Weaknesses/Vulnerabilities Flashcards

1
Q

Systems are inherently insecure; business processes are not up to date with current security practice, why?

A

Badly written software
Badly written websites
Lack of encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Are applications weaker then operating systems, and if so why?

A

Yes, as applications haven’t developed to the scale of systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Buffer overflow

A

Buffer is allocated memory for input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Main problem for buffer overflow

A

If too much input is provided at once, it isnt checked and can write beyond the memory allocated and into the instructions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which main instructions would some use to get on to there bosses computer?

A

DNS - Server IP
WHOIS - who own that IP
PING - to find which addresses responds
Scan TCP ports of the IP - find a port that is listening and uses the buffer overflow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What applications are easy to exploit

A

Adobe and JavaScript.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is SQL Injection

A

A badly checked input to web databases can let web users modify the database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Weak password is susceptible to?

A

Brute Force attack, enough time it will work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Best ways to defend against attacks

A

Firewalls
Up to date software
good passwords
Sensible use of public WIFI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What do organisations do to keep their systems up to date

A

Penetration Tests
Commission hackers try to hack the systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Example of an SQL statement

A

SQL Statement > SELECT * FROM users WHERE userID = “+ userName”;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly