Create
Learn
Share

Security +

rename
quagss's version from 2018-12-26 23:32

Attacks

Question Answer
Overwriting contents of memory to fuck w/ applicationBuffer overflow
Input validation protects againstSQL injection
Common target of cross-site scriptingDynamic web pages
Modification to change external behaviorShimming
Optimizing existing computer code w/o changing external behaviorRefactoring
WEP vulnerability key attackIV attack
Prevent XSSValidate input, restrict special characters
Cryptographic attack, plaintext & encryptedKPA
BluesnarfingUnauthorized access via bluetooth
Nonresident virusLooks for targets, spreads, and exits
Multipartite virusInfects both executables and MBR
Bot provides originatorVenue to propogate
Principles of SEAuthority, intimidation, consensus, scarcity/urgency, familiarity, trust
Blind vs informed spoofing1 way vs 2 way communication
XSSMalicious client side script causes user to be compromised
DLL injectionLegit processes utilize malicious DLL
TeardropFragmented UDP packets with odd offset
Most common, effective IPSSignature
Achilles heel of signature-based systemsZero-day attacks
Achilles heel of anomaly-based systemsIf they baseline a compromised network
FraggleMassive spoofed UDP traffic to a broadcast address
SmurfSpoofed broadcast ICMP
memorize

Threats

Question Answer
Threat actorIndividual, group, entity contributing to incident
Threat actor attributesMotive, Intent, Capability, Relationship (MICR)
Steps in pentest attackExploit, escalate, pivot, persist
Intrusive vulnerability scanVerify actual vulnerabilities
Race condition occursCode sequences fight over resources
NACBest mitigate the risks associated w/ allowing network access
Anomoly-based IDSLearns network, acts on odd events
Session affinityOnce the LB gives you a target, you stick with it
Signature-based IDSChecks against a database of known vulnerabilties
Heuristic IDSClassifies behavior as benign, suspicious, or unknown
DNSSECFollows chain of trust from lowest-level to TLD
AdHoc superior to WiFi direct becauseSupports upper-level protocols
Context aware authentication is made valuable byRisks of cloud computing & BYOD
Key managementHold encryption keys in a single, secure, managed location
Mobile application managementProvision & control access to available apps
RBACDifferent credentials lands you on a different network
memorize

Misc Q

Question Answer
Resistant to replay attacksIPSec, Kerberos, CHAP
Least vulnerable to attacksAES
Use case for subscription servicesNetwork automation, data analytics
Best used to connect client/host computers, securelySSH
Context-based analysisUtilized by advanced malware tools
Associated w/ certificate issuesAlgorithm mismatch
Exploitation frameworkUsed for pentest & risk assessments
IPsec protocol providing authentication, integrity, & confidentialityESP
Transparent proxyNo configuration, no modification, users not aware
Non-transparent proxyConfiguration, modification, users aware
SFTPSSH file transfer
FTPSFTP done thru SSL
SNMP version that implemented encryption, authentication, and hashingv3
memorize