Video Description

Zero Day Exploits, Cookies, and Attachments This lesson identifies and discusses what happens when we encounter emerging network security attacks hitting the security industry for the first time. The Zero Day exploit, for example describes a new type of security attack for which there is no developed security solution or risk mitigation countermeasure. You'll learn why it's critically important to master the deployment and management of best practice standards, techniques and strategies and the most basic practices as a means of keeping your attack immunity at its highest level. [toggle_content title="Transcript"] Zero day exploits, the term zero day exploit is used in networking environment or security environments to describe attacks which we've never experience before. A zero day exploit is an attack for which we have no known solution and the very first time we experience it might be the very first time it's happening. So we have to put measure in place to prevent ourselves or to protect ourselves from zero day exploits, some of which include ensuring that all your security patches, your updates are the most recent. You want to ensure that your configurations are best practice, your configurations, your systems, your applications, your servers; everything is being hardened and brought to the most recent update. This way you immunity is kept very high and it is possible that you are able to withstand a zero day exploit by ensuring that all your purchase are in place, all your configuration are best practice, all you drivers, operating systems, applications are receiving their updates. That way you can best mitigate against zero day exploit. They are very difficult to detect because nobody else experienced them, but from time to time it is possible that malicious might find new ways of attacks, new ways to craft attacks. And this attacks could be directed to our systems and this are the attacks that constitute the zero day attacks. So organizations should listen carefully to news bulletins, watch out for other experiences by organizations so as to protect themselves from this types of attacks. Cookies and attachments. Whenever we browse the internet on our computers, a cookie file this is the text file that is pushed to your system to monitor your preferences. However this cookies could be spied upon by other individuals and our activities in the internet could be stocked. So other organizations or individuals could start to monitor you where you go, what you shop, what you are looking at, what your interest are, what your preference are. So it's best practice that we do not save sensitive information on our browsers because by monitoring our cookies it is possible for other people to gain unauthorized knowledge about our activities online. Also attachments could contain malicious pay loads. We have to be very careful that all our traffic go through some form of firewall to inspect every attachment, the content of this attachments could be malicious payloads. If we just open them on our systems could compromise the security of our systems. Some of these attachments could contain backdoors, malware and viruses, spyware. This could be used to gain unauthorized access to data residing on your systems. Session hijacking or we also call this TCP hijacking, this involves an attacker forcefully gaining control over a legitimate conversations between a trusted connection and another or maybe a malicious person gains possibly a connection between two parties. SO they are able to hijack that session and thereby pretend to be entities that have been authenticated to servers. This way they are able to redirect traffic, they are able to green information they are not supposed to have access to they are also able to put themselves in their as in man in the middle. Now that the session has been hijacked the servers do not know that they are communicating with the man in the middle. The owner or the entity initiating the session has been [inaudible] off by the malicious person and this is a way in which they have access to unauthorized information. This compromises confidentiality and would also compromise integrity. Header manipulation, This is another form of attack that relies on the absence of input validation. When organizations do not follow best practices to ensure that all inputs into their servers are properly validated as to remove unauthorized codes or symbols, this will nullify the script that the malicious person want to put in place. It is possible that header manipulation modifies the header information containing http request. This are past two web applications, two clients that can be used to initiate the cross site scripting attacks, they could also be used to hijack web pages or redirect pages or some other types of attacks. [/toggle_content]

Course Modules