< All CompTIA Security+ Notes

tsirhCdneM | CompTIA Security+ | Module 3

By: Raul Pop | Related Course: CompTIA Security+ | Published: May 28, 2017 | Modified: May 29, 2017
Join Cybrary

NotepadApplication Attacks

-Cross Site Scripting(XSS)

-Structured Query Language(SQL)attack


NotepadAssesment technique

Baseline reporting

Code review

Determine attack Surface

Review architecture

Review Designs


NotepadAttacks

LDAP-Lighweight Directory Protocol injection

XML-Extensible Markup Language(XML)injection

Directory traversal/Command injection

-Buffer overflow


NotepadInterpret results of Security tools

Tools:

Protocol analyzer

Vulnerability scanner

Honeypot

Honeynet

Port Scanner

Banner Grabber

 

Assment types

Risk

Threat

Vulnerability

 


NotepadMitigation and Deterrent

Monitor system logs

Event Logs

Audit Logs

Security Logs

Access Logs

 

Hardering

Unecessary Services-disable

Protect management interfaces and Applications

Password protection

Disable unecessary Accounts

 

Network Security

Mac filtering/limiting

802.1x

Disable unused interface

Disable unused application service ports


NotepadPen vs Vulnerability

Vulnerability Scanning

Passively test security controls

Identify vulnerabilities

Identify a lack of security controls

identify common misconfigurations

 

Black box Testing

White box Testing

Gray box testing


NotepadPenetration Testing vs Vulnerability Scanning

Penetration Testing

Verify a threat exists

Bypass Security controls

Actively test security controls

Exploit vulnerabilities


NotepadPhishing

Phishing attack is a social engineering attack on email

Spim-Spam over instant messaging

Vishing-telephone attack/VOIP attack

Spear Phishing-its a group attack

x-mas attack-like ddos attack on routers

Pharming attack-malicious person attack host files on system(host files)

DNS poisoing-person attack DNS table to redirect from a site to another.(corrupt DNS)

ARP Poisoning-cache and redirect the traffic(Corrupt Arp cache)

 

Privilege escalation.

Malicious inside of threat

Client side attack

 

Transitive Access attack

Brutal attack

Dictionary attack

Hybrid attack

Birthday attack

Rainbow tables

 

URL hijacking/Typo squatling

Watering hole attack


NotepadSocial Engineering

Social engineering is against human,because human is the weakeast linkȘ

 

Sholder surfing

another person is looking behind others

Tail gating

looking to get access in a building,facility

Hoax

false story you give to invidual such that they perform

Phishing

Seek to obtain credentials,web account,website through e-mail.

Vishing-VOIP/telephone attack

Whaling attack–which attack only CEO/VIP person

Spear psishing-a malicious person attack group of people

Dumpsterdiving-dumpers looking for informatinon that will give them knowleage about your organization,facility,maps,plans,directories,drivers,storage drivers

 

Impersonation-pretends to be someone they are not to give you some steps to attack you from behind(you are give them access or they ask for some information)


NotepadTypes of Malware

Malware is malicious software:

-Viruses => antivirus

-Worms =>require no human interaction

-Trojans => good or bad activity

 

Malware is counter by anti-malware

Adware=>Advertising Software(Pop ups)

Spyware=>Spying Software=>Anti-spyware

Rootkits

Back doors

Logic bombs

botnet

Ransom ware

Polymorphic malware

Armored virus

 

 

 


NotepadTypes of Malware

1)Adware

-Advertising Software

-shows in pop ups

 

2)Malware

-virus-slows pc,files change,style

-virus needs a file to attach 

-require human interaction

 

-worms-cross entire system

-do not require human interaction

-replicate

 

-trojan-good or bad activity

having a program and in background is doing something 

 

-rootkits-gain root acces to system 

-administrate acces to a system

-hide the presence

-mask the presence in the system

 

 

-logic bomb-piece of quote insert in a software and activate by a event

-very hard to detect

 

-ransomware-disable the system

-threat,DDOS,cryptography

-lock screen

 

-polymorphic virus-change the form,change the signatures

 

-armored virus-encrypt them self to avoid detection 

 

botnets-malicious code insert in a system across the internet  for DDOS


NotepadTypes of Wireless Attacks

Rogue Access Point

Evil twin

Interference/Janning

War driving

War chalking

Blue jacking

Blue Snarfing

 


NotepadVarious Types of Attack

Man in the middle attack(mitm)

PC–MITM–WEBSITE (eavesdrop on your communication)

-replay credentials

-impersonating you to gain access

 

Denial of Service

-exhaust available resources

 

Distributed Denial of Service

-the attack is distribute on multiple computers across Internet

-malicious person infect with a bot(bot net) the computers(zombies) then attack the victim

Spoofing

malicious person spoof

mac address

ip address

miscoding a another person to get access (ip)

 

Spam attack

-push adverts,advertisements

-social networks-instant messager

spam+im=spim


NotepadZero Day Exploits

Zero Day Exploits

Cookies and attachments

Malicious Add-Ons

Session Hijack

Header manipulation


< All CompTIA Security+ Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel