IT Security/Threats/Application Attacks

This lesson covers application attacks.

Objectives and Skills

edit

Objectives and skills for the application attacks portion of Security+ certification include:[1]

Explain types of application attacks.
  • Cross-site scripting
  • SQL injection
  • LDAP injection
  • XML injection
  • Directory traversal/command injection
  • Buffer overflow
  • Integer overflow
  • Zero-day
  • Cookies and attachments
  • LSO (Locally Shared Objects)
  • Flash Cookies
  • Malicious add-ons
  • Session hijacking
  • Header manipulation
  • Arbitrary code execution / remote code execution

Readings

edit

Multimedia

edit
  1. YouTube: Cross-Site Scripting - CompTIA Security+ SY0-401: 3.5
  2. YouTube: SQL Injection, XML Injection, and LDAP Injection - CompTIA Security+ SY0-401: 3.5
  3. YouTube: Directory Traversal and Command Injection - CompTIA Security+ SY0-401: 3.5
  4. YouTube: Buffer Overflows and Integer Overflows - CompTIA Security+ SY0-401: 3.5
  5. YouTube: Zero-Day Attacks - CompTIA Security+ SY0-401: 3.5
  6. YouTube: Cookies, Header Manipulation, and Session Hijacking - CompTIA Security+ SY0-401: 3.5
  7. YouTube: Locally Shared Objects and Flash Cookies - CompTIA Security+ SY0-401: 3.5
  8. YouTube: Malicious Add-ons and Attachments - CompTIA Security+ SY0-401: 3.5
  9. YouTube: Arbitrary and Remote Code Execution - CompTIA Security+ SY0-401: 3.5

Activities

edit

See Also

edit

References

edit