Thursday, March 14, 2019

Computer security Essay

1. What is a PHP Remote File Include (RFI) attack, and why ar these prevalent in todays Internet population? RFI stands for Remote File Inclusion that allows the attacker to upload a habitude enterd/malicious file on a meshsite or boniface victimization a script. This vulnerability functions the poor validation checks in websites and burn down at long last lead to code execution on server or code execution on website (XSS attack using javascript). RFI is a common vulnerability and all website hacking is not entirely foc delectationd on SQL injection. Using RFI you derriere deface the websites, get access to the server and do almost anything. What makes it to a greater extent dangerous is that you only need to have your common sense and fundamental knowledge of PHP to feed this one, some BASH might come expert as most of servers today are hosted on Linux.2. What country is the bill host of SQL Injection and SQL Slammer infections? Why cant the US Government do anything to prevent these injection attacks and infections? The United States of America is at the top of the list when it comes to SQL Injections and SQL Slammer infections, China comes in second. Cybercriminals have do vast improvements to their infrastructure over the last few yrs. Its expansion is thousands of websites dangerous to SQL Injections. Malicious code writers have exploited these vulnerabilities to distribute malware so nimble that the government cannot defy such a adult quantity. The infected web servers redirected unsuspecting visitors to malicious websites, then the victims computers were then subjected to client-side exploit code. Once infected, these computers were added to the thousands of bots under the control of hackers. The attackers knew antivirus companies would write updates and package vendors will chip their code so they made sure their malicious web sites were unwavering with a variety of exploit codes.3. What does it mean to have a indemnity of Nondi sclosure in an organization? It is a contract where the parties agree not to weaken in plaster bandageation covered by the agreement. It outlines confidential material, knowledge, or instruction that the parties indirect request to share with one another for certain purposes, but wish to dress access to or by third parties.4. What Trends were tracked when it came to Malicious decree in 2009 by the Symantec Report researched during this lab? DoS attacks are ever so common, however targeted attacks using advanced persistent threats (SPT) that occurred in 2009 made headlines.5. What is Phishing? spot what a natural Phishing attacks attempt to accomplish. Phishing is Internet fraud that attempts to gain users credentials by deception. It includes theft of passwords, credit card numbers, till account details and other confidential information. Phishing messages usually take the form of fake notifications from banks, providers, e-pay systems and other organizations. These notific ations encourage its recipients, to enter/update their personal data. Excuses can vary but usually relate to loss of data, system breakdown, and so forth6. What is the Zero daylight Initiative? Do you think this is valuable, and would you participate if you were the managing mate in a large firm? It is a program for honor certificate researchers for responsibly disclosing vulnerabilities. The outcome can be good for the social club in means of protecting its infrastructure from harm, but may similarly expose weaknesses that can damage the companys reputation. This policy only reassures researchers that in no case will any of their discoveries be move under the rug. I would participate, but we must pass an internal analyse with flying colors before signing up with the program.7. What is a horde Side Include (SSI)? What are the ramifications if an SSI exploit is successful? The Server-Side Includes attack allows the evolution of a web application by injecting scripts in HTML pages or executing arbitrary codes remotely. It can be exploited through usance of SSI in use in the application or force its use through user input fields. The attacker can access exquisite information, such as password files, and execute shell commands. The SSI directives are injected in input fields and they are sent to the web server. The web server parses and executes the directives before supplying the page. Then, the attack result will be visible the next time that the page is loaded for the users browser.8. fit in to the Tipping pass Report researched in this lab how do SMB attacks measure up to HTTP attacks in the recent past? Symantec identified a significant shift in an attackers tactics 31% of targeted attacks were aimed at businesses with fewer than 250 employees. This shows a threefold step-up from Symantec Corp.s 2012 report, and is the latest sign that attackers are broadening their search for persuasible targets.9. According to the TippingPoint Report, what ar e some of the PHP RFI payload effects DVLabs has detected this year? The common vulnerabilities in a CMS are un patched or poorly patched plug-ins rather than the core system. Poor patch management represents a large hole in the overall security of the organization.10. Explain the steps it takes to execute a Malicious PDF Attack as described in the Tipping Point Report? Each new release of a toolkit is likely to contain a new zero-day exploit that gives the attacker higher chances of infecting targeted hosts. Some toolkits maintenance very old exploits (4+ years) to cover a corner case in which targeted hosts are running older, unpatched versions of insecure software. Attackers infecting as many hosts as achievable to increase profitability by monetizing the exploited systems.11. What is a Zero Day attack and how does this relate to an organizations vulnerability window? A zero day vulnerability is a hole in software that is unknown to the vendor. Hackers exploit before the vendo r realizes it and hurries to fix it. The organization is vulnerable until the vendor comes out with a patch.12. How can you mitigate the risk from users and employees from clicking on an imbedded URL link or e-mail attachment from unknown sources? unremitting awareness efforts continuously made the organization. Ensure spoofing is included in the organizations AUP, employment risk mitigation exercises to embed in the users minds not to click on unsolicited messages, especially those from social media.13. When auditing an organization for compliance, what role does IT security policies and an IT security policy framework licentiousness in the compliance audit? They play a very important role. Managers are responsible for placing and monitoring IT controls on systems. Senior managers are responsible for making the organization meet organization requirements. System administrators are responsible for implementing IT controls and provide data custodian functions. pretend managers a re responsible for managing risks associated with compliance within the organization. IT auditors are responsible for information assurance. Data owners are responsible for identifying which data needs to be protected.14. When do a security assessment, why is it a good idea to poke into compliance in separate compartments like the seven domains of a typical IT infrastructure? They are tied together.15. True or False. Auditing for compliance and do security assessments to achieve compliance requires a checklist of compliance requirements. True. There are different requirements per each compliance.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.