CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
2. Page 2
Instructor, PACE-IT Program – Edmonds Community College
Areas of expertise Industry Certifications
 PC Hardware
 Network Administration
 IT Project Management
 Network Design
 User Training
 IT Troubleshooting
Qualifications Summary
Education
 M.B.A., IT Management, Western Governor’s University
 B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.
5. Page 5
Due to improvements in
modern network security
methods, hackers may not
be able to easily exploit
network resources.
As these security improvements have developed, in many cases,
attackers have shifted their focus to application attacks. The
hacker will focus on exploiting weaknesses in the software and
operating systems that people use every day.
In many cases, the security used to protect software from
exploitation is not as robust as the security that is used to protect
networks. A poorly developed application can often give the
hacker administrative control of a system if the exploit is
executed properly.
Types of application attacks I.
7. Page 7
Types of application attacks I.
– Cross-site scripting (XSS) attack.
» The attacker inserts script code into a form on a Web page that
gets submitted to the server.
• The server submits the script code to another client system,
which then executes the script.
» XSS is often used to attack the database servers that are used
to support Web pages.
– SQL (Structured Query Language) Injection
attack.
» SQL is the common language used to manipulate databases.
Most business and Web applications use SQL to retrieve data
from databases.
» To perform the attack, the hacker inserts SQL commands into
the application, usually from an input field, knowing that the
application will pass the command to the database application.
• The injected SQL commands will then modify the database
(e.g., inserting a new username and password for the hacker
to use in further exploitation).
8. Page 8
Types of application attacks I.
– Buffer overflow attack.
» The hacker sends more information to the application than the
application’s memory buffer can handle—overflowing the
buffer.
• The additional information will often be placed in memory
outside of the buffer.
• If the hacker can get the right information stored outside of the
buffer, he or she can execute code with administrative
privilege.
– Integer overflow attack.
» Similar to a buffer overflow attack, but involves exploiting the
mathematical functions of an application.
• When a mathematical function returns an integer (number)
larger than the memory space that has been allocated to
receive it, applications often respond in unexpected ways; this
represents a security issue.
9. Page 9
Types of application attacks I.
– Directory traversal/command injection
attack.
» A popular attack against Web servers in which the hacker
attempts to traverse the Web server’s directories to the point
where he or she can execute commands on the underlying
operating system (OS).
• The attacker manipulates the URL (Uniform Resource
Locator) requests in order to move through the directories and
get to a command prompt on the underlying OS.
– LDAP (Lightweight Directory Access
Protocol) injection attack.
» Uses the same principle as an SQL injection attack, but exploits
LDAP calls instead of SQL commands.
– XML (Extensible Markup Language)
injection attack.
» Uses the same principle as the SQL and LDAP injection
attacks, but exploits XML to modify the targeted application.
10. Page 10
One of the largest threats
that network security
personnel face is the
unknown vulnerability.
Network and systems administrators expend a fair amount of
effort protecting the assets under their control. They can do a
good job of hardening their systems, but not a perfect job.
The problem lies with zero day attacks. Zero day attacks take
advantage of either new or very recently discovered
vulnerabilities in applications, which means that networks and
systems probably haven’t yet been hardened against them.
The unfortunate reality is that attacks keep changing and security
experts must also be willing to adapt in order to keep pace.
Types of application attacks I.
11. Page 11
The best defense against
application attacks begins
with the application’s
developer.
Most attacks against applications involve exploiting outside input
to the applications. By using proper data validation techniques,
application developers can stop most application attacks from
succeeding.
All data validation techniques should be thoroughly tested by the
developer to ensure that they are effective. It is even advisable to
have an unaffiliated person or organization attempt to bypass the
validation techniques in order to increase the effectiveness of the
testing.
Types of application attacks I.
12. Page 12
Types of application attacks I.
As network security has improved, many hackers have shifted their focus to
attempting to exploit the applications that are running on networks. In many
cases, the security used to protect applications is not as difficult to
overcome as the security that is used to protect networks. Application
attacks seek to exploit weaknesses that may be found in the software and
operating systems that people use every day.
Topic
Application attacks defined.
Summary
Cross-site scripting, SQL injection, buffer overflow, integer overflow,
directory traversal/command injection, LDAP injection, and XML injection
attacks are all common application attacks used by hackers. Zero day
attacks exploit either unknown or recently discovered weaknesses in
applications, making them difficult to defend against. The best defense
against most application attacks is to ensure that the applications use
effective data validation techniques.
Common application attacks.
14. This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.