Cyber Security Test review 1
White hat hackers
White hat hackers Hackers who hack only for legal/ethical purposes.
Insider threats
type of security breach. Is simply when someone inside your organization either misuse his access to data or accesses date he is not authorized to access.
White hats
Finding some flaw in system, will report the flaw to the vendor of that system.
Session Hijacking
Session Hijacking: These attacks are rather advanced and involve an attacker attempting to take over a session.
Viruses
Viruses: Catch up on NEW and Refurbished viruses Unauthorized use of systems: DoS attacks, Intrusions, Employee misuse
Cookie
Cookie A small file containing information from a Web site.
Cross-site scripting
Cross-site scripting: Entering data other than what was intended. Finds some area of a website that allows users to type in text that other users will see and then instead injects client-side script into those fields. Uses fake website and tries to get valuable information.
Audit Authentication
Audit A check of systems security. This usually includes a review of documents, procedures, and system configurations. Authentication The process to verify that a user is authorized to access a given resource. This is part of the logon system
Black hats Gray hats Script kiddies Sneakers Ethical hackers Professional Terms: Describes defensive barrier devices, procedures, and policies.
Black hats: Person who normally depicted in media. Cause some type of harm once accessing the system. Sometimes referred to as crackers. Might steal data, erase files or deface sites. Gray hats: Law-abiding citizen, but sometimes will venture into illegal activities. Script kiddies: Term for someone who calls himself a hacker but lacks expertise. Sneakers: Person legally breaks into a system to order to assess security deficiencies. Ethical hackers: Penetration Testers Professional Terms: Describes defensive barrier devices, procedures, and policies. Hacking is an offensive activity centered on attackers and methodologies, whereas security is a defensive activity concerning itself with defensive barriers and procedures.
CERT Microsoft Security Advisor F-Secure SANS Institute
CERT: Computer Emergency Response Team: Is sponsored by Carnegie-Mellon University. Was the first computer incident-response team and its still 1 of the most respected in the industry. Microsoft Security Advisor: This is a portal to all Microsoft security info, tools, and updates. F-Secure: A repository for detailed info on virus outbreaks. How the virus spreads, ways to recognize the virus, and specific tools for cleaning an infected system of a particular virus. SANS Institute: Security-related documentation. Computer security and sponsors a number of security research projects and publishes info about those projects on its website
CIA stands for
CIA Triangle: Confidentiality, Integrity, and Availability.
CIA Triangle Least privileges Perimeter security approach
CIA Triangle: Reference to the 3 pillars of security: confidentiality, integrity, and availability. Are you keeping data confidential? Does your approach help guarantee the integrity of data? Does your approach make the data readily available to authorized users? Least privileges: Each user or service running on your network should have the least number of privileges/access required to do her job. Need to know basis. Perimeter security approach: Bulk of security efforts are focused on the perimeter of the network. Include firewalls, proxy servers, password policies, or any technology or the systems within the network. Perimeter is secured but various systems within that perimeter are often vulnerable. Small or corporate setting with little or do not store sensitive data.
Computer Security Act of 1987
Computer Security Act of 1987: Requires gov't agencies to identify sensitive systems, conduct computer security training, and develop computer security plans.
DNS Poisoning
DNS Poisoning: This type of attack seeks to compromise a DNS server so that users can be redirected to malicious websites, including phishing websites. Usually for identity theft. Most communication will involve DNS or Domain Name Service.
Denial-of-Service Attacks
Denial-of-Service Attacks: DOS. Greatest external threat to any system is not hackers, but malware and denial of service attacks. Prevent legitimate access to your system. Does not intrude into the system but just block access by authorized users. One common way is to flood the targeted system with so many false connection requests that the system cannot respond to legit requests. Low Orbit Ion Cannon tool. Downloaded from Internet anyone can execute this. DDOS: Uses multiple machines to attack the target given that many modern websites are hosted in network clusters or even in clouds.
