1
Q
Plaintext / unencrypted passwords
A
- Some applications store passwords “in the clear”
–No encryption. You can read the stored password.
–This is rare, thankfully - Do not store passwords as plaintext
–Anyone with access to the password file or
database has every credential - What to do if your application saves passwords
as plaintext:
–Get a better application
2
Q
Hashing a password
A
Hashes represent data as a fixed-length string of text
–A message digest, or “fingerprint”
* Will not have a collision (hopefully)
–Different inputs will not have the same hash
* One-way trip
–Impossible to recover the original message
from the digest
–A common way to store passwords
3
Q
A hash example
A
- SHA-256 hash
–Used in many applications
4
Q
The password file
A
Different across operating systems and applications
–Different hash algorithms
5
Q
Spraying attack
A
- Try to login with an incorrect password
–Eventually you’re locked out - There are some common passwords
–https://en.wikipedia.org/wiki/List_of_the_most_
common_passwords - Attack an account with the top three (or more)
passwords
–If they don’t work, move to the next account
–No lockouts, no alarms, no alerts
6
Q
Brute Force
A
- Try every possible password combination until the
hash is matched - This might take some time
–A strong hashing algorithm slows things down
–The hash - Brute force attacks - Online
–Keep trying the login process
–Very slow
–Most accounts will lockout after a number of
failed attempts - Brute force the hash - Offline
–Obtain the list of users and hashes
–Calculate a password hash, compare it to a stored hash
–Large computational resource requirement.
SY0 701
flashcards
Decks in class (131)
# Cards
-
Security controls 1.111
-
Preventive Control types (1.1)4
-
Deterrent control types (1.14
-
Detective control types (1.1)4
-
Corrective control (1.1)4
-
Compensating control (1.1)4
-
Directive control type (1.1)4
-
CIA Triad 1.24
-
Confidentiality (1.2)4
-
Integrity (1.2)5
-
Availability (1.2)4
-
Non repudiation (1.2)5
-
Acronyms324
-
Authentication, Authorization, & Accounting 1.27
-
Gap Analysis 1.25
-
Zero Trust 1.28
-
Physical Security 1.27
-
1.2 Deception & Disruption4
-
Change management steps 1.39
-
Technical change management steps 1.39
-
Public Key Infrastructure 1.46
-
Encrypting data 1.410
-
Key Exchange 1.46
-
Encryption technologies 1.47
-
Obfuscation 1.47
-
Hashing & digital signatures 1.49
-
Blockchain technology 1.42
-
Certificates 1.412
-
2.1 Threat Actors15
-
2.2 Common Threat Vectors13
-
2.2 Phishing4
-
Impersonation 2.26
-
Watering Hole Attacks 2.24
-
Other Social engineering attacks (2.2)3
-
Memory Injections 2.33
-
Buffer Overflows 2.31
-
Race Conditions 2.33
-
Malicious Updates 2.33
-
2.3 Operating system vulnerabilities3
-
2.3 SQL Injection4
-
2.3 Cross Site Scripting7
-
2.3 Hardware Vulnerabilities4
-
2.3 Virtualization Vulnerabilities4
-
2.3 Cloud specific Vulnerabilities.3
-
Supply chain vulnerabilities 2.37
-
Misconfiguration vulnerabilities 2.35
-
Mobile device vulnerabilities 2.34
-
Zero-day vulnerabilities 2.33
-
An overview of Malware 2.46
-
2.4 Viruses and worms5
-
2.4 Spyware and Bloatware5
-
2.4 Other Malware Types6
-
2.4 Physical attacks4
-
2.4 Denial of Service4
-
2.4 DNS attacks4
-
2.4 Wireless Attacks5
-
2.4 On Path Attacks2
-
2.4 Replay attacks6
-
2.4 Malicious Code3
-
2.4 Application attacks11
-
2.4 Cryptographic Attacks5
-
2.4 Password attacks6
-
2.4 Indicators of compromise9
-
2.5 Segmentation and Access Control3
-
2.5 Mitigation techniques6
-
2.5 Hardening techniques9
-
3.1 Cloud Infrastructure6
-
3.1 Network Infrastructure concepts4
-
3.1 other Infrastructure concepts10
-
3.1 Infrastructure Considerations12
-
3.2 Secure Infrastructures5
-
3.2 Intrusion prevention5
-
3.2 Network appliances10
-
3.2 Port Security4
-
3.2 Firewall Types6
-
3.2 Secure communication11
-
3.3 Data types and classifications3
-
3.3 States of Data5
-
3.3 Protecting data9
-
3.4 Resiliency11
-
3.4 Capacity planning4
-
3.4 Recovery Testing5
-
3.4 Backups8
-
3.4 Power resiliency3
-
4.1 Secure Baselines4
-
4.1 Hardening targets10
-
4.1 Securing wireless & Mobile8
-
4.1 Wireless Security settings11
-
4.1 Application Security7
-
4.2 Asset management6
-
4.3 Vulnerability scanning5
-
4.3 Threat intelligence5
-
4.3 Penetration testing5
-
4.3 Analyzing Vulnerabilities9
-
4.3 Vulnerability remediation9
-
4.4 Security monitoring8
-
4.4 Security tools11
-
4.5 Firewalls6
-
4.5 Web filtering8
-
4.5 Operating system security3
-
4.5 Secure Protocols5
-
4.5 email security5
-
4.5 Monitoring data7
-
4.5 Endpoint Security8
-
4.6 Identity and Access Management10
-
4.6 Access controls8
-
4.6 Multifactor Authentication7
-
4.6 Password Security7
-
4.7 Scripting and automation4
-
4.8 Incident response10
-
4.8 Incident planning5
-
4.8 Digital Forensics7
-
4.9 Log data12
-
5.1 Security policies10
-
5.1 Security Standards5
-
5.1 Security procedures7
-
5.1 Security considerations4
-
5.1 Data roles & Responsibilities2
-
5.2 Risk Management4
-
5.2 Risk Analysis6
-
5.2 Risk Management Strategies2
-
5.2 Business impact analysis1
-
5.3 Third Party Assessment10
-
5.3 Agreement types2
-
5.4 Compliance7
-
5.4 privacy6
-
5.5 Audits and Assessments3
-
5.5 Penetration tests6
-
5.6 Security Awareness5
-
5.6 User training2
-
1.1 Compare and contrast types of secuirty controls1
