CISSP Study Guide

This Blog is dedicated to help Serious IT Security Practitioners to pass the renowned CISSP exam. It is a must read for those going for the exam and needs total recall

Thursday, March 09, 2006


  • Brute Force attacks
    • Attempts to gain access many times using different input
    • Password guessing and war dialing are examples

  • Dictionary attacks
    • More selective than a brute force
    • Submits identification credentials from a dictionary, or a list of commonly used user IDs

  • Denial of Service (DOS) attacks
    • Attacker saturates network, rendering access to the system impossible or unbearably slow

  • Spoofing attacks
    • Attacker presents a substitute login screen
    • Fake login screen stores the user ID and password, then displays a failed login message

  • Man-in-the-Middle attack
    • Uses a network sniffer or hardware/software that intercepts network packets, to grab traffic en route to another destination

  • Monitoring
    • Event log auditing
      • System events
    • Application events
      • User events
    • Keystroke monitoring
      • Normally only used by hackers or to investigate suspected inappropriate activity
    • HoneyPot
      • Entices a potential hacker to attack

  • Intrusion Detection
    • Intrusion detection systems(IDS)
      • Network-based IDS - monitors network segment
        • Monitor a network or system
      • Host-based IDS - monitors a single system
        • Signature-based
          • Contains a database of recognized attacks
          • Activity is compared with signature database
          • Sounds an alarm for suspcious activity
        • Behaviour-based
          • Detects usage anomalies
          • Sometimes called an expert system
          • Generally results in more false positives than signature-based IDS
  • Penetration Testing
    • Legal hacking
    • Set of attacks to judge how vulnerable your system really is
    • Exhaustive penetration tests can uncover vulnerabilities


Post a Comment

<< Home