Social Engineering, Exams of Engineering

1.2 Attack Types. ○ Social engineering: Phishing; Spear phishing; Whaling;. Vishing; Tailgating; Impersonation; Dumpster diving; Shoulder surfing.

Typology: Exams

2022/2023

Uploaded on 03/01/2023

sureesh
sureesh 🇺🇸

4.6

(10)

243 documents

1 / 27

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CompTIA Security+ 501
Cybrary - Ron Woerner 1
CompTIA Security+
SY0-501
Instructor: Ron Woerner, CISSP, CISM
CompTIA Security+
Domain 1 –
Threats, Attacks and Vulnerabilities
1.2 Compare and contrast types of attacks
Part 1: Social Engineering Attacks
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b

Partial preview of the text

Download Social Engineering and more Exams Engineering in PDF only on Docsity!

CompTIA Security+

SY0-

Instructor: Ron Woerner, CISSP, CISM

CompTIA Security+

Domain 1 –

Threats, Attacks and Vulnerabilities

1.2 Compare and contrast types of attacks

Part 1: Social Engineering Attacks

1.2 Attack Types

● Social engineering: Phishing; Spear phishing; Whaling; Vishing; Tailgating; Impersonation; Dumpster diving; Shoulder surfing ● Application/service attacks: Buffer overflow; Injection; Cross-site scripting; Cross-site request forgery; Privilege escalation; Impersonation/Masquerading; Replay; Driver manipulation (Shimming; Refactoring); ● Cryptographic attacks: Birthday; Known plain text/cipher text; Rainbow tables; Dictionary; Brute force; Pass the hash ● Hijacking and related attacks: Clickjacking; Session hijacking; URL hijacking; Typo squatting); MAC spoofing; IP spoofing ● Network / Wireless Attacks: DoS; DDoS; Man-in-the-middle; Amplification; DNS poisoning; Domain hijacking; ARP poisoning; Initialization Vector (IV); Evil twin; Rogue AP; Jamming; Bluejacking; Bluesnarfing

Social Engineering

Definition: ● The process by which intruders gain access to facilities, network, systems, data and even employees by exploiting the generally trusting nature of people. ● The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

● Reference: Chris Hadnagy, The Art of Human Hacking (Wiley, 2010)

Phishing Example

Communications Spoofing / Fraud

Whaling : a phishing attack that is specifically aimed at wealthy, powerful, or prominent individuals. ● Vishing : making phone calls or leaving voice messages purporting to be from reputable companies. ● Pharming : traffic redirect to a spoofed web site ● Variants - SMiShing

Communications Spoofing

● Vishing: the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies in order to induce individuals to reveal personal information. ● Variants: SMiShing

Communications Spoofing

Hoax : Malicious actors issuing false warnings to alarm users ● Swatting : Fraudulent calls to the police ● Watering Hole Attack : A security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.

Social Engineering Attacks – Physical

● Shoulder Surfing: watching someone “over their shoulder” when they enter sensitive data such as a password or credit card information.

Social Engineering – Principles

Reasons for effectiveness

● Authority ● Intimidation ● Consensus / Social Proof ● Scarcity

● Familiarity / Liking ● Trust ● Urgency ● Reciprocity

Reference: Cialdini, Influence, Science and Practice, 5th^ ed , 2009

Social Engineering – Prevention

● User education

● “Trust, but verify”

● “If you see something, say something”

Sample question

A user contacts you suspecting that his computer is infected. Yesterday he opened an email that looked like it was from a colleague. When he later talked to that person, she said she never sent an email. What type of attack is the most likely the cause of the infection? A. Phishing B. Trojan C. Spear phishing D. Whaling

CompTIA Security+

Domain 1 –

Threats, Attacks and Vulnerabilities

1.2 Compare and contrast types of attacks

Part 2: Application/service Attacks

Attack Types

● Social engineering: Phishing; Spear phishing; Whaling; Vishing; Tailgating; Impersonation; Dumpster diving; Shoulder surfing ● Application/service attacks: Buffer overflow; Injection; Cross-site scripting; Cross-site request forgery; Privilege escalation; Impersonation/Masquerading; Replay; Driver manipulation (Shimming; Refactoring); Zero-Day (0-Day) Exploits ● Cryptographic attacks: Birthday; Known plain text/cipher text; Rainbow tables; Dictionary; Brute force; Pass the hash ● Hijacking and related attacks: Clickjacking; Session hijacking; URL hijacking; Typo squatting); MAC spoofing; IP spoofing ● Network / Wireless Attacks: DoS; DDoS; Man-in-the-middle; Amplification; DNS poisoning; Domain hijacking; ARP poisoning; Initialization Vector (IV); Evil twin; Rogue AP; Jamming; Bluejacking

