Professional Documents
Culture Documents
2.1.1 VULNERABILITIES
Configuration weaknesses
HACKERS
ATTACKERS
CONT
b.
Access
attacks
exploit
known
vulnerabilities
in
authentication services, FTP services, and web services to gain
entry to web accounts, confidential databases, and other
sensitive information. Access attacks can consist of the
following:
Password attacks
Trust exploitation
Port redirection
Man-in-the-middle attacks
Social engineering
Phishing
CONT
CONT
WORM
VIRUSES
TROJAN HORSES
An application that
executes arbitrary
code and installs
copies of itself in the
memory of the
infected computer,
which then infects
other hosts
Malicious software
that is attached to
another program to
execute a particular
unwanted function
on the user
workstation
An application
written to look like
something else that
in fact is an attack
tool
CONT
CONT
2.2.2 DEVELOPING A
SECURITY POLICY
CONT
GROUP ACTIVITY