misc Flashcards Preview

CompTIA Security+ SY0-501 > misc > Flashcards

Flashcards in misc Deck (13)
Loading flashcards...
1

What is APT?

Advanced Persistent Threat

2

What is pivoting/daisy chaining?

An attacker who compromises a device on DMZ to launch further attacks from the DMZ

3

What is doxing?

Publishing PII about someone

4

What is a covert channel?

Transmitting information using methods not originally intended for data transmission

5

What is source routing?

Allows sender of packet to specify route the packet takes through the network based on source IP address

6

What is banner grabbing?

Identifies OS version / software in use

7

How does MAC address spoofing work?

Only for UDP as TCP requires 3-way handshake

8

What is active vs passive sniffing?

Active is on a switch
Passive is on a hub as all packets are sent on all ports

9

How does a buffer overflow work?

Changing pointer address in stack to point at altered code from attacker (stack smashing)

10

What is NoP/NoP sled?

Creating no operation statements in memory to make pointing to their code easier

11

How can you protect against a buffer overflow attack with software?

HIPS/HIDS
Great/Secure Code boundary validation for R/W
Cookie (Canary Value) checks location for cookie
Stack guard (copy return address somewhere esle in memory to compare)
Code analysis for prevention

12

How do you protect against a buffer overflow attack with hardware?

NX/XD
Execution Disabled (stops code being run in certain areas of memory)

13

What is CVE and CVSS?

Common Vulnerabilities and Exposures
Common Vulnerability Scoring System