Vulnerabilities and Attacks

Question 1

What are vulnerabilities in the context of cybersecurity?

Answer 1

• Weaknesses or flaws in hardware
• Software
• Configurations
• Processes

Consequences include unauthorized access, data breaches, and system disruptions.

Question 2

What are the consequences of vulnerabilities?

Answer 2

• Unauthorized Access
• Data Breaches
• System Disruptions

These consequences can severely impact an organization’s security and integrity.

Question 3

Define attacks in cybersecurity.

Answer 3

• Deliberate actions by threat actors to exploit vulnerabilities

Forms of attacks include unauthorized access, data theft, malware infections, DoS attacks, and social engineering.

Question 4

List the forms of attacks in cybersecurity.

Answer 4

• Unauthorized Access
• Data Theft
• Malware Infections
• DoS Attacks
• Social Engineering

Each form represents a different method of exploiting vulnerabilities.

Question 5

What are the focus areas of hardware vulnerabilities?

Answer 5

• Firmware
• End-of-life systems
• Missing patches
• Misconfigurations

Addressing these areas is crucial for mitigating hardware vulnerabilities.

Question 6

What are some mitigation strategies for hardware vulnerabilities?

Answer 6

• Harden systems
• Patch
• Enforce baseline configurations
• Decommission old assets
• Isolation

These strategies help secure hardware against potential threats.

Question 7

What types of Bluetooth vulnerabilities exist?

Answer 7

• Bluesnarfing
• Bluejacking
• Bluebugging
• Bluesmack
• BlueBorne

Each type represents a different method of exploiting Bluetooth technology.

Question 8

What are the mitigation techniques for mobile vulnerabilities?

Answer 8

• Patch Management
• Mobile Device Management
• Prevent sideloading
• Rooting

These techniques help secure mobile devices against various threats.

Question 9

What are zero-day vulnerabilities?

Answer 9

• Newly discovered and exploited vulnerabilities

They present a significant challenge as there are no known defenses or mitigations at the time of discovery.

Question 10

List the types of operating system vulnerabilities.

Answer 10

• Unpatched systems
• Zero-days
• Misconfigurations
• Data exfiltration
• Malicious updates

Each type can lead to significant security risks if not addressed.

Question 11

What is SQL Injection?

Answer 11

• Exploits web app or database vulnerabilities

Attackers insert malicious SQL code into input fields to manipulate databases.

Question 12

What is Cross-Site Scripting (XSS)?

Answer 12

• Injects malicious scripts into web pages

The goal is to compromise the site’s visitors by running malicious code in their browsers.

Question 13

What is a Buffer Overflow?

Answer 13

A software vulnerability when more data is written to a memory buffer than it can hold

This can lead to crashes or exploitation by attackers.

Question 14

What are Race Conditions?

Answer 14

• Multiple processes or threads accessing shared resources simultaneously

This can lead to unexpected behavior or vulnerabilities.

Question 15

What are the key terms associated with race conditions?

Answer 15

• Time-of-Check (TOC)
• Target-of-Evaluation (TOE)
• Time-of-Use (TOU)

Understanding these terms is essential for analyzing race condition vulnerabilities.

Question 16

What is the purpose of input validation?

Answer 16

To prevent injection attacks like SQL and XML injections

Proper input validation ensures that only legitimate data is processed.

Question 17

What is an XML Injection?

Answer 17

• Targets XML data processing

Attackers exploit vulnerabilities in XML processing to manipulate data.

Question 18

What is the goal of Cross-Site Request Forgery (CSRF)?

Answer 18

Triggers actions on different websites without user consent

This can lead to unauthorized actions being performed on behalf of the user.

Question 19

What is data exfiltration?

Answer 19

Involves unauthorized data transfers from an organization to an external location

Protecting against data exfiltration is crucial for maintaining data confidentiality.

Question 20

What is a malicious update?

Answer 20

Appears as legitimate security updates but contains malware or exploits

Always source updates from trusted vendors to avoid this risk.

Question 21

What is Bluesnarfing?

Answer 21

Unauthorized access to a device to steal information like contacts, call logs, and text messages

This is a type of Bluetooth attack that exploits vulnerabilities in the protocol.

Question 22

What is Bluebugging?

Answer 22

Allows attackers to take control of a device’s Bluetooth functions

Attackers can make calls, send messages, or access the internet through this method.

Question 23

What is the best practice for secure Bluetooth usage?

