secure Shell (SSH).
What are the vulnerability considerations for open-service ports?
Using nmap scan output. - you can see what services that are running on the network
Nmap –A –T5 –p 3000 (IP address) - specific information on port 3000
Reviewing the sqli JuiceShop login.
Performing file transfers, such as with Moveit:
People use it are large organizations
Using remote administration: Telnet, SSH, Remote Desktop Protocol (RDP).
Human Error – Administrator should forcing strong MFA and Passwords or enforcing policy.
It’s not uncommon to be using applications that aren’t supported, for a variety of reasons, such as defunct vendors, abandoned open-source projects, or apps that were developed in-house. These can pose vulnerabilities.
What happens to a system when you have weak credentials?
Threats can exist if you don’t enforce a password policy requiring strong password and then multi-factor authentication (MFA)or two-factor authentication (2FA).
Additionally, users shouldn’t be allowed to continue using default credentials nor should you necessarily use hard-coded credentials unless you use good security practices around those.
How are operating systems considered a vulnerability?
Operating-system vulnerabilities
Security weaknesses can exist depending on whether you’re using:
Unpatched systems.
Unsupported systems, such as Ubuntu 16.04 or Windows XP.
A weak password policy.
Some companies can’t upgrade or won’t be able to upgrade due to patch compatibilities and will still run legacy systems and build strong firewalls to secure the OS system.