CEH Bullet Points

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Functionality

features of the system

Misconfiguration Attacks

Hacker gains access to the system that has poorly configured security. Can affect works, databases, web servers, etc.

zero-day attack

exploits previously unknown vulnerabilities in software applications, hardware, and operating system program code

Psychological warfare

"Capture their minds and their hearts and souls will follow" E.g. propaganda or terror

Technical Controls

(Logical) Security tokens

Functionality, usability, security triangle

Any change made to one component directly affects decreases the other two

Business continuity and disaster recovery (BCDR)

1. Risk assessment -Business Impact Analysis(BIA) 2. Business Continuity Plan (BCP) -Includes Disaster recovery plan

Shrink-wrap code vulnerabilities

A bug is fixed in library but application uses older version. Application uses libraries in debug mode or with default configurations.

ALE equation

ARO (Annual rate of occurrence) x SLE (Single loss expectancy)

SLE Equation

AV (Asset Value) x EF (Exposure Factor)

Hacker warfare

Acquire information about subject A, sell it to subject B

Corrective controls

After other controls Backups, restore

Information Security Management Program

All activities the organization takes to protect sensitive information E.g. security policies, rules, standards, business resilience, training and awareness, security metrics and reporting.

Risk Mitigation

Also known as risk reduction Taking action to reduce an organization's exposure to potential risks and reduce the likelihood that those risks will happen again

Return on Investment (ROI)

Amount of money saved by implementing a safeguard.

Residual Risk

Amount of risk that remains after controls are accounted for

Daisy chaining

An attack in which hackers gain access to one network/device and then using it to access next networks/devices.

Annualized Loss Expectancy (ALE)

Annual cost of a loss due to a risk

Guideline Documentation

Flexible, recommended actions users are to take in the event there is no standard to follow

Motives

Attack = Motive + Vulnerability + Method (exploit) (General core is access to the valuable information)

Host Threats

Attack that tries to gain access to information from a system (E.g. • password attacks • unauthorized access • profiling • malware attacks • footprinting • denial of service attacks (DoS) • arbitrary code execution • privilege escalation • backdoor attacks • physical security threats)

Shrink-wrap code Attacks

Attacks on libraries and frameworks that the software is depended on. Finding vulnerabilities in libraries allows re-using same exploits on more than single application (Use libraries: older, more mature, maintained, updated actively with proven track record.)

Security Attacks

Attempt to gain unauthorized access to a system or network. Actualization of a threat

Preventative controls

Authentication, Encryption

Risk Responses

Avoid Mitigate Transfer Accept Share

Exploit

Breach through vulnerabilities

OS Vulnerabilities

Bugs (as it's a big codebase) Buffer overflow Unpatched operating systems (can lead to e.g. zero day vulnerabilities)

Application-level vulnerabilities

Caused by lack of testing as developers rush development of applications and miss something. E.g. • sensitive information disclosure • buffer overflow attack • SQL injection v cross-site scripting • session hijacking denial of service • man in the middle • phishing

Risk Avoidance

Change the strategy/plan to avoid the risk

Economic information warfare

Channeling or blocking information to pursue economic dominance

Attack Vector Types

Cloud computing threats such as data breach and loss. IoT threats usually caused by insecure devices and hardware constraints (battery, memory, CPU etc.) Ransomware: Restricts access to your files and requires payment to be granted access Mobile threats

CIA triad

Confidentiality: so no one can see what's inside. Integrity: no one tampers data-in transit Availability: data is accessible on demand

Level of risk equation

Consequence x Likelihood

Risk Acceptance

Decide to take the risk, as without risk there's no movement/rewards.

Risk Level

Defined based on events possible consequences to evaluate

Procedure Documentation

Detailed step-by-step instructions for accomplishing a task or goal

Risk Sharing

Distribution of risk

Usability

GUI of the system and how user friendly it is

Non-repudiation

Guarantee that: sender of a message cannot deny having sent the message recipient cannot deny having received the message

Electronic warfare

Enhance, degrade, or intercept the flow of information

Confidentiality

Ensures that information is available only to people who are authorized to access it.

Integrity

Ensures the accuracy of the information

Authenticity

Ensures the quality of being genuine or uncorrupted (Users are who they claim, a document is uncorrupted)

Availability

Ensuring resources are available whenever the authorized user needs them

Impact

Estimate of the harm that could be caused by an event

Application Threats

Exploitation of vulnerabilities that exists in the application itself (Caused by e.g. bad coding practices Rushed programs has mistakes e.g. lack of validation of input data E.g. • SQL injection • cross-site scripting • session hijacking • identity spoofing • improper input validation • security misconfiguration • information disclosure • hidden-field manipulation • broken session management • cryptography attacks • buffer overflow attacks • phishing)

OS attacks

Exploiting network protocol implementations Authentication attacks Cracking passwords Breaking filesystem security

Physical controls

Fences, Mantrap, locks, security badges

Doxing

Finding and publishing someone's personally identifiable information for malicious reasons

Security

How the processes of the system are used and who is using them

Risk Management Phases

Identification Assessment Treatment Tracking and Review

Risk Management Objectives

Identify the potential risks Identify the impacts of those risks Create risk management strategy and plan Assign priorities to risks Analyze the risks Control the risk Develop strategies and plans for long lasting risks

