Upgrade to remove ads
Ch 7 Sec +
Terms in this set (48)
Can associate different MAC addresses to a NIC on a computer using software.
SYN Flood Attack
The attacker sends a bunch of SYN packets but no ACK packets during the TCP handshake causing the server to have open connections consuming resources and blocking any legit connections.
MITM (Man in The Middle)
Active interception or active eavesdropping. A third computer that sits in between two computers and intercepts all traffic without their knowledge. Kerberos helps prevent this.
ARP Poisoning Attacks
Attack that misleads computers or switches about the actual MAC address of a system.
Attempts to modify or corrupt DNS results. Replacing the ip address of google.com to a malicious one.
Another type of attack that manipulates the DNS name resolution process through the host file.
DDoS attack. Increase the amount of traffic sent to or requested from a victim.
1. Brute Force
2. Dictionary Attacks
3. Pass the Hash
4. Birthday Attacks
5. Rainbow Tables
1. Attempts to guess all possible character combinations for a password
2. Uses a dictionary of words and attempts every word in the dictionary to see if it works.
3. The attacker discovers the hash of the users password and then logs on as the user using the hash.
4. The attacker tries to recreate a password that produces the same hash as the users actual password.
5. Attempts to discover the password from the hash using a table of precomputed hashes.
Adding random letters to a password before hashing the password.
When two or more hashes are the same.
An attacker replays data that was already part of a communication session to impersonate the other user.
Known Plaintext Attack
Attack has both plaintext and cipher text. The attacker can determine the decryption method.
Known Cipher Text
Attacker doesnt have any knowledge on the plaintext.
Typo Squatting (URL Jacking)
When someone buys a domain name that is close to a legitmate domain name.
Tricks users into clicking something other than what they think they're clicking.
The attacker ultilizes the users session IDs to impersonate the user and automatically log onto their account.
An attacker changes the registration of a domain name without permissino of the owner
MITB (Man In The Browser)
Proxy trojan horse that infects vulnerable web browsers. Captures session data.
Additional code that can be run instead of the original driver to make older drivers compatable.
Process of rewriting the internal process of the code without changing the external behavior. Usually done to correct softare design problems.
Bug in a computer application that causes the application to consume more and more memory the longer it runs.
Attack attempts to use or create a numeric value that is too big for an application to handle.
Buffer Overflow x90
Occurs when an applications receives more input or different input than it expects. Results in exposed system memory.
Process of using the pointer to access the data array.
DLL is a compiled set of code that an application can use without recreating the code. An attack that injects a DLL into a systems memory and causes it to run.
Code that has been optimized by an application (called a compiler) and converted into an executable file.
Code that is evaluated, interpreted, and executed when the code is run.
Practice of checking data for validity before using it. Prevents malicious code from being interpreted by sanitizing or rejecting the code.
When two or more processes attempt to access a resource at the same time.
Makes sure that an error shown to users is a generic message rather than detailed information
Code that never is executed or used.
Attempts to make something unclear or difficult to understand. Attempts to make the code unreadable.
Software Development Kits
Like a third party library, full of software tools to help you develop code.
Static Code Analysis
Dynamic Code Analysis (fuzzing)
Static - Examines the code without executing it
Dynamic - Checks the code as it is running.(fuzzing sends random data to an application.
Stress testing - Simulates a live environment and determine how efficient an application operates with load.
Sandboxing - isolated area used for testing programs
Model Verification - process of ensuring that software meets specifications and fulfills its intended purposes.
SDLC (Systems Development Life Cycle)
Waterfall - multiple stages from top to bottom. Finish one stage and go to the next and you cannot go back to the previous stage. Lacks flexibility & difficult to revise anything from previous stages.
Agile - uses a set of principles shared by cross functional teams. Emphasizes interaction between customers, developers, and testers.
secure DevOps (security development operations)
Software development process that includes extensive communications between software developers and operations personnel. Stresses security throughout the project.
Helps ensure that developers do not make unauthorized changes. All changes go through a specific predefined process.
Tracks the versions of software as its updated including who made the update and when.
Provisioning vs deprovisioning
Pro - installing an app or create an account
Depro - uninstalling an app or deleting an account
Common Web Servers
Apache - free and runs on linux unix and windows
IIS internet information service - windows service
SQL (Structured Query Language)
Used to communicate with a database. SQL statements read, insert, update, and delete data to and from a database.
Refers to organizing a table or column in a database to reduce redundant data and improve overall performance.
When an attacker enters additional data into the web page form to generate different SQL statements.
A group of SQL statements that execute as a whole, similar to a mini program.
Attacker injects operating system commands into an application using web page forms or text boxes.
XSS (Cross Site Scripting)
XSRF (Cross-Site Request Forgery)
An attack where an attacker tricks a user into performing an action on a web site. The attacker creates a malicious HTML link and tricks the user into clicking it.
A structure used to provide a foundation.
Regulatory - Frameworks based on relevant laws and regulations
Non Regulatory - Frameworks not required by any law.
YOU MIGHT ALSO LIKE...
SY0-501 Chapter 7: Protecting Against Advanced Att…
Official (ISC)² SSCP - Domain 7: Systems and Appli…
Chapter 10 Buffer Overflow
OTHER SETS BY THIS CREATOR
Sec+ Study Terms
Ch 8 Sec+
Ch 6 Sec +
Ch 5 Sec+