Assignment 3

docx

School

American Public University *

*We aren’t endorsed by this school

Course

ISSC452

Subject

Computer Science

Date

Feb 20, 2024

Type

docx

Pages

5

Uploaded by AmbassadorHummingbirdPerson531

Report
Attacks, Exploits, and Vulnerabilities Kyle Namen American Public University Cybersecurity ISSC452 Dr. Ron L. Booth 11/24/2023
2 There are many ways for an attacker to take advantage of a system vulnerability and gain unauthorized access to information, data, and controls that would be detrimental to the victim and their system. Below are descriptions of just a handful of the ways someone might try to compromise your computer systems. A backdoor attack is a sort of hack in which malware or viruses are used to circumvent security systems and obtain unauthorized access to applications, systems, or networks. Backdoor threats can infiltrate the targeted system and act as a covert means of bypassing standard authentication protocols in order to obtain unauthorized access to a system. Backdoors can be deliberate or unintentional and are typically carried out by exploiting system flaws or installing malicious software that creates an entry point for the attacker Martens, 2018). A spam attack is defined as an unlawful and unwanted message distributed to many recipients. It can be used to dupe users into disclosing personal information or login passwords, or it can be used to install malware on their devices (FTC, 2019). Spam assaults can jeopardize the user's security. There are many different forms, including email spam, SMS spam, and social media spam. They are sometimes delivered by false or hacked profiles and include fake advertisements and links that actual people are prompted to click on. When receiving messages from unfamiliar sources, it is critical to exercise caution and avoid clicking on suspicious links or downloading attachments from unknown sources (FTC, 2019). Unauthorized access to password-protected accounts is a common form of cyber-attack, known as a password attack. Attackers use different techniques to gain access, such as brute force attacks, dictionary attacks, and social engineering attacks. In a brute force attack, the attacker tries many password combinations with the assistance of software until they find the right one. A dictionary attack uses a list of common words or phrases to guess the password
3 (SSH, n.d.). A social engineering attack is when an attacker tricks a user into entering their login credentials on a fake login page that looks like a legitimate one. To protect against password attacks, it is essential to use strong and unique passwords for every account. It is also recommended to enable two-factor authentication when possible and to avoid using the same password across multiple accounts. A sniffer attack is a type of cyber-attack where an attacker intercepts and monitors network traffic. The attacker can then steal the data packets that are being transmitted, which might include sensitive information such as login credentials or banking information. Sniffing attacks can be carried out using software applications that capture all data packets passing through the targeted network, or by using hardware devices designed for this purpose (Biasco, 2021). There are two main types of sniffing attacks: passive and active. In a passive sniffing attack, the hacker monitors traffic passing through a network without disrupting it. In an active sniffing attack, the attacker sends crafted packets on a network to extract sensitive data. To safeguard against sniffing attacks, it is suggested to use encryption to protect sensitive information, avoid using unsecured public Wi-Fi networks, and use a Virtual Private Network (VPN) when accessing the internet from a public network. (Biasco, 2021). A timing attack is a type of cyber-attack where an attacker attempts to compromise a system by analyzing the time taken to execute certain algorithms. The attacker can use this information to deduce the password tested by that algorithm. For example, a password verification system that takes longer to verify an incorrect password than a correct one. This information can be used to deduce the correct password by measuring the time taken to verify a password. To protect against timing attacks, it is recommended to use algorithms that take the same amount of time to execute regardless of the input (Rope Security, n.d.).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
4 Overall, the best way to mitigate a system breach is to ensure your software is up to date, including the antivirus and spam filters. Though it is not foolproof, this would make a break in much more difficult and could alert the user to any activity that is abnormal.
5 References Biasco, P. (2021, June 1). What is packet sniffing and how to prevent it. Privacy Bee.   https://privacybee.com/blog/what-is-packet-sniffing/ Federal Trade Commission. (2019, May 3).  How To Recognize and Avoid Phishing Scams . Consumer Information. https://consumer.ftc.gov/articles/how-recognize-and-avoid- phishing-scams Martens, B. (2018, September 2).  What is a Backdoor and How to Protect Against it . SafetyDetectives. https://www.safetydetectives.com/blog/what-is-a-backdoor-and-how- to-protect-against-it/ Rope Security. (n.d.). What is a Timing Attack Vulnerability? Ropesec.com. https://ropesec.com/articles/timing-attacks/ SSH. (n.d.). Types of Password Attacks and How to Prevent Them . Www.ssh.com. https://www.ssh.com/academy/secrets-management/how-to-prevent-password-attacks

Related Documents

CHCSOH013_AE_CS.docx
ml assignment 5.pdf
Question 1.docx
BANA614-Quiz4-TakeHome (1).docx
Hands-on8.docx
Assignment 2.docx
Assignment 5.docx
Assignment 8.docx
Assignment 7.docx
Blockchain 1_ Assignment 9.docx
CYB 210 Network Configuration Scavenger Hunt done.docx
quiz.docx
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS