CISSP Exam and Cyber Attacks Lecture Notes

Overview

• CISSP exam expects familiarity with various cyber attacks:
  • Cryptanalytic attacks
  • Mobile and wireless attacks
  • Access control attacks
  • Malicious code and application attacks
• Familiarity with countermeasures and prevention
• Discussion on post-quantum cryptography and quantum-resistant algorithms
• Series includes 8 core lessons and supplemental lessons
• This is video number seven in the supplemental series

Cryptanalytic Attacks

Brute Force Attack

• Attempts trial and error to find the correct cryptographic key
• More effective with higher compute power and rainbow tables
• Countermeasures: cryptographic salts, CAPTCHA, throttling login attempts, IP block list

Birthday Attack

• Focuses on finding collisions in hash functions
• Countermeasure: using hashing functions that output long hash values

Replay Attack

• Reuses authentication requests to gain unauthorized access
• Countermeasure: use date timestamps

Meet in the Middle Attack

• Targets protocols using two rounds of encryption
• Example: caused retirement of 2DES

Man in the Middle Attack

• Attacker intercepts communication between two parties
• Common through unsecured Wi-Fi
• Countermeasures: secure Wi-Fi, VPNs, HTTPS, MFA

Known Plaintext Attack

• Attacker has both encrypted and plain messages

Chosen Ciphertext Attack

• Attacker can decrypt portions of the ciphertext

Chosen Plaintext Attack

• Attacker can encrypt plaintext and analyze resulting ciphertext

Ciphertext Only Attack

• Attacker has access only to ciphertext

Frequency Analysis

• Uses frequency of letters to identify underlying text
• Defense: using secure algorithms like WPA2 instead of WEP

Mobile and Wireless Attacks

Bluejacking

• Annoying attack sending unsolicited messages over Bluetooth

Bluesnarfing

• Data theft via Bluetooth

Bluebugging

• Creates backdoor access via Bluetooth
• Countermeasures: long PINs, disable discovery mode, use two-factor authentication

Network Attacks

Denial of Service (DoS)

• Resource consumption attack to interrupt service

Distributed Denial of Service (DDoS)

• Utilizes multiple systems to launch attack
• Countermeasures: firewalls, routers, IDS, disable broadcast packets, update patches

Common Denial of Service Attacks

• SYN Flood: disrupts TCP three-way handshake
• Smurf Attack: uses amplification network for response packets
• Ping of Death: sends oversized ping packets
• Teardrop Attack: sends fragmented packets to crash target
• Fraggle Attack: sends spoofed UDP traffic
• Land Attack: source and destination IPs are the same

Botnets

• Collection of compromised devices
• Controlled by bot herders

TCP Three-Way Handshake Explained

• Involved in many network attacks
• SYN -> SYN/ACK -> ACK to establish connection

Impersonation/Masquerading

• Pretending to be someone else to gain unauthorized access
• Countermeasures: one-time pads, token authentication systems, encrypted traffic, user training

Modification Attack

• Altering captured packets
• ARP Spoofing: sending malicious ARP packets
• Countermeasures: packet filtering, ARP spoofing software, SSL/TLS

DNS Attacks

DNS Poisoning

• Alters DNS mappings

DNS Spoofing

• Sends false DNS replies to requester
• Countermeasures: verify DNS changes, restrict zone transfers, log DNS activities

Homograph Attacks

• Use similar characters to create phony domains
• Countermeasures: update browsers, ICANN policies

Access Control Attacks

Dictionary and Brute Force Attacks

• Attempts to guess passwords
• Countermeasures: complex and long passwords, account lockout policies

Spoofed Logon Screens

• Fake logon screens to capture credentials

Sniffer Attacks

• Use of packet sniffers to capture data
• Countermeasure: encrypting data in transit

Social Engineering Attacks

• Convincing someone to provide information or perform actions
• Phishing: tricking users via email
  • Spear Phishing: targets specific users
  • Whaling: targets high-level executives
  • Vishing: uses VOIP technology
• Countermeasures: security awareness training, filtering suspect emails

Aggregation Attacks

• Combining non-sensitive information to deduce sensitive data

Kerberos

• Authentication protocol used in Active Directory
• Susceptible to replay attacks
• Countermeasures: robust password policies, secure endpoints

Malicious Code and Application Attacks

Buffer Overflow

• Exceeds buffer capacity causing a crash
• Countermeasure: input validation

Back Door

• Undocumented command sequence
• Countermeasures: code review, firewalls, anti-malware

Time-of-Check to Time-of-Use

• Timing vulnerability
• Countermeasures: file locking, transaction management

Root Kit

• Escalation of privileges
• Countermeasures: patches, anti-malware

Cross-Site Scripting (XSS)

• Injection of scripts into websites
• Countermeasure: input validation

Cross-Site Request Forgery (CSRF)

• Exploits user trust
• Countermeasure: secure tokens, checking URL referrers

SQL Injection

• Using unexpected input to access backend databases
• Countermeasures: input validation, prepared statements

Computer Viruses

Types:

• Multipart: Uses multiple propagation techniques
• Stealth: Hides by tampering with OS
• Polymorphic: Modifies its own code
• Encrypted: Uses cryptographic techniques
• Hoaxes: Not a virus, but a nuisance
• Logic Bombs: Lays dormant until triggered
• Trojan Horses: Seem harmless but carry malicious payloads
• Ransomware: Encrypts files until a ransom is paid
• Zero-Day Exploit: Uses unknown vulnerabilities

Post-Quantum Cryptography

Symmetric (Shared Key) Cryptography

• Holds up well against quantum attacks, e.g., doubling key length

Asymmetric (Public Key) Cryptography

• More susceptible due to Shore’s algorithm breaking factoring and discrete logarithm problems

Lattice-Based Cryptography

• Promising for quantum resistance
• Key for post-quantum public key algorithms

Conclusion

• Like and subscribe for more videos
• Check out the free 50-question practice quiz and official study guide
• Review this information to help prepare for exam day