CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
2. Page 2
Instructor, PACE-IT Program – Edmonds Community College
Areas of Expertise Industry Certifications
 PC Hardware
 Network Administration
 IT Project Management
 Network Design
 User Training
 IT Troubleshooting
Qualifications Summary
Education
 M.B.A., IT Management, Western Governor’s University
 B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.
3. Page 3
– A goal of application attacks.
– Divulging weaknesses in some
applications.
PACE-IT.
5. Page 5
Often, the hacker’s goal
when attacking an
application is to create the
ability to execute arbitrary
code remotely.
Arbitrary, in this sense, refers to the fact that the
application was not designed to execute the code. If
the attacker can gain this ability, the code will often
be executed at an administrative account level.
Arbitrary code execution/remote code execution
represents an extreme security risk, as it often has
the ability to make changes to the underlying
system. When this occurs, it can be difficult to
discover and stop.
Types of application attacks II.
7. Page 7
– Cookie.
» Text file that Web developers use to store information about
users (on the user’s local system).
• If captured, the cookies may reveal sensitive information
about either the user or the website, which can lead to an
exploit.
– Flash cookie/Locally Shared Object (LSO).
» A method that Adobe Flash programmers use to store
information on a user’s computer.
• LSOs can be used to track a user’s Internet activity and
represent a threat to privacy.
» Most LSOs remain on a user’s system, even if all other cookies
are deleted.
– Attachment.
» A file attachment is a document or application that is attached
to an email message.
• Is a commonly used threat vector used to deliver malicious
applications.
Types of application attacks II.
8. Page 8
– Malicious add-on.
» An add-on is software that is installed into browsers to allow for
additional features.
• If the add-on causes a deterioration in browser performance,
it can be considered malicious.
» Some add-ons can exploit vulnerabilities present in the
browser, creating a security threat; these can be considered
malicious.
– Header manipulation.
» Hackers can modify the header data of an application in order
to change how the application functions.
• Can be used to modify how a Web server processes
information.
• Can be used on file headers to conceal information.
Types of application attacks II.
9. Page 9
Session hijacking usually
combines both a network
and an application attack.
With session hijacking, the hacker waits until a communication
channel has been opened between at least two parties (e.g., an
administrator signs in to a Web server) and then disconnects one
of the parties and inserts herself/himself into the communication
channel.
The attacker typically uses a DoS (denial of service) type attack
to disconnect one of the parties. Once inserted into the
communication flow, the hacker attempts to gain control of either
sensitive information or of the application itself.
Types of application attacks II.
10. Page 10
Types of application attacks II.
Often, the goal of an application attack is to create the ability to execute
arbitrary code remotely. Arbitrary code/remote code execution represents
an extreme security threat, as the code execution usually occurs at the
administrative level. This can lead to the hacker being able to make
changes to the underlying system.
Topic
A goal of application attacks.
Summary
Some threats that are present in applications include: cookies—text files
used to store user information, Flash cookies/LSOs—code used by Adobe
Flash programmers to store user information, attachments—documents or
applications attached to email messages, malicious add-ons—software that
is added to Web browsers, and header manipulation—hackers modify the
header data of applications. Session hijacking typically combines a network
attack with an application attack.
Divulging weaknesses in
some applications.
12. This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.