Describe these evasion methods Implementing Cisco Cybersecurity Operations (210-255) Encryption and Tunneling: Attackers use encryption and tunneling to obfuscate their attacks. VPN technologies like IPSec can be used to keep IPS/IDS from seeing the command and control traffic or even the attack traffic. Resource Exhaustion: A denial of service attack against security appliances like IPS […]

Read More »

Describe these endpoint-based attacks Implementing Cisco Cybersecurity Operations (210-255) Buffer Overflows Buffer overflow attacks occur when an attacker sends more data that the application expects. If the input is unchecked, an attacker can force a program to execute code in memory sections it shouldn’t have access to. Command and Control (C2) Command and control traffic […]

Read More »

Describe these attacks: Social Engineering, Phishing, Evasion Methods Implementing Cisco Cybersecurity Operations (210-255) Social Engineering Social engineering is a style of attack where the attacker goes after the human element. One example would be tricking a user into giving the attacker more information about the systems or data that they are trying to acquire. Phishing […]

Read More »

Describe these web application attacks: SQL Injection, Command injections, Cross-site scripting Implementing Cisco Cybersecurity Operations (210-255) SQL Injection SQL Injection attacks use vulnerabilities in applications, generally web based, to inject SQL commands. These commands could reveal data that the application would not normally show an unprivileged users. They can also be used to create additional […]

Read More »