Threats, Vulnerabilities, and Mitigation Flashcards
What vulnerability is associated with installing software outside of a manufacturer’s approved software repository?
Side loading
What is it called when you add random data into a one-way cryptographic hash to help protect against password cracking techniques?
Salting
What is a business email compromise attack? (BEC)
An attacker will impersonate a high-ranking authority figure to request sensitive information/actions from employees, like information to a privileged account
What would you deploy to best protect an organization’s internet-facing website from an attacker exploiting a buffer overflow?
WAF (Web Application Firewall)
What is the difference between Phishing and Smishing?
Smishing is a variant of Phishing, but is done over SMS
A company is required to use certified hardware when building networks. What would address the risks associated with procuring counterfeit hardware?
A thorough analysis of the supply chain
What is password spraying?
A type of brute-force attack used to gain access to user accounts by systematically attempting a small number of commonly used passwords against many user accounts
What string would you block to prohibit access to non-encrypted websites?
http://
What is it called when an attacker enables the use of an input field to run commands that can view or manipulate data?
SQL injection
What type of data refers to sensitive information present in an R&D employees day-to-day life?
Intellectual property
A sys admin received an alert from a file integrity monitoring tool that the hash of the cmd.exe file has changed. No patches were applied in recent times. Which attack most likely occured?
Rootkit
What is a mitigation technique for cross-site scripting?
Input validation
What tool can assist with detecting an employee who has accidentally emailed a file containing a customer’s PII?
DLP (Data loss prevention)
What is it called when organizations implement access control policies that restrict or allow access to certain resources based on the geographic location of users and devices?
- Geolocation protection
- Ex. They might limit access to sensitive systems only to users connecting from a specific geographic location
What would be the best way to block unknown programs from executing?
Application allow list
What is code signing?
- A process involves applying a digital signature to software
- Verifies the identity of the developer and ensuring the code has not been altered since it was signed