2 cissp ® Official Study Guide Eighth Edition


Understand zero-day exploits



Download 19,3 Mb.
Pdf ko'rish
bet740/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   736   737   738   739   740   741   742   743   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

793
Understand zero-day exploits.
A zero-day exploit is an attack that uses a vulnerability 
that is either unknown to anyone but the attacker or known only to a limited group of 
people. On the surface, it sounds like you can’t protect against an unknown vulnerability, 
but basic security practices go a long way toward preventing zero-day exploits. Removing 
or disabling unneeded protocols and services reduces the attack surface, enabling firewalls 
blocks many access points, and using intrusion detection and prevention systems helps 
detect and block potential attacks. Additionally, using tools such as honeypots and padded 
cells helps protect live networks.
Understand man-in-the-middle attacks.
A man-in-the-middle attack occurs when a mali-
cious user is able to gain a logical position between the two endpoints of a communications 
link. Although it takes a significant amount of sophistication on the part of an attacker to 
complete a man-in-the middle attack, the amount of data obtained from the attack can be 
significant.
Understand sabotage and espionage.
Malicious insiders can perform sabotage against an 
organization if they become disgruntled for some reason. Espionage is when a competitor 
tries to steal information, and they may use an internal employee. Basic security principles, 
such as implementing the principle of least privilege and immediately disabling accounts for 
terminated employees, limit the damage from these attacks.
Understand intrusion detection and intrusion prevention.
IDSs and IPSs are important 
detective and preventive measures against attacks. Know the difference between knowledge-
based detection (using a database similar to anti-malware signatures) and behavior-based 
detection. Behavior-based detection starts with a baseline to recognize normal behavior and 
compares activity with the baseline to detect abnormal activity. The baseline can be outdated 
if the network is modified, so it must be updated when the environment changes.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   736   737   738   739   740   741   742   743   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish