1
Q
A […] attack is when an attacker puts their own code into information that is input into an application.
Different kinds include:
- HTML
- SQL
- XML
- LDAP
A
Code Injection
2
Q
[…] is when the code that queries a database is tampered with
A
SQL Injection
Security+
flashcards
Decks in class (67)
# Cards
-
Security Controls 1.111
-
The CIA Triad 1.24
-
Non-Repudiation 1.28
-
Authentication, Authorization, and Accounting 1.26
-
Gap Analysis 1.21
-
Zero Trust 1.219
-
Deception and Disruption 1.24
-
Change Management 1.34
-
Technical Change Management 1.310
-
Public Key Infrastructure (PKI) 1.46
-
Encrypting Data 1.47
-
Key Exchange 1.42
-
Encryption Technologies 1.44
-
Obfuscation3
-
Hashing and Digital Signatures 1.43
-
Blockchain Technology 1.41
-
Certificates 1.48
-
Threat Actors 2.111
-
Threat Vectors 2.213
-
Phishing 2.25
-
Impersonation 2.23
-
Watering Hole Attack 2.21
-
Other Social Engineering Attacks 2.22
-
Memory Injections 2.33
-
Buffer Overflows 2.31
-
Race Conditions1
-
Malicious Updates0
-
Operating System Vulnerabilities 2.32
-
SQL Injection 2.32
-
Cross-Site Scripting 2.34
-
Hardware Vulnerabilities 2.37
-
Virtualization Vulnerabilities 2.32
-
Cloud Specific Vulnerabilities 2.34
-
Supply Chain Vulnerabilities 2.32
-
Misconfiguration Vulnerabilities 2.37
-
Mobile Device Vulnerabilities 2.32
-
Zero Day Vulnerabilities 2.31
-
An Overview of Malware 2.43
-
Viruses & Worms 2.47
-
Spyware & Bloatware 2.42
-
Other Malware Types 2.44
-
Physical Attacks 2.43
-
Denial of Service 2.47
-
DNS Attacks 2.44
-
Wireless Attacks 2.45
-
On Path Attacks 2.47
-
Application Attacks 2.41
-
Cryptographic Attacks 2.44
-
Password Attacks 2.42
-
Indicators of Compromise 2.410
-
Segmentation and Access Control4
-
Mitigation Techniques 2.57
-
Hardening Techniques 2.59
-
Cloud Infrastructures 3.16
-
Network Infrastructure Concepts 3.16
-
Other Infrastructure Concepts 3.18
-
Infrastructure Considerations 3.19
-
Secure Infrastructures 3.24
-
Intrusion Prevention 3.24
-
Network Appliances10
-
Port Security 3.22
-
Firewall Types 3.26
-
Secure Communication 3.25
-
Data Types and Classifications 3.315
-
States of Data 3.311
-
Protecting Data (Methods) 3.310
-
Resiliency 3.47