Application Attacks

● Buffer overflow

● Injection

● Cross-site scripting (XSS)

● Cross-site request forgery (CSRF or XSRF)

● Privilege escalation

OWASP Top 10 Application Security Risks - 2017

https://www.owasp.org/index.php/Top_10-2017_Top_

Application Attacks – Cross-site scripting & Cross-site request forgery

● Cross-site scripting (XSS): occur whenever an application includes untrusted data in a new web page without proper validation or escaping, or updates an existing web page with user-supplied data using a browser API that can create HTML or JavaScript. ○ Example: RonWoerner

● Cross-site request forgery (CSRF/XSRF): an attack that forces an end user to execute unwanted actions on a web application. Also known as a session riding or one-click attack

Application Attacks – Privilege Escalation

The act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.

Application Attacks –

Prevention & Response

● Good coding practices – See OWASP ● Filter and validate any user input ● Use a Web Application Firewall (WAF) ● Build security into the Software Development Life Cycle (SDLC) ● Have an incident response plan in place

Zero-Day (0-Day) Exploits

● An attack that exploits a previously unknown security vulnerability. ● It may take advantage of a security vulnerability on the same day that the vulnerability becomes generally known.

● Example: Stuxnet

Prevention : ○ Defense in depth; ○ Patch; ○ Keep AV up-to-date

Cryptographic attacks

See section on Cryptography

Birthday : an attack on cryptographic hash that looks for hash collisions – exploiting the 1-to-1 nature of hashing functions. ● Known plain text/cipher text : An the attacker attempts to derive a cryptographic key by using pairs of known plain text along with the corresponding cipher text. ● Frequency analysis : Looking at the blocks of an encrypted message to determine if any common patterns exists

Cryptographic attacks

Password attacks: ● Dictionary : systematically entering each word in a dictionary as a password ● Brute force : systematically attempting all possible combinations of letters, numbers, and symbols. Usually automated. ● Rainbow tables : all of the possible password hashes are computed in advance and those hash values are compared with the password database. ● Pass the hash : An attacker attempts to authenticate to a remote server or service by intercepting password hashes on a network.

Sample question

During a breach investigation, you notice that the attacker entered the database through a web front end application by manipulating the database code to exploit a vulnerability. What is the most likely name for this type of attack? A. SQL parsing B. Database injection C. SQL injection D. Session hijacking

Sample question

Which of the following type of attack is the result of software vulnerabilities and is caused by supplying more data than is expected in an input field? A. Buffer overflow attack B. Cross site scripting C. Denial-of-Service (DoS) attack D. App overloading

CompTIA Security+

Domain 1 –

Threats, Attacks and Vulnerabilities

1.2 Compare and contrast types of attacks

Part 3: Network & Wireless Attacks

Attack Types

● Social engineering: Phishing; Spear phishing; Whaling; Vishing; Tailgating; Impersonation; Dumpster diving; Shoulder surfing ● Application/service attacks: Buffer overflow; Injection; Cross-site scripting; Cross-site request forgery; Privilege escalation; Impersonation/Masquerading; Replay; Driver manipulation (Shimming; Refactoring); ● Cryptographic attacks: Birthday; Known plain text/cipher text; Rainbow tables; Dictionary; Brute force; Pass the hash ● Hijacking and related attacks: Clickjacking; Session hijacking; URL hijacking; Typo squatting); MAC spoofing; IP spoofing ● Network / Wireless Attacks: DoS; DDoS; Man-in-the-middle; Amplification; DNS poisoning; Domain hijacking; ARP poisoning; Initialization Vector (IV); Evil twin; Rogue AP; Jamming; Bluejacking

Hijacking and related attacks

Clickjacking : tricking a web user into clicking a spoofed button or graphic. ● Session hijacking (Cookie hijacking): exploiting a valid computer session, or session key, to gain unauthorized access to information or services. ● URL hijacking / Typo squatting : the act of registering domains that are similar to those for a known entity but based on a misspelling or typographical error. (examples: g00gle.com, gooogle.com)

Network Hijacking Attacks

MAC spoofing : The Media Access Control (MAC) address is a hard-coded on a network interface controller (NIC) number. Many drivers allow the MAC address to be changed. A technique for changing a factory-assigned MAC address of a network interface on a networked device.