Firewall Proxy server Intrusion Detection system Activities
Firewall: Filters network traffic Proxy server: Disguises IP address of internal host Intrusion Detection System: Monitors traffic, looking for attempted attacks Activities: Authentication, Auditing
Hacker Hacking Intrusion-detection system (IDS)
Hacker A person who tries to learn about a system by examining it in detail and reverse-engineering it. Looking at a system's flaws and an expert on a system. Hacking The process to attempt to learn about a system by examining it and often exploiting flaws. This usually involves attempts to compromise the target system in some way. Attacks that breach your system's security. Intrusion-detection system (IDS) A system designed to detect signs of attacks in progress and to notify the administrator. Detect intruders use to asses a target system, thus alerting a network admin to the potential for an attempted breach. Most desirable hybrid approach is a layered paradigm that is dynamic (upper right quadrant of figure.)
Key logger Layered security approach Malware Proxy server Reactive security Script kiddy Sneaker
Key logger Software that logs keystrokes on a computer. Records all of your keystrokes. Also take screenshots of your computer. Data is then either stored for later retrieval by the person who installed the key logger or is sent immediately back via email. Layered security approach An approach that attempts to fortify security within the network rather than just the perimeter. Malware Any software that has a malicious purpose, such as a virus or Trojan horse. Logic bomb is software that lays dormant until some specific condition is met. Condition is usually a date and time. When the condition is met, the software does some malicious act such as delete files, alter system configuration, or release a virus. Proxy server A machine or software that hides all internal network IP addresses from the outside world. It provides a point of contact between a private network and the Internet. Reactive security Security that simply acts after something has gone wrong. Script kiddy A hacker term for a person who claims much greater hacking skill than he actually has. Sneaker Someone who attempts to compromise a system to assess its vulnerability.
Layered security approach Passive security approach
Layered security approach: Individual systems are secured and not only the perimeter. One way to do this is to divide the network into segments and secure each segment as if it were a separate network. So, if the perimeter security is compromised not all the internal systems are affected. Preferred method when possible. Passive security approach: Takes few or no steps to prevent an attack. Dynamic or proactive defense is 1 in which steps are taken to prevent attacks before they happen. Ex: Use of IDSs, which work to detect attempts to circumvent security measures
Malware
MALicious softWARE with a malicious purpose. Malware includes viruses, worms, Trojan horses, and logic bombs. Beyond the external attacks, there is the issue of internal problems due to malfeasance or simple ignorance. One of the 2 most common types, usually spreads through e-mail and uses system resources, causing slowdown or stoppage. Trojan horse: Other most common kind of malware. Most rapidly growing: Cookies & Key logger. Logic bomb: Lays dormant until some logical condition is met, often a specific date. Rootkits but these usually spread as viruses and are regarded as simply a specific type of virus.
Social engineering Spyware Trojan horse Virus Software War-dialing War-driving
Social engineering Using interpersonal skills to extract information about a computer system and its security. Technique for breaching a systems security by exploiting human nature rather than technology. Kevin Mitnick used this and uses standard con techniques to get users to give up the info needed to gain access to a target system. Tries to get info about systems users. Spyware Software that monitors computer use. Could be as simple as a cookie, which is a text file that your browser creates and stores on your hard drive that a website you have visited downloads to your machine and uses to recognize you when you return to the site. May also consist of software that takes periodic screenshots of the activity on your computer and sends those to the attacker. Trojan horse Software that appears to have a valid and benign purpose but actually has another nefarious purpose. Virus Software that is self-replicating and spreads like a biological virus. "Small program that replicates and hides itself inside other programs, usually w/o your knowledge. Most common method is through email and spread it to everyone in his address book. All of them cause network slowdowns due to heavy network traffic caused by replication. War-dialing Dialing phones waiting for a computer to pick up. This is usually done via some automated system. War-driving Driving and scanning for wireless networks that can be compromised. A hacker sets up a computer to call phone numbers in sequence until another computer answers to gain entry to its system. War flying: private drone with wifi sniffing and cracking software and tries to gain access to the target computer.
Web Attacks
Web Attacks: This is any attack that attempts to breach your website application. 2 of most common attacks : SQL injection and Cross-Site Scripting. SQL injection: Commands into login forms to trick the server into executing those commands. Force the server to log the attacker on. If the programmer would filter all input prior to processing it then it would be impossible.