Pure insider

Inside employee with normal access rights

Elevated pure insider

Insider with elevated access

Insider associate

Insider with limited authorized access (e.g. guard, cleaning person)

Hack Value

It is the notion among hackers that something is worth doing or is interesting

Standard Documentation

Mandatory rules used to achieve consistency

Attack Vectors

Means by which hackers deliver a payload to systems and networks

Risk Management

Ongoing process of identifying, assessing and acting on potential risks. (Reduce risks but can never fully eliminate)

Insider attacks

Performed by a person from within the organization who has authorized access Presents one of the greatest potential of risk and most difficult attacks to defend against

Risk Transfer

Place burden elsewhere; outsourcing or purchasing an insurance

Administrative controls

Policies and continuity of operations plans

Defense in Depth Layers

Policies, Procedures, Awareness: Data Classification, Risk Management, Code Reviews, Educations... Physical security: ID cards, CCTV, fences... Maintenance board should be protected in server room. Not good in schools, universities etc. Perimeter: Encryption, identities...In front of the internal network where traffic in and out is filtered. Internal network: Network zoning, firewalls... Host: Antivirus patches, security updates...Individual devices with networking capability e.g. servers / PCs. Services: Audit logs, authentication, authorization, coding practices. Applications running on hosts Data: Backups, encryption...

Risk Assessment

Prioritizes risks based on severity and likelihood of occurrence Includes an analysis of threats based on the impact to the business

Baseline Documentation

Provide the minimum security level necessary

Enterprise Information Security Architecture (EISA)

Regulates organizations structure and behavior in terms of security, processes and employees. Includes requirements, process, principles and models

Worm

Replicate itself Infects quickly Can spread independently without user action

Virus

Replicate itself Infects quickly Requires user action to be activated

Inherent Risk

Represents the amount of risk that exists before any controls are taken. Raw and untreated risk

Insider attack countermeasures

Restricting access Logging to know who access what at what point of time Active monitoring of employees with elevated privileges Trying to not have disgruntled employees Separation of dutiesAlso known as segregation of dutiesConcept of having more than one person required to complete a task.

Audit risk

Risk of error while performing an audit. Three types: Control risk, detection risk, inherent risk

Control Risks

Risks that occur due to weaknesses in internal controls

Processes to achieve IA

Security policies Network and user authentication strategy Identification of vulnerabilities and threats e.g. pen-testing Identification of problems in the system and resource requirements Plan design for the identified requirements Certification and accreditation to find vulnerabilities and remove them Training for employees

Intelligence-based warfare

Sensor-based technology to disrupt systems

Application-level Attacks

Similar to OS attacks but far less damaging as their scope is far narrower

Risk Mitigation Response

Take action to reduce the risk to a low enough level to be acceptable.

Web application threats

Takes advantage of poorly written code and lack of proper validation of input and output data. (E.g. buffer overflows, SQL injections, cross-site scripting)

Command and control (C2) warfare

Taking down the command center may protect the headquarters but may interfere with their mobility

Outsider affiliate

Unknown and untrusted person from outside the organization. Uses an open access channel or stolen credentials to gain unauthorized access.

Insider affiliate

Spouse, friend, or client of an employee that uses employee's credentials.

APT

Stealthy threat actor with continuous attacks targeting a specific entity (EX: Red Apollo, Equation Group, Cozy Bear)

Information Assurance

The affirmation or guarantee of the confidentiality, integrity, and availability of information in storage, processing, and transmission.

Payload

The part of malware performing malicious action.

Attack Vector

The path or means by which an attacker gains access to a computer.

Risk

Threat of damage or loss

Network Threats

Threat to the set of devices that are connected through communication channels where data exchange happens between devices (E.g. • denial of service attacks (DoS) • password-based attacks • compromised-key attacks, firewall and IDS attacks • DNS and ARP poisoning • man in the middle (MITM) attack • spoofing • session hijacking • information gathering • sniffing...)

Risk equation

Threat x Vulnerability x Asset (E.g. network is very vulnerable (no firewall), asset is critical: high risk. E.g. network is well protected, asset is critical: medium risk)

Security Management Framework

To reduce risks of any system Risks are never zero but you should reduce as much as u can Combination of policies, procedures, guidelines and standards

Total cost of ownership (TCO)

Total cost of a mitigating safeguard

Detective controls

Used after a discretionary event. Audits, alarm bells, alerts

Botnet

Used by hackers to control the infected machines e.g. phones, PC, IoT. Used in DDoS attacks. Typically result of lack of security or proper updates

Risk Matrix

Used to visualize risk probabilities and its consequences

Defense in Depth

Using multiple layers for protection Provides redundancy in the event a security control fails or a vulnerability is exploited

Detection risk

Verifier does not detect a material misstatement

Vulnerability

Weakness which can compromise the system and be used for a possible attack

Bitsquatting

a form of cybersquatting which relies on bit-flip errors that occur during the process of making a DNS request

Security Threats

anything that has potential of causing damage to the system

Likelihood

how probable it is that an event will occur

Cyber warfare

use of information systems against virtual personas

Misconfiguration Vulnerabilities

using default accounts (passwords) • forgetting Apache server online to allow proxy requests enabling DDoS attacks


Ensembles d'études connexes

Chemistry- Quantitative Chemistry

View Set

ATI Practice Assessment- Respiratory

View Set

BIO 2170 Ch 7 Pre-class questions

View Set