Threats, Attacks, & Vulnerabilities
This is a wireless interference attack
Jamming
AAA stands for?
Authentication, Authorization, Accounting
Encryption
Ways to dispose of hard drive
Shredding, Pulverizing
Port 49?
TACACS
This is a politically motivated attacker
Blank uses updated sequence numbers and timestamps. It can prevent pass the hash and replay attacks
Kerberos
DES, 3 DES, AES, Twofish and Blowfish ^ what type of encryption?
Symmetric Encryption
Job Rotation Purpose ( Give 2 reasons)
Prevent single point of failure. To detect fraud and or theft.
Non-Disclosure Agreement NDA
Upon gaining access from low level host, you are now able to use this same technique to launch an attack against a more critical point within the computer system or network.
Pivoting
MAC
Encrypts large amounts of data
Symmetric Encryption
Lessons Learned
Malware
Prevents SQL injection, buffer overflow, and integer overflow
Input Validation
A person gains access to a system because of biometric authentication error
False Acceptance Rate
Can be added to a stored password which adds extra security
Salt or key stretching (Bcrypt - PBKDF2)
Mantrap
Implemented to prevent Certificate Authority (CA) compromise?
Certificate Pinning
printf ("\n Correct Password \n");
pass = 1;
}
if(pass)
{
/* Now Give root or admin rights to user*/
printf ("\n Root privileges given to the user \n");
}
return 0;
$ ./bfrovrflw
Enter the password :
hhhhhhhhhhhhhhhhhhhh
Wrong Password Root privileges given to the user
This alerts a apple security team when any product unintentionally leaves the facility (Apple Store)?
Geofencing
RIPEND, RIPEMD-128, and RIPEMD-160
Hashing Algorithm
This alternative allows a company 3-4 hour turn around to be up and running
Warm site
_____is a Microsoft AAA server that uses an Active Directory domain
controller to enforce access to the network
Radius