Week 3: Different Attack Types



In Chapter 7, the author covers many attack types, including Injection, Buffer Overflow, Privilege Escalation, Authentication, and Rootkit attacks.

·       An injection attack is when an attacker executes malicious code or an operation in an interpreter, tricking it into executing it. Some examples are SQL Injection and cross-site Scripting.  

·       Buffer Overflow is a type of attack that takes advantage of a software vulnerability by intentionally writing more data to the memory than it can handle, causing the data to spill into another memory location, corrupting the data, and causing the process to crash, crashing the application.

·       Privilege Escalation is when an actor exploits a system vulnerability or human error to gain unauthorized access and elevate their access from low-level to privileged, allowing them to cause damage or steal data.

·       An authentication attack is when an actor exploits a weakness of the authentication system through impersonation, password spraying, or other forms of authentication attack.

·       A rootkit is a type of malware that is designed to maintain persistence and root-level access on a system without being detected. 

Popular posts from this blog

Week1: Introduction and Cloud Computing

Image
Hello everyone, my name is Santosh Pradhan, and I am currently pursuing an undergraduate degree in information technology at Bellevue University. Prior to pursuing my degree, I had no prior experience, except for the basic troubleshooting that everyone learns. So far, I have learned a great deal about networking, basic information technology, and some cybersecurity concepts. Although most of the courses have covered virtualization and cloud computing to some extent, none of them have provided full details. I am excited to learn about cloud computing and its governance.  As the semester progresses, I will update the blog on a weekly basis and share my experiences with you. 
Read more

Week 12: Tools for Monitoring Network and Blog Wrap-up

There are various tools to monitor a network; monitoring a network can help detect issues, be aware of the problems, or make sure the network does not have any anomaly in the network. Here are some of the tools that can help to monitor the network: ·        Packet Sniffers – a software tool that tracks and collects internet packets. The packets that are collected will be stored in a file called a capture file.  Usually, the packet sniffer software also comes with a packet analyzer to analyze the packets that were captured. ·        Protocol Analyzer – this is a program that analyzes the packets that packet sniffers capture. A good program can let the network administrator filter information based on their needs. One of the well-known software is Wireshark. ·         Packet Flow Monitoring – this tool tracks traffic and packet flow between devices. This helps to track the volume and ...
Read more

Week 3: Migration to the Cloud

Image
  This week, we learned about the various decision-making processes involved in migrating to the cloud. The book talks about five major phases of the migration process: Assess, Plan, Migrate, Validate, and Manage . While assessing and before initiating the migration process, it is essential to establish a baseline of the network, operating system, and other key performance indicators. It is essential to minimize the impact of downtime and maximize network bandwidth availability during the migration. After the planning process is done, there are various ways to execute it; the common migration processes are P2V, V2V, V2P & P2P. Amazon also provides a migration truck to make the process. The book also discusses deploying the migration and validating it to ensure that it is working through various types of testing, including functional testing, performance testing, load testing, and others. 
Read more