Weak Points #2 Flashcards

1
Q

Cognitive Password

A

A cognitive password is a form of knowledge-based authentication that requires a user to answer a question, presumably something they intrinsically know, to verify their identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SQL Injection: Breaking a valid SQL Request

A

Use a single quote:
The single quote character (‘) is the character limiter in SQL. With a single quote,’ you delimit strings, and therefore you can test whether the programmer has properly escaped the strings in the targeted application.

If not escaped directly, you can end any string supplied to the application and add other SQL code after it. This is a common technique for SQL injections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

RADIUS

A

Remote Authentication Dial-In User Service (RADIUS) is a networking protocol operating on port 1812 that provides centralized Authentication, Authorization, and Accounting (AAA or Triple-A) management for users who connect and use a network service.

The RADIUS protocol utilizes an obfuscated password created from the shared secret and creates an MD5 hash of the authentication request to protect the communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Data Sanitization: Clearing

A

Clear applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple non-invasive data recovery techniques.

Clearing involves overwriting data once (and seldom more than three times) with repetitive data (such as all zeros) or resetting a device to factory settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Armored Virus

A

A type of virus that use various techniques to protect it from being reverse engineered. This includes changing its code during execution and encrypting its payloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

COPE Policy

A

Corporate Owned, Personally Enabled:
A business model in which an organization provides its employees with mobile computing devices and allows the employees to use them as if they were personally owned

Can facilitate MDM/MAM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cookies: Secure Attribute

A

When a cookie has the Secure attribute, the user agent includes the cookie in an HTTP request only if transmitted over a secure channel (typically HTTPS).

Although seemingly useful for protecting cookies from active network attackers, the Secure attribute protects only the cookie’s confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Port Scanning

A

Using a tool like nmap, an attacker can create an SYN scan across every port in the range against the desired target. A port scan or SYN scan may trigger an alert in your IDS.

While scanners support more stealthy scans, default scans may connect to each port sequentially.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Prepending

A

Used in data URL phishing

Adding code to the beginning of a presumably safe file

Activates when the file is opened

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

XSS Characteristics

A

Exploits the trust a user’s web browser has in a website

A malicious script is injected into a trusted website

User’s browser executes attacker’s script

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Session ID Characteristics

A

A unique identifier assigned by the website to a specific user

A piece of data that can be stored in a cookie, or embedded as a URL parameter

Stored in a visitor’s web browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Null-pointer Dereference

A

An attempt to read a variable value from an invalid memory address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Integer Overflow

A

A programming error where an application tries to store a numeric value in a variable that is too small to hold it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SSRF

A

Server-Side Request Forgery:

Allows an attacker to take control over a server and use it as a proxy for unauthorized actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

XSRF Characteristics

A

Exploits the trust a website has in the user’s web browser

A user is tricked by an attacker into submitting unauthorized web requests

Website executes attacker’s request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Memory Leak

A

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

SSL Stripping is a combination of…

A

Downgrade attack

On-path attack

18
Q

Shimming

A

Alters the external behavior of an application and at the same time does not introduce any changes to the application’s code

19
Q

Refactoring

A

The practice of modifying an application’s code without changing its external behavior

20
Q

Encryption Randomization (2 Methods)

A

IV

Salting

21
Q

Biggest impact on domain reputation:

A

Distribution of spam

22
Q

Threat Actors: Competitors

A

Threat actors that engage in illegal activities to get the know-how and gain market advantage

23
Q

Vulnerability Databases

A

CVE (Common Vulnerabilities & Exposures)

NVD (National Vulnerability Database)

24
Q

TTP

A

Tactics, Techniques, & Procedures:
A key concept in cybersecurity and threat intelligence.

The purpose is to identify patterns of behavior which can be used to defend against specific strategies and threat vectors used by malicious actors.

25
CVSS
Common Vulnerability Scoring System: | An industry standard for assessing the severity of computer system security vulnerabilities
26
DNS Sinkhole
An example of fake telemetry A DNS server that has been configured to hand out non-routable addresses for a certain set of domain names Computers that use the sinkhole fail to access the real site
27
Microservice
Independent and self-contained code components that can be put together to form an application
28
VM Escape Countermeasures
Sandboxing | Patch management
29
SQL Injection Countermeasures
Stored procedures | Input validation
30
HOTP Characteristics
Valid for only one login session Based on a cryptographic hash function & secret cryptographic key Not vulnerable to replay attacks
31
NIC Teaming
The process of combining multiple physical network adapters into a single logical interface for increased throughput and redundancy
32
Restoring from incremental backups (requirements)
All copies of incremental backups made since last full backup Copy of last full backup
33
Sequential-Access Backup Media
Magnetic tapes
34
Non-persistence Characteristics
Last known-good configuration Live boot media Known state reversion
35
Session Affinity
A method that ignores the load balancing algorithm by consistently passing requests from a given client to the same server
36
Transparent Proxy Characteristics
Doesn’t require client-side configuration Redirects client’s requests & responses without modifying them Clients might be unaware of the proxy service
37
Nontransparent Proxy
Modifies client’s requests & responses | Requires client-side configuration
38
MDM: Containerization
The isolation of corporate applications and data from other parts of the mobile device
39
UEM
Unified Endpoint Management: | A software tool that provides a single management interface for mobile devices, PCs, printers, IoT devices and wearables
40
RADIUS Characteristics
Primarily used for network access Combines authentication & authorization Encrypts only the password in the access-request packet
41
TACACS+ Characteristics
Encrypts the entire payload of the access-request packet Primarily used for device administration Separates authentication & authorization