Explore the essential concepts, techniques, and security challenges covered in the CompTIA Security+ certification

1.1 – Compare And Contrast Different Types Of Social Engineering Techniques

  • Typosquatting – URL Hijacking eg: google.com vs g00gle.com
  • Pretexting – Lying to get your info; actor and a story
  • Pharming – Poisoned DNS server, redirects a legit website to a bogus site
  • Vishing – Voice phishing, often spoofed numbers
  • Smishing – SMS phishing, spoofing here too (text messages)
  • Spear Phishing – Targeted phishing
  • Whaling – Spear phishing the CEO or other “large catch” (C level)
  • Eliciting Information – Extracting information from the victim, often used with vishing
  • Computer Hoaxes – A threat that doesn’t exist
  • Watering Hole Attack – It targets groups of users by infecting websites that they commonly visit
  • Defense in Depth – Layered defense
  • Spam – Unsolicited messages
  • Spim – Spam over instant messaging
  • Mail Gateway – On-site or cloud-based filter for unsolicited email
  • Tarpitting – Slow down the server conversation intentionally
  • Credential Harvesting – Attacker collects usernames and passwords

Social Engineering principles: Authority, Intimidation, Social proof/Consensus, Scarcity, Urgency, Familiarity/Liking, Trust

1.2 – Given a scenario, analyze potential indicators to determine the type of attack

  • Malware – Malicious software, gathers information ie: keystrokes, controlled over a botnet, show advertisements, viruses or worms with malware, your computer must run a program, use links or pop-ups
  • Virus – Malware that reproduces itself, needs a user to start the process, reproduces through file systems or the network, and may or may not cause problems.
  • Virus types:
    • program viruses (part of an application)
    • boot sector viruses (starts in the boot sector of OS)
    • script viruses (operating system and browser-based)
    • macro viruses (common in Microsoft Office, similar to script virus)
    • fileless virus – a stealth attack, doesn’t install or save on the system, good for avoiding anti-virus detection, operates in the memory could be in the registry
  • Worms – Malware that self-replicates, doesn’t need you to do anything, uses network as transmission medium, spreads quickly, signatures can be stopped at the IDS/IPS or Firewall
  • Wannacry worm – 2017, installed crypto-malware, smbV1 used to infect vulnerable systems and installed double pulsar to encrypt user data
  • Crypto-malware – A new generation of ransomware, malware encrypts the data files
  • Protect against ransomware – Always have a backup, offline and not on the same system
  • Trojan Horse – Software that pretends to be something else, doesn’t replicate, circumvents anti-virus
  • PUP – Potentially Unwanted Program, undesired program often installed along with other software, can hijack your browser
  • RAT – Remote Administration Tool or Remote Access Trojan, controls the device (ie: DarkComet RAT)
  • Rootkit – Originally a Unix technique, modifies core system files in part of the kernel, invisible to antivirus software
  • Zeus/Zbot malware – Kernel driver famous for cleaning out bank accounts, combined with Necurs rootkit, Necurs ensures Zbot can’t be deleted and denies any termination process
  • Secure boot with UEFI – Protects against rootkits in the BIOS
  • Adware – Pop-up ads everywhere, cause performance issues
  • Spyware – Malware that spies on you; advertising, identity theft, and affiliate fraud; often a trojan, can capture browser surfing habits, keylogger
  • Logic Bomb – Often used by someone with a grudge; time bombs, user event, difficult to identify, many logic bombs delete themselves
  • Spraying Attack – Common passwords, used only a few times to prevent lockout before moving to the next account; hidden from alarms and detection
  • Brute Force – Every possible password combination until the hash is matched, can take some time, a strong hash algorithm slows things down, most accounts will lockout, more common for an attacker to check for the hash offline
  • Dictionary attack – Using common words, password crackers can substitute letters
  • Rainbow tables – Pre-built set of hashes, contains pre-calculated hash chains, speed increased over previous password attacks, rainbow tables are application or OS-specific
  • Salt – Random data added to a password before hashing takes place
  • Birthday attack – 23 students have 50% of 2 students having the same birthday, for 30 there’s a 70% chance, hash collisions happen when different input gives an output that uses the same hash.
  • MD5 hash – Has hashing collisions.
  • Downgrade Attack – Force the system to use a weaker encryption method

1.3 – Given a scenario, analyze potential indicators associated with application attacks

  • XSS (cross-site scripting) – Originally called cross-site because of browser security flaws, info from one site could be shared with another, very common; malware that uses javascript
  • Non-persistent (reflected) XSS – Website allows javascript to run in user input fields,
  • Persistent (stored) XSS – Stored permanently on the website via a post, no specific targets
  • Code injection attack – Code added into a data stream, enabled because of bad programming;
  • SQL injection – Uses SQL to access, add, or remove info from a DataBase
  • XML injection – Modify XML requests
  • LDAP attack – Manipulates LDAP databases
  • DLL injection – Injects code into applications and uses the app to run the DLL inside a new process
  • Buffer overflows – Overwriting a buffer of memory; developers should perform bounds checking, not easy to exploit
  • Pass the Hash – A replay attack that lets the attacker intercept a hash and replay it back to the server to authenticate, use SSL/TLS to encrypt the hash and stop this attack

1.4 – Given a scenario, analyze potential indicators associated with network attacks

  • Bluejacking – Sending unsolicited messages over Bluetooth
  • Bluesnarfing – Access data on a mobile device over Bluetooth

For more information click here.

LEAVE A REPLY

Please enter your comment!
Please enter your name here