Answer 23

• Turn off Bluetooth when not in use
• Set devices to ‘non-discoverable’ mode
• Regularly update firmware
• Only pair with known devices
• Use a unique PIN or passkey

These practices help mitigate the risks associated with Bluetooth vulnerabilities.

Question 24

What are the four steps to an XSS attack?

Answer 24

• Identify input validation vulnerability
• Craft a URL for code injection
• Trusted site returns page with malicious code
• Malicious code runs in client’s browser

The attack exploits the trust a user has in a website.

Question 25

What are the **functions** of an **XSS attack**?

Answer 25

* Defacing the trusted website * Stealing the user’s data * Intercepting data or communications ## Footnote These functions highlight the potential damage caused by XSS attacks.

Question 26

Name the **types of XSS attacks**.

Answer 26

* Non-Persistent XSS * Persistent XSS * Document Object Model (DOM) XSS ## Footnote Each type exploits vulnerabilities in different ways.

Question 27

What is **Non-Persistent XSS**?

Answer 27

A XSS attack that occurs only once when launched ## Footnote It is executed server-side.

Question 28

What is **Persistent XSS**?

Answer 28

Allows an attacker to insert code into a backend database ## Footnote This type is also executed server-side.

Question 29

What is **Document Object Model (DOM) XSS**?

Answer 29

Exploits the client’s web browser using client-side scripts ## Footnote It modifies the content and layout of the web page.

Question 30

What is the purpose of **Session Management**?

Answer 30

Enables web applications to uniquely identify a user ## Footnote It is a fundamental security component in modern web applications.

Question 31

What is a **cookie**?

Answer 31

Text file used to store information about a user ## Footnote Cookies help maintain user sessions on websites.

Question 32

What are **Non-persistent cookies**?

Answer 32

Also known as session cookies, reside in memory and are deleted at the end of the session ## Footnote They are used for a very short time period.

Question 33

What are **Persistent cookies**?

Answer 33

Stored in the browser cache until deleted or expired ## Footnote They remain available across multiple sessions.

Question 34

What is **Session Hijacking**?

Answer 34

Type of spoofing attack where the attacker replaces a host with their own machine ## Footnote This is done by spoofing the original host IP.

Question 35

What is **Session Prediction**?

Answer 35

Type of spoofing attack where the attacker predicts the session token ## Footnote Prevented by using a non-predictable algorithm to generate session tokens.

Question 36

What is **XSRF**?

Answer 36

Malicious script exploiting a session started on another site ## Footnote It can be disguised and does not require the victim to click on a link.

Question 37

What are some **prevention methods** for XSRF?

Answer 37

* Use user-specific tokens in form submissions * Add randomness and prompt for additional information * Require two-factor authentication * Require current password for password changes ## Footnote These methods enhance security against XSRF attacks.

Question 38

What is a **Buffer Overflow Attack**?

Answer 38

Occurs when a process stores data outside the allocated memory range ## Footnote It is a common initial attack vector in data breaches.

Question 39

What are **buffers**?

Answer 39

Temporary storage areas used by programs to hold data ## Footnote They have a defined memory capacity.

Question 40

What is **Smashing the Stack**?

Answer 40

Attackers overwrite the return address with a pointer to their malicious code ## Footnote This allows execution of the attacker's code.

Question 41

What is a **NOP Slide**?

Answer 41

Attackers fill the buffer with NOP instructions to reach their code ## Footnote This technique helps in executing the attacker's code.

Question 42

What is **Address Space Layout Randomization (ASLR)**?

Answer 42

Helps prevent attackers from guessing return pointer addresses ## Footnote It randomizes memory addresses used by programs.

Question 43

What are **Race Conditions**?

Answer 43

Software vulnerabilities related to the order and timing of events ## Footnote Exploiting them can disrupt program behavior and gain unauthorized access.

Question 44

What is the **Dirty COW Exploit**?

Answer 44

A real-world example of race condition exploitation targeting Linux and Android ## Footnote It leverages race conditions in the Copy On Write function.

Question 45

What are the **types of Race Conditions**?

Answer 45

* Time-of-Check (TOC) * Time-of-Use (TOU) * Time-of-Evaluation (TOE) ## Footnote Each type describes different timing vulnerabilities.

Question 46

What is a **mutex**?

Answer 46

Mutually exclusive flag that ensures only one thread can access a section of code ## Footnote It helps prevent race conditions.

Question 47

What is a **deadlock**?

Answer 47

Occurs when a lock remains in place because the process it’s waiting for is terminated ## Footnote This can prevent further processing despite completion.