CompTIA® Security+ Exam Notes : Explain Impact Associated With Types Of Vulnerabilities

1. Threats, Attacks and Vulnerabilities

1.6 Explain the impact associated with types of vulnerabilities

The term "vulnerability" represents security flaws in hardware, software, or configuration of a device or process. Vulnerability testing should be performed on an ongoing basis by the parties responsible for resolving such vulnerabilities,

The term "risk" refers to the likelihood of being targeted by a given attack, of an attack being successful, and general exposure to a given threat. As can be seen, risk occurs when both the threat and vulnerability are present.

The term "threat" refers to the source and means of a particular type of attack. A threat assessment is performed to determine the best approaches to securing a system against a particular threat, or class of threat.

Exploit: An exploit is the way or tool by which an attacker uses a vulnerability to cause damage to the target system.

War-driving is related to exploiting the vulnerabilities in wireless networks.

Tempest was the name of a classified (secret) U.S. government project to study the susceptibility of some computer and telecommunications devices to emit electromagnetic radiation (EMR) in a manner that can be used to reconstruct intelligible data. TEMPEST certification ensures that the building is shielded adequately and the EM radiations are within limits to prevent intruders from accessing the information from outside the building.

The practice of marking the buildings with unsecured wireless networks is called war-chalking. The practice of sniffing wireless networks is known as war-driving.

Race conditions: Race conditions are a vulnerability related to multithreaded applications. When a multi-threaded application does not properly handle various threads accessing a common value, this can lead to unpredictable values for that variable. This is called a race condition.

Memory/buffer vulnerability

DLL injection: DLL injection s a technique used for running code within the address space of another process by forcing it to load a dynamic-link library. DLL injection is often used by external programs to influence the behavior of another program in a way its authors did not anticipate or intend.

Buffer overflow: Buffer overflow occurs when the input is more than that allocated for that purpose. The system doesn't know what to do with the additional input, and it may result in freezing of the system, or sometimes to take control of the system by a hacker. By validating the inputs, it is possible to reduce this vulnerability to a great extent.

Previous   Contents   Next

Security+ Cram Notes Contents ad