This chapter discusses protecting against advanced attacks by comparing common attacks like denial-of-service, spoofing, and man-in-the-middle attacks. It also summarizes secure coding concepts such as input validation, error handling, and cryptography. Application attacks like cross-site scripting are identified. Finally, it discusses security frameworks and guides.

1. Chapter 7
Protecting Against
Advanced Attacks
CompTIA Security+
Get Certified Get Ahead
1

2. Introduction
• Comparing common attacks
• Summarizing secure coding
concepts
• Identifying application attacks
• Understanding frameworks and
guides

3. Common
Attacks
• Denial-of-service (DoS)
– Comes from one system
• Distributed denial-of-service
(DDoS)
– Multiple attacking computers
– Typically include sustained,
abnormally high network traffic

4. Common
Attacks
• Privilege escalation
– Gain additional privileges after initial
exploit
• Spoofing
– Impersonating or masquerading
as someone or something else
– MAC spoofing
– IP spoofing

5. Common
Attacks
• SYN flood attack
– Common attack against Internet
servers
– Disrupts the TCP three-way handshake
– Withholds 3rd packet

6. Common
Attacks
• Man-in-the-middle
– Active interception
– Active eavesdropping
• ARP poisoning

7. Password
Attacks
• Online password attack
– Attempts to discover a password from an
online system
• Online password attack
– Attempts to discover passwords from a
captured database or captured packet scan

8. Password
Attacks
• Password hashes
– Password: IC@nP@$$S3curity+
– Hash 75c8ac11c86ca966b58166187589cc15
• http://www.md5online.org/
– Password 12345
– Hash 827ccb0eea8a706c4c34a16891f84e7b

9. Common
Attacks
• Known plaintext
– Attacker has samples of both the plaintext
and the ciphertext
• Compare with chosen plaintext
The information contained in this email and any
accompanying attachments may contain proprietary
information about the Pay & Park & Pay parking garage.
Nr55tySu3IFIf7f3Cjn540fSs0j0QbshCN0yOAvhN3UKr85uE
kvawEPG3lhLIklwBz7hBzhaRZ96KUYIT3wQbf2cSkWHtN8Z
QrQ+ZGJHhe8HkL42CPjHIGc0HW4urJ+NNLnNxqHyRo34a
zbnXsd3qd3Ce5GE7blWtY0duwNKy0xqhmDihUJs9nDhXB
V4nBkZ6shcmKGEUSyvCr/hOEpAYw==

10. Common
Attacks
• Typo squatting / URL hijacking
– Attackers purchase similar domain names
for various malicious purposes
– Users visit the typo squatting domain when
they enter the URL incorrectly with a
common typo
• Clickjacking
– Tricks users into clicking something different
– Typically uses frames

11. Common
Attacks
• Session hijacking
– Impersonate the user with the session ID
– Session IDs stored in cookies
• Domain hijacking
– Attacker changes the registration of the
domain name
– Typically done by using social engineering
techniques to guess owner’s password

12. Common
Attacks
• Zero-day vulnerabilities
– Undocumented and unknown to the public
– Vendor might know about it, but has not yet
released a patch to address it
• Zero day attack
– Attempts to exploit zero-day vulnerabilities
– Also known as zero day- exploit

13. Memory
Buffer
Vulnerabilities
Application bugs
• Memory leak
– App consumes more and more memory
– Can crash operating system
• Integer overflow
– App attempts to use or create numeric value
too big for the available storage
– 8-bit storage
– 95 x 59 = 5,605 (needs at least 13 bits to
store)

14. Memory
Buffer
Vulnerabilities
• Buffer overflow and buffer overflow
attack
– Occur when an application receives data
that it can’t handle
– Exposes system memory
– Often includes NOP instructions (such as
x90)
– Can then insert malicious code into memory
– Input validation helps prevent buffer
overflow attacks

15. Secure Coding
Concepts
• Compiled code
– Optimized
– Run as an executable
– Compiler checks the program for errors and
• Runtime code
– Code is evaluated, interpreted, and executed
when the code is run
– HTML is interpreted by web browsers and
displayed as web pages

16. Input
Validation
• Verifies validity of data before using it
– Verifies proper characters
– Uses boundary and/or range checking
– Blocks HTML code
– Prevents the use of certain characters
• Client-side vs server-side
– Server-side is more secure (many sites use
both)
• Input validation prevents
– Buffer overflow, SQL injection, command
injection, and
cross-site scripting attacks

17. Secure Coding
Concepts
• Avoid race conditions
– Occur when two modules attempt to access
the same resource
– First module to complete the process wins
– Database locks prevent race conditions

18. Error and
Exception
Handling
• Catch errors and provides feedback
– Prevent improper input from crashing an
application providing information to
attackers
– Errors to users should be general
– Logged information should be detailed

19. Secure Coding
Concepts
• Cryptographic techniques
– Encryption
– Authentication
– Code signing

20. Secure Coding
Concepts
• Code reuse
– Avoid dead code
• Software development codes (SDKs)
– Provide software tools easy to reuse
• Code obfuscation
– Camouflage code

21. Code Quality
and Testing
• Static code analyzers
• Dynamic analysis
• Stress testing
• Sandboxing
• Model verification

22. SDLC Models
Software development life cycle (SDLC)
models
• Waterfall
– Multiple stages going from top to bottom
– Strict
• Agile
– Starts with set of principles
– Uses iterative cycles with incremental
changes
– Flexible

23. Secure
DevOps
• Security automation
• Continuous integration
• Baselining
• Immutable systems
• Infrastructure as code

24. Secure Coding
Concepts
• Change management
– Ensures developers do not make
unauthorized changes
– Provides accounting structure
• Version control
– Tracks software versions
– Identifies who made the change and when

25. Secure Coding
Concepts
• Provisioning (an application)
– Preparing to deploy it
– Configuring for different applications
• Deprovisioning (an application)
– Removing it completely

26. Application
Attacks
• Web servers host web sites
– Apache
– IIS
• Protected by placing in DMZ

27. Application
Attacks
• Cross-site scripting (XSS)
– Attackers embed malicious HTML or
JavaScript code
– Can be in web site or links in email
– Prevented with server-side input
validation
– OWASP recommends use of library

28. Frameworks
and Guides
• Frameworks
– Regulatory
– Non-regulatory
– National versus international
– Industry-specific
• Guides
– Vendor-specific
– Platform-specific
– Role- or goal-specific

29. Chapter 7
Summary
• Comparing common attacks
• Summarizing secure coding concepts
• Identifying application attacks
• Understanding frameworks and
guides