midterm - WanderlustPenguin/Charles-Tech-Journal GitHub Wiki

  • AAA-Authentication, authorization, auditing
  • Buffer overflow attack- too much data for a program, causing it to overflow into another area, usually the next place the CPU would go.
  • This can be done intentionally to put a program onto a puffer and/or put in a nup (no operation) order for other programs. Can alter sequence of process, modify return address
  • Faculty adviser having access to student records, role based? Some access control methods are-File permission, firewall rules
  • CIA triad, confidentiality, integrity of data, a
  • Reduce chance of sql injection, cross site scripting, and command execution- input validation- if name, no quote marks and limited digits. * IP address shouldnt have ampersands or excessive digits. Remove things that could interfere with database. Ensure that people are giving you what’s expected
  • Password- technical access control, admin is policies, technical is online and tech stuff, physical is physical security and network segmentation
  • An organization’s security plan should have Policies that are developed as part of overall org plan
  • Authentication, authorization (tricky), confidentiality (tricky), ids, access control (trickcy), apt- 3 trickies are basedon who can access
  • What is defense in depth? Include layers- physical, technical, administrative
  • DAC- discretionary access control- owner decides who accesses what
  • Access control types- role based uses role, attribute based uses many things, mandatory access control, ACL
  • Use prior labs to match attack
  • Secret system used by military uses mandatory access control
  • What can be compromised with SQL attack, explain what parts of CIA are involved and how- data, which is in database, how could data access impact CIA- at first is integrity due to access but other come later
  • What component of system are susceptible to command injection- web server, SQL goes to database How is risk evaluated for increased and persistent security- risk analysis cycle
  • A (any system). b(firebrick/wall), c (web server), d(database server)
  • Attack is script, cross-site scripting
  • Cell phone theft- what elements of CIA afre affected (availability yes, others vary based on time of discovery, i phones targetted lately after watching passcodes input before theft, if phone is breached and account info changed everything is impacted), what risks are involved, how can the elements be protected (find my iphone?, change password and lockdown phone when found missing