Ch 6- Voc
embedded system
A computer hardware and software system that has a specific function within a larger system
trunk link
A connection that enables VLAN information to be passed between switches
trunk port
A port that carries traffic for all VLANs that are accessible by a switch
deauthentication
A disruption of wireless communications that breaks the link between the client and the wireless access point
VLAN (Virtual Local Area Network)
A logical method of segmenting a network by grouping related switch ports into their own entities.
web session
A sequence of HTTP request and response transactions between a web client and a server, including pre-authentication tasks, the authentication process, session management, access control, and session finalization. Numerous web apps keep track of information about each user for the duration of the web transactions. Several web apps have the ability to establish variables such as access rights and localization settings; these variables apply to each and every interaction a user has with the web application for the duration of the session.
bluetooth
A short-range wireless radio network transmission medium normally used to connect two personal devices, such as a mobile phone and a wireless headset.
VLAN tag
A special identifier added to a packet as it travels through a trunk link
RTOS (real-time operating system)
A specialized operating system that features a predictable and consistent processor scheduler
cookie
A text file that the server gives to the client browser and that contains the session ID (SID) for that particular web session, which is used as an authentication token.
community string
A text identifier that must be the same on a SNMP manager and a SNMP device
GRE (Generic Routing Encapsulation)
A tunneling protocol used to create virtual point-to-point links on an IP network.
SCADA (supervisory control and data acquisition)
A type of ICS that sends and receives remote-control signals to and from embedded systems.
Blind (or inferential) SQL injection
A type of attack in which the attacker does not make the application display or transfer any data but instead reconstructs the information by sending specific statements and discerning the behavior of the application and database.
in-band SQL injection
A type of attack in which the attacker obtains data by using the same channel that is used to inject SQL code. This is the most basic form of an SQL injection attack, in which the data is dumper directly in a web app.
out-of-band SQL Injection
A type of attack in which the attacker retrieves data using a different channel. For example, an email, a text, or an instant message could be sent to the attacker with the results of the query, or the attacker might be able to send the compromised data to another system.
Cross-Site Request Forgery (CSRF or XSRF)
A type of attack that involves unauthorized commands being transmitted from a user who is trusted by the application. It's different from XSS in that it exploits the trust that an application has in a user's browser. They're also referred to as "one-click attacks" or "session riding." They typically affect applications that rely on a user's identity. The attacker may trick a user's browser into sending HTTP requests to a target website.
Cross-Site Scripting (XSS)
A very common web application vulnerability that can lead to installation or execution of malicious code; account compromise, session cookie hijacking, revelation or modification of local files, or site redirection.
race condition
A vulnerability in which a system or an application attempts to perform two or more operations at the same time but, due to the nature of such system or application, the operations must be done in the proper sequence in order to be done correctly. When an attacker exploits such a vulnerability, he or she has a small window of time between when a security control takes effect and when the attack is performed. They are very difficult to perform. They're also referred to as time of check to time of user (TOCTOU) attacks.
HTML injection
A vulnerability that occurs when an unauthorized user is able to control an input point and inject arbitrary HTML code into a web application. Successful exploitation could lead to disclosure of a user's session cookies, which could be used to impersonate a victim or to allow the attacker to modify the web page or the application content seen by victims.
credentials brute-force attack
An attack in which the attacker attempts to log in to an application or a system by trying different usernames and passwords.
command injection
An attack in which the attacker tries to execute commands that he or she is not supposed to be able to execute on a system via a vulnerable application. These attacks are possible when an application does not validate data supplied by the user (for example, data entered in web forms, cookies, HTTP headers, and other elements). The vulnerable system passes that data into a system shell. This type of attack involves trying the send OS commands so that the application can execute them with the privileges of the vulnerable application.
DNS cache poisoning
An attack technique in which corrupt DNS data is entered into a DNS server's lookup (resolver) cache and fake records are then given to clients and other DNS servers
HTTP proxies
Proxies that make requests to web servers on behalf of other clients. They enable HTTP transfer across firewalls and can also provide support for caching of HTTP messages. Proxies can also perform other roles in complex environments, including NAT and filtering of HTTP requests.
VLAN hopping
The act of illegally moving from one VLAN to another
jailbreaking
The act of modifying a mobile iOS device to remove restrictions installed by the manufacturer
sniffing
The act of monitoring and intercepting data flowing through a network.
eavesdropping
The act of secretly listening to private conversation or communications.
TCP session hijacking
The act of taking a user's or client's place after it has established a TCP connection with a server.
NAC (Network Access Control)
The collection of protocols, policies, and hardware that govern access on devices to and from a network.
ARP poisoning
The deliberate mapping of an incorrect MAC address to a correct IP address
POS (point of sale)
The location where customers purchase goods or services from a business by using a POS system
clickjacking
Using multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they had intended to click on the top page.
Insecure Direct Object Reference
Vulnerabilities that are exploited when web applications allow direct access to objects based on user input. Successful exploitation could allow attackers to bypass authorization and access resources that should be protected by the system. This type of vulnerability occurs when an application does not sanitize user input and does not perform appropriate authorization checks.
HTTP Parameter Pollution (HPP)
Vulnerabilities that are introduced when multiple HTTP parameters have the same name. HPP may cause an application to interpret values incorrectly. It is possible to take advantage of HPP vulnerabilities to bypass input validation, trigger application errors, or modify internal variables values.
SQL injection (SQLi)
Vulnerabilities that can be catastrophic because they can allow an attacker to view, insert, delete, or modify records in a database. In this attack, the attacker inserts; or "injects", partial or complete SQL queries via a web application. SQL commands are injected into data-plane input in order to execute predefined SQL commands.