Computer security Essay

1. What is a PHP Remote File suffer (RFI) fall upon, and why are these prevalent in todays meshwork world? RFI stands for Remote File Inclusion that allows the attacker to upload a custom coded/malicious file on a tissuesite or horde using a script. This vulnerability exploits the poor validation checks in vanesites and bottom eventually lead to code execution on server or code execution on website (XSS attack using javascript). RFI is a parking area vulnerability and all website hacking is non entirely focused on SQL injection. employ RFI you can deface the websites, get nark to the server and do just about anything. What makes it more dangerous is that you only need to drive your common smell out and basic knowledge of PHP to execute this one, some BASH might set handy as most of servers today are hosted on Linux.2. What republic is the top host of SQL Injection and SQL Slammer infections? Why cant the US Government do anything to prevent these injection attacks and infections? The United States of the States is at the top of the list when it comes to SQL Injections and SQL Slammer infections, China comes in second. Cybercriminals have make vast improvements to their infrastructure over the last few years. Its amplification is thousands of websites vulnerable to SQL Injections. bitchy code writers have exploited these vulnerabilities to distribute malware so quick that the government cannot contain such a large quantity. The septic web servers redirected unsuspecting visitors to malicious websites, and so the victims computers were then subjected to client-side exploit code. Once infected, these computers were added to the thousands of bots under the control of hackers. The attackers knew antivirus companies would write updates and software vendors depart patch their code so they made sure their malicious web sites were loaded with a variety of exploit codes.3. What does it mean to have a policy of Nondisclosure in an governance? It is a contract where the parties agree not to disclose study covered by the agreement. It outlines confidential material, knowledge, or information that the parties beseech to share with one another for certain purposes, but wish to restrict access to or by third parties.4. What Trends were tracked when it came to Malicious Code in 2009 by the Symantec Report re depended during this lab? DoS attacks are always common, however targeted attacks using advanced persistent threats (SPT) that occurred in 2009 made headlines.5. What is Phishing? Describe what a typical Phishing attacks attempt to accomplish. Phishing is Internet fraud that attempts to substantiate users credentials by deception. It includes theft of passwords, credit mailing numbers, bank account details and other confidential information. Phishing messages usually take the form of fake notifications from banks, providers, e-pay trunks and other organizations. These notifications encourage its recipients, to enter/upda te their face-to-face data. Excuses can vary but usually relate to loss of data, system breakdown, etc.6. What is the energy Day Initiative? Do you think this is valuable, and would you get into if you were the managing partner in a large firm? It is a architectural plan for rewarding credentials researchers for responsibly disclosing vulnerabilities. The outcome can be favourable for the company in means of protecting its infrastructure from harm, but whitethorn also expose weaknesses that can damage the companys reputation. This policy further reassures researchers that in no showcase will any of their discoveries be swept under the rug. I would participate, but we must pass an immanent scrutinise with flying colors before signing up with the program.7. What is a Server Side Include (SSI)? What are the ramifications if an SSI exploit is successful? The Server-Side Includes attack allows the exploitation of a web application by injecting scripts in hypertext markup languag e pages or executing arbitrary codes remotely. It can be exploited done manipulation of SSI in use in the application or string its use through user input fields. The attacker can access sensitive information, such as password files, and execute shell commands. The SSI directives are injected in input fields and they are sent to the web server. The web server parses and executes the directives before supplying the page. Then, the attack result will be viewable the next time that the page is loaded for the users browser.8. According to the TippingPoint Report researched in this lab how do SMB attacks measure up to HTTP attacks in the recent past? Symantec identified a significant defect in an attackers tactics 31% of targeted attacks were aimed at businesses with fewer than 250 employees. This shows a two-fold increase from Symantec Corp.s 2012 report, and is the latest sign that attackers are broadening their search for susceptible targets.9. According to the TippingPoint Report , what are some of the PHP RFI payload effects DVLabs has spy this year? The common vulnerabilities in a CMS are unpatched or seedy patched plug-ins rather than the core system. Poor patch management represents a large hole in the overall security of the organization.10. Explain the stairs it takes to execute a Malicious PDF Attack as described in the Tipping Point Report? Each new release of a toolkit is belike to contain a new zero-day exploit that gives the attacker higher chances of infecting targeted hosts. slightly toolkits keep very old exploits (4+ years) to cover a corner case in which targeted hosts are running older, unpatched versions of vulnerable software. Attackers infecting as many hosts as possible to increase profitability by monetizing the exploited systems.11. What is a Zero Day attack and how does this relate to an organizations vulnerability window? A zero day vulnerability is a hole in software that is inexplicable to the vendor. Hackers exploit before t he vendor realizes it and hurries to fix it. The organization is vulnerable until the vendor comes out with a patch.12. How can you mitigate the encounter from users and employees from fliping on an imbedded URL link or e-mail attachment from unknown sources? Constant awareness efforts continuously made the organization. Ensure spoofing is included in the organizations AUP, practice risk mitigation exercises to embed in the users minds not to click on unsolicited messages, especially those from social media.13. When auditing an organization for form, what role does IT security policies and an IT security policy framework play in the compliance audit? They play a very important role. Managers are prudent for placing and supervise IT controls on systems. Senior managers are responsible for making the organization wager governance requirements. System administrators are responsible for implementing IT controls and provide data flight attendant functions. Risk managers are respons ible for managing risks associated with compliance within the organization. IT auditors are responsible for information assurance. Data owners are responsible for identifying which data needs to be protected.14. When performing a security assessment, why is it a good thought process to examine compliance in separate compartments like the seven domains of a typical IT infrastructure? They are tied together.15. True or False. Auditing for compliance and performing security assessments to achieve compliance requires a checklist of compliance requirements. True. thither are different requirements per each compliance.