Describe these attacks: Social Engineering, Phishing, Evasion Methods Implementing Cisco Cybersecurity Operations (210-255) Social Engineering Social engineering is a style of attack where the attacker goes after the human element. One example would be tricking a user into giving the attacker more information about the systems or data that they are trying to acquire. Phishing […]

Read More »

Describe these web application attacks: SQL Injection, Command injections, Cross-site scripting Implementing Cisco Cybersecurity Operations (210-255) SQL Injection SQL Injection attacks use vulnerabilities in applications, generally web based, to inject SQL commands. These commands could reveal data that the application would not normally show an unprivileged users. They can also be used to create additional […]

Read More »

Describe these network attacks: Denial of Service, Distributed Denial of Service, Man-in-the-Middle Implementing Cisco Cybersecurity Operations (210-255) Denial of Service A Denial of Service (DoS) attack has the goal of preventing normal operations of an asset. This can be accomplished by either rendering an asset unavailable due to a crash or reboot, or by overwhelming […]

Read More »

Compare and contrast an attack surface and vulnerability. Implementing Cisco Cybersecurity Operations (210-255) The attack surface of a piece of hardware or software is the total of all potential attack vectors. An attack vector can be a service or other entry point. To be used in an attack there must be a vulnerability present that […]

Read More »