23

    avatar
    Created by
    NobleD78499

    Cards (24)

    • The diagram of the Ware report (see Figure 1 on the next page) is no longer applicable to modern IT security
      View source
    • Data stored in a process' memory is always accompanied by type information
      View source
    • The TCP handshake prevents man-in-the-middle attacks
      View source
    • DNS by itself does not provide strong integrity guarantees
      View source
    • If a script running under the origin https://london.ac.uk sends a request to https://royalholloway.ac.uk, the cookies for london.ac.uk will not be included in that request
      View source
    • Reflected cross-site scripting attacks are not based on a vulnerability of the database system used by the web application
      View source
    • Process gates are not a technique to prevent reference monitors
      View source
    • Unprivileged processes cannot modify the UNIX system clock
      View source
    • UNIX user groups do not always have the same ID number as the user's UID
      View source
    • SYN cookies can have the secure flag but are then still sent in plain
      View source
    • MULTICS did inspire fundamental concepts of modern operating system access control
      View source
    • PCs in the 1980s did not come with strong security controls
      View source
    • How a client uses DNS to find the IP address of a domain
      1. Client sends query to local DNS resolver
      2. Local resolver checks its cache
      3. If not found, resolver queries root DNS server
      4. Root server refers resolver to TLD server
      5. TLD server refers resolver to authoritative name server
      6. Authoritative name server responds with IP address
      View source
    • DNS resolver authentication
      Replies from authoritative name servers are not authenticated, which helps the attacker with their attack
      View source
    • How an adversary can poison a local DNS cache
      1. Adversary sends spoofed replies to local resolver with short TTL
      2. Local resolver caches the spoofed replies
      3. Subsequent client queries are redirected to adversary's IP
      View source
    • Folder IncidentsReports
      • Owned by user2 and group even
      • Only user2 can delete other users' files
      • Group prime has write access, no other users have access
      View source
    • Access Control List for read rights to IncidentsReports files
      • user2: read
      • even: read
      • prime: read
      View source
    • Access Control List for write rights to IncidentsReports directory
      • user2: write
      • prime: write
      View source
    • Creating a symbolic link from IncidentsReports/IR3 to v512IR and writing to v512update in the ProjectLonghorn directory does not cause a security violation
      View source
    • Memory corruption vulnerability in C code
      Allows execution of arbitrary code such as spawning a shell on x86-32 architecture
      View source
    • Cross-Site Scripting (XSS) vulnerability
      Allows injection of malicious scripts into web pages, exploiting the trust a user has in the website
      View source
    • Types of XSS attacks
      • Stored XSS
      • Reflected XSS
      View source
    • SQL injection vulnerability
      Allows malicious SQL queries to be executed on the database, often by manipulating user input
      View source
    • SQL injection attack
      • Entering malicious email address to delete all entries from table foo
      View source
    See similar decks