Vulnerabilities Flashcards
What is a vulnerability?
The absence of a countermeasure or a weakness in one
List two mitigations for unpatched/legacy systems
1) Placing them in a secure VLAN
2) Installing host based IPS
Which method to encrypt a communication channel if other methods are limited?
IPSec
What NSA specification addresses methods of spying and protects against them?
TEMPEST
What two mitigation methods can be employed against untrusted users?
1) Perimeter defense
2) Access control and the point of resource access
Input validation into programs can help prevent what type of vilnerability?
Buffer Overflow
How does an attacker carry out a DNS poison attack?
By refreshing the DNS record when it expires with a different address than the correct one.
How can DNS poisoning be mitigated?
By limiting from where a DNS server accepts updates from other DNS servers
What the first step in the hacking process called?
Penetration
Reducing transmission power on an access point and setting it not to broadcast the SSID are two ways to mitigate against what type of vulnerability?
War Driving
If the SSID is not broadcasted, how might an attacker still gain it?
Using a wireless protocol sniffer
What type of wireless attack causes stations to be disconnected from the access point?
De-authentication attack
What devices can locate and alert on rogue access points?
Wireless IPS
What type of wireless attack involves the attacker mimics an organizations AP to connect your users’ computers to their wireless AP for the purpose of a peer-to-peer attack?
Evil Twin
How do wireless stations choose an access point?
Using the SSID
