2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet799/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   795   796   797   798   799   800   801   802   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Thrill Attacks
Thrill attacks
are the attacks launched only for the fun of it. Attackers who lack the abil-
ity to devise their own attacks will often download programs that do their work for them. 
These attackers are often called 
script kiddies
because they run only other people’s pro-
grams, or scripts, to launch an attack.
The main motivation behind these attacks is the “high” of successfully breaking into a 
system. If you are the victim of a thrill attack, the most common fate you will suffer is a ser-
vice interruption. Although an attacker of this type may destroy data, the main motivation is 
to compromise a system and perhaps use it to launch an attack against another victim.
One common type of thrill attack involves website defacements, where the attacker 
compromises a web server and replaces an organization’s legitimate web content with other 
pages, often boasting about the attacker’s skills. For example, attackers launched a series of 
automated website defacement attacks in 2017 that exploited a vulnerability in the widely 
used WordPress web publishing platform. Those attacks managed to deface more than
1.8 million web pages in one week.
Recently, the world has seen a rise in the field of “hacktivism.” These attackers, known 
as 
hacktivists
(a combination of 
hacker
and 
activist
), often combine political motivations 
with the thrill of hacking. They organize themselves loosely into groups with names like 
Anonymous and Lulzsec and use tools like the Low Orbit Ion Cannon to create large-scale 
denial-of-service attacks with little knowledge required.
Ethics
Security professionals hold themselves and each other to a high standard of conduct 
because of the sensitive positions of trust they occupy. The rules that govern personal con-
duct are collectively known as rules of 
ethics.
Several organizations have recognized the 
need for standard ethics rules, or codes, and have devised guidelines for ethical behavior.
We present two codes of ethics in the following sections. These rules are not laws. They 
are minimum standards for professional behavior. They should provide you with a basis for 
sound, ethical judgment. We expect all security professionals to abide by these guidelines 
regardless of their area of specialty or employer. Make sure you understand and agree with 
the codes of ethics outlined in the following sections. In addition to these codes, all infor-
mation security professionals should also support their organization’s code of ethics.



Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   795   796   797   798   799   800   801   802   ...   881




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish