Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.
Comprehensive practice exam engine!
All features in the FREE plan, plus:
Welcome to our Common Architecture Flaw and Security Issues module. Software back doors or trap doors can be very dangerous, because they allow individuals to access a system by bypassing the access controls. This access can be obtained using either a software utility or an illegitimate user account on the system.
This could be installed by a user as a Trojan horse or, and other type of malware. They can also be known as maintenance hooks and are typically installed as part of rootkits, which are designed to elevate the privileges of the user and avoid detection of the malicious software.
Once in place, these back doors would allow a malicious attacker to enter the system at any time usually without detection. A Trojan horse attack is typically installed by the user. They believe that they are installing a certain piece of useful software. But instead, they are actually installing a piece of hidden malware, granting access to an unauthorized individual or performing some other type of malicious function on the system.
Asynchronous attacks or timing attacks, which take advantage of the time between events in a sequence. There are known as talk two attacks, time of check, time of use and you should be familiar with these types of attacks for the CISSP examination. Here the attack takes place after the system checks a specific file and determines that it is safe to use that file, and then the system uses the file after the attacker modifies it in some way.
It's also known as a raised condition, because two processes are racing to carry out conflicting actions at the same time. Lf they are able to slow down one of the processes or speed up the other process, the attacker can take advantage of these conditions within a system. This could also occur, because of a improper revocation of a user's authentication credentials.
For example, if a user is fired, but they were still logged onto the system and they are still able to access resources, because they never logged off of the system. Attacks can also occur through vulnerabilities in applications. In a code injection attack, an attacker submits invalid data into the input field and this can allow them to take advantage of different types of vulnerabilities such as inserting sequel attacks or XML statements.
The input should always be validated to make sure that the user is inputting the correct type of data and the correct length of data. For example, if a user is entering their zip code, they should only be permitted to enter five or nine digits. They should not be able to enter letters or scripts, or any other type of code other than digits.
With a buffer overflow attack, an application does not verify the amount of information that is being entered and that data can overwrite into other memory segments. When this occurs, an attacker might be able to execute code in a privileged mode. For example, if the program is looking for the input of a phone number, perhaps 10 digits and a user enters 50,000 digits, they may be able to cause a buffer overflow attack.
And this is why it is important to verify the information that the user is entering before processing it. We can use data validation to mitigate buffer overflow attacks. We wanna confirm that the data being entered is acceptable before we process it. Validation is this process of reviewing the data against a predefined set of criteria before we submit it for processing.
The security checks on this data along with validity checks allow us to ensure that it is the proper format. For example, if we're looking for a user to enter a zip code, we would make sure that they are entering either five or nine numeric digits. We would not allow them to enter more than nine digits and we would not allow them to enter letters or symbols.
You should remember for the CISSP examination that it is is a best practice to perform data validation on the client's side in the web browser and also on the server side on the web server to make sure that data cannot be submitted without being verified. Emanations is a signal that is emitted when electronic devices are being used and these signals can carry information that often be captured or sniffed.
One type is electromagnetic radiation or EMR, which could allow unauthorized individuals to eavesdrop on copper media. Electromagnetic interference or EMI, radio frequency interference or RFI can also allow an attacker to capture emanations. Wi-Fi or wireless networking allows individuals to sit outside of our building and potentially capture our wireless signals.
And therefore, obtain our sensitive data. We can also have individuals attempting to monitor our internet access or our cellular phone signals and you should be aware that jamming cellular signals is often illegal in the United States, and in other countries. Sniffers or tempest equipment can be used to detect emanations.
If you detect emanations from your equipment, then you should take steps to block the emanations, so that an unauthorized user is not able to use this as a vector to attack you. You can shield emissions using a metal Faraday cage to block the emissions. A Faraday cage is a grounded metal cage that can be used to block those signals and you should remember the term Faraday cage for the CISSP examination.
You can also try to keep potential attackers far enough away that the emanations would dissipate before they can be detected. One example of this is to keep your data center in the middle of the building. So that way, there would be no emanations outside the building if an attacker was able to get on to the property and stand outside the building.
Fiber optic cable is immune to emanations and interference and is therefore, considered to the best type of cabling although it is also the most expensive. Shielded twisted pair or STP has aluminum foil over the copper media to reduce emanations and reduce the chance of interference from outside sources.
This works very well in electrically noisy environments such as those environments with motors or fluorescent lighting. You can also use metal conduit or cable armoring to enhance your security. This concludes our common architectural flaws and security issues module. Thank you for watching.
Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.
Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.
THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!
Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.
Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.
Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.
More PRO benefits are being built all the time!