Threats Vulnerabilities and Mitigations 2.3-2.4

Question 1

Memory Running processes

Answer 1

Dynamic Link Libraries
Threads
Buffers
Memory Management functions

Question 2

Memory injection

Answer 2

Add code into the memory of an existing process.

Question 3

DLL injection

Answer 3

Dynamic-link library
- A window library containing code and data
Many applications can use this library
-Attackers inject a path to a malicious DLL.

Question 4

Buffer Overflows

Answer 4

Overwriting a buffer of memory additional memory overflows into another area of memory.

Attackers will spend a long of time looking for opening. Not a simple exploit - takes time to avoid crashing things.

Question 5

Race condition

Answer 5

When two events happen at nearly the same events.

Question 6

TOCTOU

Answer 6

Time of check to time of use attack:
Value might change between the time you checked between the time of use.

Question 7

Malicious updates . what is it and how do you follow best practices.

Answer 7

Attackers can put malicious code inside the update.

Question 8

Follow best practices relating to downloading and updating.

Answer 8

Look at where the download file is coming from - confirm the source
Download from the site directly
Many operating systems only allowed signed apps .
Automatic updates - Relatively trustworthy

Question 9

Operating System

Answer 9

A foundational computing platform which are remarkably complex.

Question 10

When does Microsoft release security patches for the OS

Answer 10

2nd Tuesday of each the month

Question 11

Best Practices for OS vulnerabilities

Answer 11

Always update
May require testing before deployment
May require a reboot.

Question 12

SQL injection (Structured Query Language).

Answer 12

A code injection attack where an attacker would put their own code into a data stream

Question 13

Cross Site Scripting XSS

Answer 13

An attacker sends a link containing a malicious script to the victim.
Victim clicks link and visits legitimate site
Legitimate site loads in the victims browser.
Malicious script sends victims data to attacker

Question 14

Hardware vulnerabilities

Answer 14

Things like light bulbds, garage doors, ring doorbells. (IOTS).
A Physical device that can be connected to the network.

Question 15

Firmware

Answer 15

The software inside the hardware. Vendors are the only ones who can fix the hardware

Question 16

EOL or EOSL

Answer 16

End of Life: manufacturer stops selling a product, May continue supporting the product.

End of Service Life: manufacturer stops support and sale of the product.

Question 17

Legacy Platforms

Answer 17

Some devices remain installed for a long time, may have older operating systems. May be running end of life software but are critical to the network.

Question 18

Virtualisation Security

Answer 18

?

Question 19

Cloud specific Vulnerabilities

Answer 19

Cloud adoption - difficult to find a company not using the cloud.

DoS - Denial of Service.
Authentication Bypass
Directory Traversal - Fault configurations put data at risk.
Remove code execution.

Question 20

Supply Chain Risk

Answer 20

Attackers can infect any step along the way. One exploit can infect the entire chain.

Question 21

Open Permissions

Answer 21

Sometimes data is left open on the internet.

Question 22

Misconfiguration

Answer 22

Inherent vulnerabilities in using the default settings of a software. Default configurations and credentials

Question 23

Why are mobile devices hard to secure?

Answer 23

Almost always in motion
Relatively small
Constantly connected to the internet
Packed with sensitive data

Question 24

What is sideloading

Answer 24

The ability to install application outside the scope of the app store.
Malicious apps can be a significant security concern.

Question 25

Zero day vulnerability

Answer 25

When attackers are able to attach a vulnerability without a patch or method of mitigation because the vulnerability is unknown.

Question 26

Malware

Answer 26

Any time of software which is doing harm to the system. Malicious code

Question 27

Malware Types

Answer 27

Viruses
Worms
Ransomware
Trojan Horse
Root Kid
Key Logger
Spyware
Bloatware
Logic Bomb

Question 28

Ransomware

Answer 28

Where attackers will encrypt data and then ask you to pay for decryption keys.

Question 29

How to protect the system against Ransomware

Answer 29

Offline backups
Up to date system operating system.
Up to date applications

Question 30

Worms

Answer 30

This is malware that can reproduce itself.
(Wana cry)

Question 31

Virus Types

Answer 31

Program Viruses - Part of the application
Boot sector viruses - No operating system needed.
Script viruses - Operating system and browser based
Macro Viruses - Common in Microsoft office

Question 32

Fileless Virus

Answer 32

Does not require any files which are stored on the storage system. Most antivirus software looking for information to be written to a drive. (Makes it hard to detect)

Question 33

Spyware

Answer 33

Malware that spies on you
Can trick you into installing
Browser monitoring
Keyloggers

Question 34

Bloatware

Answer 34

Apps which are installed by the manufacturer - valuable storage space. Third uninstaller and cleaners may help when attempted to remove bloatware from your system

Question 35

Key loggers

Answer 35

Enraptures key strokes.

Question 36

Logic Bombs

Answer 36

waiting for an event to happen before executing.

Question 37

Rootkit

Answer 37

A rootkit hides itself in the OS itself. Can be invisible to the operating system. Wont see it in task manager.

Able to use a rootkit remover.

Question 38

Physical attacks considerations

Answer 38

No password requirements, no physical obstruction to sensitive data, no locks on windows and doors.

Question 39

RFID Cloning

Answer 39

cloning access badges to give the same access as they have.

Question 40

Environmental attacks

Answer 40

Attacking the supporting technology.
For examples attacking the cooling systems would cause the temperature of the technology to heat up and will all shut down once they reach too high a temperature.

Question 41

Denial of Service

Answer 41

Forcing a service to fail by taking advantage of a vulnerability or overloading the service.

Question 42

a friendly DOS

Answer 42

Network DoS (Increasing a loop through improper connection of wires)
Bandwidth DoS (Downloading multi-gigabyte Linus distributions over a DSL line

Question 43

DDos

Answer 43

Distributed denial of service

Question 44

DDOS examples

Answer 44

Launch an army of computers via botnets to access a websever to use up all the bandwidth or resources. traffic spite

Question 45

DNS Attacks

Answer 45

Attacker gains access to the DNS server to modify the DNS configuration.

Modifies the the IP addresses and providers users with alternative IP addresses which may result in users unintentionally loading fake IP addresses.

Question 46

What could an attacker do with URL hijacking

Answer 46

• Make money from mistakes by sell the badly spelled domain to the actual owner
• Redirect traffic to competitor

-Create a phishing site

-Inject with drive-by download.

Question 47

Wireless Dos Attack

Answer 47

Disconnects them from connectivity.

Attacker manipulates 802.11 management frames in order to distrust connectivity.

Question 48

Radio Frequency (RF Jamming)

Answer 48

Denial of Service
Transmit interfering wireless signals to decrease the signal ratio at the receiving device.

Question 49

On Path Attack (Man in the middle attack).

Answer 49

ARP poisoning
On-path browser attack

Question 50

Replay attack

Answer 50

Pass the hash
Browser cookies

Question 51

How to protect against malicious code

Answer 51

Anti-Malware
Firewall
Continuous updates and patches
Secure computing habits (Training)

Question 52

Application attacks

Answer 52

Injection of malicious code not stopped by the application.

Question 53

Buffer overflow

Answer 53

Overwriting a buffer of memory, Spills over into other memory areas.

Relatively difficult to implement.

Question 54

Priviledge Escaltion

Answer 54

When an attacker is able to get higher-level access to a system to exploit a vulnerability. Attacker would want administer access

Question 55

How to mitigate privilege escalation

Answer 55

• Patch quickly - to fix the vulnerability
• Update anti-Virus/
  Malware software to block known vulnerabilities.
  -Data execution Prevention
• Address space layout randomisation

Question 56

Cryptographic

Answer 56

The difference between something being secure and insecure depends on the key being used in the encryption process.

Question 57

Birthday attacks

Answer 57

A hash collision is the same hash value for two different paintexts. protect by using a large harsh output size.

(MD5 hashing algorithms - had short comings which resulted in collisions)

Question 58

Downgrade attack.

Answer 58

The attacker makes the systems downgrade their cryptography process to a weaker one or to use no cryptography encryption at all

Question 59

SSL striping

Answer 59

An attacker will sit in the middle of victim and webserver and ensure that HTTP requests sent from the victim to the webserver are rewirtten so the victim never uses encryption and the attacker can see data in plain text.

Question 60

Spraying Password attacks

Answer 60

When an attacker goes through mutliple accounts by using the most common passwords such as 123456 or qwerty.

Question 61

Brute force password attacks.

Answer 61

A brute force attack using every password combination until the hash is matched.

Question 62

Indicators of Compromise

Answer 62

• Unusual amount of network activity
  -Change to file hash values
• Irregular international traffic
• Changes to DNS data
• Uncommon Login Patterns
  -Spikes pf read requests to certain files

Question 63

Other Indicators of compromise

Answer 63

• Resource inaccessibility
  -Impossible travel
  -Resource consumption (Spike in traffic)
  -Out of cycle logging
  -missing log
  -Published documents