Threats Vulnerabilities and Mitigations 2.3-2.4 Flashcards

1
Q

Memory Running processes

A

Dynamic Link Libraries
Threads
Buffers
Memory Management functions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Memory injection

A

Add code into the memory of an existing process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DLL injection

A

Dynamic-link library
- A window library containing code and data
Many applications can use this library
-Attackers inject a path to a malicious DLL.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Buffer Overflows

A

Overwriting a buffer of memory additional memory overflows into another area of memory.

Attackers will spend a long of time looking for opening. Not a simple exploit - takes time to avoid crashing things.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Race condition

A

When two events happen at nearly the same events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

TOCTOU

A

Time of check to time of use attack:
Value might change between the time you checked between the time of use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Malicious updates . what is it and how do you follow best practices.

A

Attackers can put malicious code inside the update.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Follow best practices relating to downloading and updating.

A

Look at where the download file is coming from - confirm the source
Download from the site directly
Many operating systems only allowed signed apps .
Automatic updates - Relatively trustworthy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Operating System

A

A foundational computing platform which are remarkably complex.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When does Microsoft release security patches for the OS

A

2nd Tuesday of each the month

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Best Practices for OS vulnerabilities

A

Always update
May require testing before deployment
May require a reboot.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SQL injection (Structured Query Language).

A

A code injection attack where an attacker would put their own code into a data stream

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Cross Site Scripting XSS

A

An attacker sends a link containing a malicious script to the victim.
Victim clicks link and visits legitimate site
Legitimate site loads in the victims browser.
Malicious script sends victims data to attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Hardware vulnerabilities

A

Things like light bulbds, garage doors, ring doorbells. (IOTS).
A Physical device that can be connected to the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Firmware

A

The software inside the hardware. Vendors are the only ones who can fix the hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

EOL or EOSL

A

End of Life: manufacturer stops selling a product, May continue supporting the product.

End of Service Life: manufacturer stops support and sale of the product.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Legacy Platforms

A

Some devices remain installed for a long time, may have older operating systems. May be running end of life software but are critical to the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Virtualisation Security

A

?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Cloud specific Vulnerabilities

A

Cloud adoption - difficult to find a company not using the cloud.

DoS - Denial of Service.
Authentication Bypass
Directory Traversal - Fault configurations put data at risk.
Remove code execution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Supply Chain Risk

A

Attackers can infect any step along the way. One exploit can infect the entire chain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Open Permissions

A

Sometimes data is left open on the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Misconfiguration

A

Inherent vulnerabilities in using the default settings of a software. Default configurations and credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Why are mobile devices hard to secure?

A

Almost always in motion
Relatively small
Constantly connected to the internet
Packed with sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is sideloading

A

The ability to install application outside the scope of the app store.
Malicious apps can be a significant security concern.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Zero day vulnerability
When attackers are able to attach a vulnerability without a patch or method of mitigation because the vulnerability is unknown.
26
Malware
Any time of software which is doing harm to the system. Malicious code
27
Malware Types
Viruses Worms Ransomware Trojan Horse Root Kid Key Logger Spyware Bloatware Logic Bomb
28
Ransomware
Where attackers will encrypt data and then ask you to pay for decryption keys.
29
How to protect the system against Ransomware
Offline backups Up to date system operating system. Up to date applications
30
Worms
This is malware that can reproduce itself. (Wana cry)
31
Virus Types
Program Viruses - Part of the application Boot sector viruses - No operating system needed. Script viruses - Operating system and browser based Macro Viruses - Common in Microsoft office
32
Fileless Virus
Does not require any files which are stored on the storage system. Most antivirus software looking for information to be written to a drive. (Makes it hard to detect)
33
Spyware
Malware that spies on you Can trick you into installing Browser monitoring Keyloggers
34
Bloatware
Apps which are installed by the manufacturer - valuable storage space. Third uninstaller and cleaners may help when attempted to remove bloatware from your system
35
Key loggers
Enraptures key strokes.
36
Logic Bombs
waiting for an event to happen before executing.
37
Rootkit
A rootkit hides itself in the OS itself. Can be invisible to the operating system. Wont see it in task manager. Able to use a rootkit remover.
38
Physical attacks considerations
No password requirements, no physical obstruction to sensitive data, no locks on windows and doors.
39
RFID Cloning
cloning access badges to give the same access as they have.
40
Environmental attacks
Attacking the supporting technology. For examples attacking the cooling systems would cause the temperature of the technology to heat up and will all shut down once they reach too high a temperature.
41
Denial of Service
Forcing a service to fail by taking advantage of a vulnerability or overloading the service.
42
a friendly DOS
Network DoS (Increasing a loop through improper connection of wires) Bandwidth DoS (Downloading multi-gigabyte Linus distributions over a DSL line
43
DDos
Distributed denial of service
44
DDOS examples
Launch an army of computers via botnets to access a websever to use up all the bandwidth or resources. traffic spite
45
DNS Attacks
Attacker gains access to the DNS server to modify the DNS configuration. Modifies the the IP addresses and providers users with alternative IP addresses which may result in users unintentionally loading fake IP addresses.
46
What could an attacker do with URL hijacking
- Make money from mistakes by sell the badly spelled domain to the actual owner - Redirect traffic to competitor -Create a phishing site -Inject with drive-by download.
47
Wireless Dos Attack
Disconnects them from connectivity. Attacker manipulates 802.11 management frames in order to distrust connectivity.
48
Radio Frequency (RF Jamming)
Denial of Service Transmit interfering wireless signals to decrease the signal ratio at the receiving device.
49
On Path Attack (Man in the middle attack).
ARP poisoning On-path browser attack
50
Replay attack
Pass the hash Browser cookies
51
How to protect against malicious code
Anti-Malware Firewall Continuous updates and patches Secure computing habits (Training)
52
Application attacks
Injection of malicious code not stopped by the application.
53
Buffer overflow
Overwriting a buffer of memory, Spills over into other memory areas. Relatively difficult to implement.
54
Priviledge Escaltion
When an attacker is able to get higher-level access to a system to exploit a vulnerability. Attacker would want administer access
55
How to mitigate privilege escalation
- Patch quickly - to fix the vulnerability - Update anti-Virus/ Malware software to block known vulnerabilities. -Data execution Prevention - Address space layout randomisation
56
Cryptographic
The difference between something being secure and insecure depends on the key being used in the encryption process.
57
Birthday attacks
A hash collision is the same hash value for two different paintexts. protect by using a large harsh output size. (MD5 hashing algorithms - had short comings which resulted in collisions)
58
Downgrade attack.
The attacker makes the systems downgrade their cryptography process to a weaker one or to use no cryptography encryption at all
59
SSL striping
An attacker will sit in the middle of victim and webserver and ensure that HTTP requests sent from the victim to the webserver are rewirtten so the victim never uses encryption and the attacker can see data in plain text.
60
Spraying Password attacks
When an attacker goes through mutliple accounts by using the most common passwords such as 123456 or qwerty.
61
Brute force password attacks.
A brute force attack using every password combination until the hash is matched.
62
Indicators of Compromise
- Unusual amount of network activity -Change to file hash values - Irregular international traffic - Changes to DNS data - Uncommon Login Patterns -Spikes pf read requests to certain files
63
Other Indicators of compromise
- Resource inaccessibility -Impossible travel -Resource consumption (Spike in traffic) -Out of cycle logging -missing log -Published documents