Security+ Chapter 7 "Remember This"
Remember This 3
A SYN flood attack disrupts the TCP initiation process by withholding the third packet of the TCP three-way handshake. Flood guards protect against SYN flood attacks.
Remember This 17
A client-side attack uses an application on the client computer, such as a web browser. A transitive access attack attempts to access a back-end server through another server. A SQL injection attack is an example of a transitive access attack that can bypass many other security controls.
Remember This 1
A denial-of-service (DoS) attack is an attack from a single source that attempts to disrupt the services provided by another system. A distributed denial-of-service (DDoS) attack includes multiple computers attacking a single target. DDoS attacks typically include sustained, abnormally high network traffic.
Remember This 5
Account lockout policies protect against online brute force password attacks. Complex passwords of sufficient length protect against offline brute force attacks.
Remember This 8
Attackers purchase similar domain names in typo squatting attacks for various malicious purposes. Users visit the typo squatting domain when they enter the URL incorrectly with a common typo.
Remember This 13
Attackers use SQL injection attacks to pass queries to back-end databases through web servers. Many SQL injection attacks use the phrase ' or '1'='1' - to trick the database server into providing information. Input validation and stored procedures reduce the risk of SQL injection attacks.
Remember This 12
Buffer overflows occur when an application receives more data than it can handle, or receives unexpected data that exposes system memory. Buffer overflow attacks often include NOP instructions (such as x90) followed by malicious code. When successful, the attack causes the system to execute the malicious code. Input validation helps prevent buffer overflow attacks.
Remember This 15
Cross-site request forgery (XSRF) scripting causes users to perform actions on web sites, such as making purchases, without their knowledge. In some cases, it allows an attacker to steal cookies and harvest passwords.
Remember This 14
Cross-site scripting (XSS) attacks allow attackers to capture user information such as cookies. Input validation techniques at the server help prevent XSS attacks.
Remember This 7
DNS poisoning attacks attempt to corrupt DNS data. A pharming attack redirects a web site's traffic to another web site and can do so by modifying the hosts file on the user's system.
Remember This 11
Error and exception handling helps protect the integrity of the operating system and controls the errors shown to users. Applications should show generic error messages to users but log detailed information.
Remember This 18
Fuzzing sends random strings of data to applications looking for vulnerabilities. Administrators use fuzz testing to test applications and attackers use fuzzing to detect attack methods.
Remember This 16
LDAP injection attacks attempt to access or modify data hosted on directory service servers.
Remember This 6
Passwords are typically stored as hashes. Salting adds random text to passwords before hashing them and thwarts many password attacks.
Remember This 4
Replay attacks capture data in a session with the intent of later impersonating one of the parties in the session. Timestamps and sequence numbers are effective countermeasures against replay attacks.
Remember This 2
Smurf attacks typically use directed broadcasts to launch attacks through amplifying networks. Disabling directed broadcasts on routers mitigates the threat. It's especially important to ensure directed broadcasts are disabled on routers bordering on the Internet to ensure internal networks are not used as amplifying networks.
Remember This 10
The lack of input validation is one of the most common security issues on web-based applications. Input validation verifies the validity of inputted data before using it, and server-side validation is more secure than client-side validation. Input validation protects against many attacks, such as buffer overflow, SQL injection, command injection, and cross-site scripting attacks.
Remember This 9
Zero-day exploits are undocumented and unknown to the public. The vendor might know about it, but has not yet released a patch to address it.