Page 107 - StudyBook.pdf
P. 107

General Security Concepts: Attacks • Chapter 2  91

                 Summary of Exam Objectives


                 In this chapter, we covered a number of different attacks and attack scenarios.The
                 Security+ exam will focus on these attack sections, so be mindful of this while
                 reviewing and make certain you are able to differentiate the attack types.
                 Specifically, pay attention to social engineering, rootkits, spyware, malware, DoS,
                 and TCP/IP-based attacks. Make certain you know why DoS attacks are effective
                 and what some of the common defense methods are.
                    In the DoS/DDoS section, we reviewed the fundamentals of a DoS attack, and
                 why they are so easy to perform but difficult to defend.We also covered the differ-
                 ence between a DoS attack and a DDoS attack and the different components of a
                 DDoS attack, such as client, daemon, master, and zombie.The next section covered
                 buffer overflow attacks, and described how attackers use flawed application code to
                 inject their own malicious code into a system.
                    We then covered how a TCP/IP connection is made and moved on to different
                 TCP/IP-based attacks such as MITM, replay and TCP/IP session hijacking.We
                 then covered various types of spoofing (defined as providing false information
                 about your identity in order to gain access to systems), including IP, e-mail,Web
                 site spoofing, and phishing attacks.
                    We then discussed social engineering, providing steps on how to both use and
                 defend against it.We discussed dumpster diving and how it can be used to
                 strengthen a social engineering attack. Social engineering is an important concept
                 for this exam, so be certain you understand it.
                    Password attacks, both brute force and dictionary-based, were covered, as well as
                 simply guessing a password with information related to the victim.
                    The final sections of the chapter covered malware.We discussed viruses, worms,
                 rootkits,Trojan horses, and spyware. Each of these is likely to be in the exam, so be
                 sure to know the differences between them, but don’t worry too much about
                 knowing the specific versions of each.

                 Exam Objectives Fast Track



                 Active Attacks


                       Active attacks can take many shapes, but the three most common forms
                         are network-based, application-based, and mixed threat attacks.





                                                                              www.syngress.com
   102   103   104   105   106   107   108   109   110   111   112