2 cissp ® Official Study Guide Eighth Edition


Understand the propagation techniques used by viruses



Download 19,3 Mb.
Pdf ko'rish
bet877/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   873   874   875   876   877   878   879   880   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Understand the propagation techniques used by viruses.
Viruses use four main propagation 
techniques—file infection, service injection, boot sector infection, and macro infection—to 
penetrate systems and spread their malicious payloads. You need to understand these tech-
niques to effectively protect systems on your network from malicious code.
Know how antivirus software packages detect known viruses.
Most antivirus programs 
use signature-based detection algorithms to look for telltale patterns of known viruses. 
This makes it essential to periodically update virus definition files in order to maintain 
protection against newly authored viruses as they emerge. Behavior-based detection is also 
becoming increasingly common, with antivirus software monitoring target systems for 
unusual activity and either blocking it or flagging it for investigation, even if the software 
does not match a known malware signature.
Explain the techniques that attackers use to compromise password security.
Passwords 
are the most common access control mechanism in use today, and it is essential that you 
understand how to protect against attackers who seek to undermine their security. Know 
how password crackers, dictionary attacks, and social engineering attacks, such as phish-
ing, can be used to defeat password security.
Be familiar with the various types of application attacks attackers use to exploit poorly 
written software.
Application attacks are one of the greatest threats to modern comput-
ing. Attackers exploit buffer overflows, back doors, time-of-check-to-time-of-use vulner-
abilities, and rootkits to gain illegitimate access to a system. Security professionals must 
have a clear understanding of each of these attacks and associated countermeasures.
Understand common web application vulnerabilities and countermeasures.
As many 
applications move to the web, developers and security professionals must understand the 

944
Chapter 21 

Malicious Code and Application Attacks
new types of attacks that exist in this environment and how to protect against them. The 
two most common examples are cross-site scripting (XSS) and SQL injection attacks.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   873   874   875   876   877   878   879   880   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2025
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish