Vulnerability Impact

CompTIA Security+ Certification (SY0-501) Chapter 9 - Testing Your Infrastructure
10 minutes
Share the link to this page
Copied
  Completed
You need to have access to the item to view this lesson.
One-time Fee
$99.99
List Price:  $139.99
You save:  $40
€91.73
List Price:  €128.43
You save:  €36.69
£78.50
List Price:  £109.90
You save:  £31.40
CA$135.42
List Price:  CA$189.60
You save:  CA$54.17
A$152.22
List Price:  A$213.12
You save:  A$60.89
S$133.77
List Price:  S$187.28
You save:  S$53.51
HK$781.89
List Price:  HK$1,094.68
You save:  HK$312.79
CHF 88.30
List Price:  CHF 123.63
You save:  CHF 35.32
NOK kr1,058
List Price:  NOK kr1,481.24
You save:  NOK kr423.24
DKK kr684.10
List Price:  DKK kr957.77
You save:  DKK kr273.66
NZ$164.15
List Price:  NZ$229.81
You save:  NZ$65.66
د.إ367.20
List Price:  د.إ514.09
You save:  د.إ146.89
৳10,978.23
List Price:  ৳15,369.96
You save:  ৳4,391.73
₹8,290.53
List Price:  ₹11,607.08
You save:  ₹3,316.54
RM471.80
List Price:  RM660.54
You save:  RM188.74
₦156,534.34
List Price:  ₦219,154.34
You save:  ₦62,620
₨27,950.66
List Price:  ₨39,132.05
You save:  ₨11,181.38
฿3,595.26
List Price:  ฿5,033.51
You save:  ฿1,438.25
₺3,229.78
List Price:  ₺4,521.83
You save:  ₺1,292.04
B$499.40
List Price:  B$699.18
You save:  B$199.78
R1,883.20
List Price:  R2,636.56
You save:  R753.35
Лв179.42
List Price:  Лв251.19
You save:  Лв71.77
₩133,286.20
List Price:  ₩186,606.01
You save:  ₩53,319.81
₪365.03
List Price:  ₪511.06
You save:  ₪146.02
₱5,561.09
List Price:  ₱7,785.75
You save:  ₱2,224.66
¥14,911.76
List Price:  ¥20,877.07
You save:  ¥5,965.30
MX$1,670.32
List Price:  MX$2,338.52
You save:  MX$668.19
QR364.82
List Price:  QR510.77
You save:  QR145.94
P1,359.04
List Price:  P1,902.71
You save:  P543.67
KSh13,398.66
List Price:  KSh18,758.66
You save:  KSh5,360
E£4,718.65
List Price:  E£6,606.31
You save:  E£1,887.65
ብር5,656.15
List Price:  ብር7,918.84
You save:  ብር2,262.68
Kz83,512.74
List Price:  Kz116,921.18
You save:  Kz33,408.44
CLP$93,810.03
List Price:  CLP$131,337.80
You save:  CLP$37,527.76
CN¥710.61
List Price:  CN¥994.89
You save:  CN¥284.27
RD$5,917.87
List Price:  RD$8,285.25
You save:  RD$2,367.38
DA13,435.55
List Price:  DA18,810.31
You save:  DA5,374.76
FJ$226.69
List Price:  FJ$317.37
You save:  FJ$90.68
Q780.94
List Price:  Q1,093.35
You save:  Q312.40
GY$20,949.18
List Price:  GY$29,329.69
You save:  GY$8,380.51
ISK kr13,659.63
List Price:  ISK kr19,124.03
You save:  ISK kr5,464.40
DH1,002.67
List Price:  DH1,403.78
You save:  DH401.11
L1,768.33
List Price:  L2,475.73
You save:  L707.40
ден5,652.42
List Price:  ден7,913.61
You save:  ден2,261.19
MOP$805.88
List Price:  MOP$1,128.27
You save:  MOP$322.38
N$1,866.55
List Price:  N$2,613.25
You save:  N$746.69
C$3,681.10
List Price:  C$5,153.70
You save:  C$1,472.59
रु13,266.49
List Price:  रु18,573.62
You save:  रु5,307.13
S/368.83
List Price:  S/516.39
You save:  S/147.55
K382.06
List Price:  K534.91
You save:  K152.84
SAR375
List Price:  SAR525.02
You save:  SAR150.01
ZK2,508.19
List Price:  ZK3,511.57
You save:  ZK1,003.37
L456.04
List Price:  L638.48
You save:  L182.43
Kč2,310.02
List Price:  Kč3,234.13
You save:  Kč924.10
Ft36,211.46
List Price:  Ft50,697.50
You save:  Ft14,486.03
SEK kr1,038.11
List Price:  SEK kr1,453.39
You save:  SEK kr415.28
ARS$85,066.49
List Price:  ARS$119,096.49
You save:  ARS$34,030
Bs691.23
List Price:  Bs967.75
You save:  Bs276.52
COP$389,029.38
List Price:  COP$544,656.70
You save:  COP$155,627.31
₡50,979.09
List Price:  ₡71,372.77
You save:  ₡20,393.67
L2,470.17
List Price:  L3,458.33
You save:  L988.16
₲730,160.41
List Price:  ₲1,022,253.79
You save:  ₲292,093.37
$U3,841.23
List Price:  $U5,377.88
You save:  $U1,536.64
zł395.31
List Price:  zł553.46
You save:  zł158.14
Already have an account? Log In

Transcript

The security plus exam is filled with scenario questions. And there are plenty of scenario questions that talk about vulnerability impact. Now, in lots of episodes, we've covered all types of vulnerabilities and their impacts. But there's a few that I want to hit a little bit harder. So really, what I'm doing is I'm grabbing directly from the security plus objectives, some of the vulnerability impact scenarios that you're probably going to be seen. So we're just going to put them up on the screen here, and I'm going to come up with scenarios that you should be considering for the exam, you're ready, let's get started.

Embedded Systems. an embedded system is simply an immutable system that never changes. That can still be it's still a full system, it's going to have storage and a CPU and an operating system and input output. The problem with embedded systems more than anything else is because they're immutable. We tend to forget about them a lot. And we don't remember that they can can have situations where they can be patched.

So I guess, not totally immutable, but they are set aside and far away. They are the patches, they need anti malware, they need firewalls, they need everything that we would use with a regular system, but because they tend to be tucked away and forgotten, sometimes we forget that the danger with embedded systems more than anything else is we forget to take care of them the same way that we would take care of any regular device, lack of vendor support, okay? There's lots of vendors out there selling lots of kinds of different stuff. And lack of vendor support is a big issue primarily with hardware. There's some heart software situations too. If a vendor is no longer supporting whatever it might be, there's one of two reasons either a, the device or software has become obsolete and the vendor is trying to move on.

Or number two, the vendor is completely out of business. In either case, the biggest downside the biggest vulnerability Is that we can no longer patch these devices, we can no longer keep them updated. In some cases, we can no longer get parts if that is the particular case. So the impact there is that the device becomes open to potential problems. And in that case, usually the right answer is is we throw that stuff away. And we go ahead and get something new that has proper vendor support misconfigured or weak configuration.

Now to me, these are two very different things. So first of all, a weak configuration. Probably the ultimate configuration is a default configuration. So every piece of hardware and software out there have big list entire websites that tell us what the default usernames and passwords are for just about everything in there. So it's really important for us to provide the best possible configurations, we can change the usernames and passwords, but we configuration could also mean things like if I have four or five different types of wireless encryption, there's still plenty more wireless access points out there that still use WEP. And I did a recent personal study here in the Houston area discovered something like 8% of all wireless networks out there still run WEP that could be easily reconfigured to a stronger configuration.

The downside is, is you create some form of exposure to some type of threat actor who will take advantage of that weak configuration. Now misconfigurations to me is a different animal altogether. When we say mis configuration, that means we do have a configuration, but we have done something incorrect. So most the time when I'm thinking of this configuration is that we haven't turned on a service that we might be wanting to take advantage of. We didn't turn on a stateless firewall, for example, or it could also mean something like we failed to turn off default services. My home router has a wonderful SSH server built into it, but I don't want anybody using that it would certainly be in my opinion misconfigured To have that turned on.

So anytime we do a mis configuration, we're exposing that device or that piece of software to potential threats that shouldn't be there in the first place. improperly configured accounts. Okay? So an improperly configured account basically means that we have a user or a system account that isn't being provided the rights and privileges and permissions that it needs. From the permission standpoint, it's either going to mean that you're going to expose a particular account to far more than it should have. And the impacts there could be a regular user deleting a hard drive or something like that, to the opposite, where they don't have enough permissions.

And in those types of situations, they're unable to do their job. Also, keep in mind that we it's not just permissions, it's also rights. For example, if we were to accidentally turn off people's rights to access a system remotely, we might be preventing them from being able to do their jobs. So In either case, the impact is going to be the potential that they could do something far more naughty than they should be able to, or on the other side of it, they're not going to be able to do their job the way they need to do it vulnerable business processes. So a vulnerable business process. To me, every business process has some degree of vulnerability.

And you know, we could always have a meteor hit the building and those processes disappear. But what we're talking about are unconsidered business processes that leave us open to potential impacts from those vulnerabilities. So one might consider something like storing non essential information. So for every customer for our sneakers, we store not only their shoe size, and their address and their phone number, but we're also getting all kinds of information about their birthday and things like that and their Facebook account and things like that, that don't really affect our business directly. Anytime we're storing personal identifiable info And that could possibly be exposed, the impact could be massive in terms of the things that could go against us in terms of money and reputation to say nothing of legal. Okay, memory buffer vulnerabilities.

Well, anytime we use memory, we have lots of vulnerabilities in there. But the list basically they say, resource exhaustion, memory leak, integer overflow, buffer overflow, pointer difference, and DLL injection. And to me, there's really three different groups in here. First of all, resource exhaustion or a memory leak. In that particular case, what we're talking about is you're running out of memory. In that case, you got two choices.

Number one, you get more of that resource, or add more RAM or number two, you stop the thing that is doing this. So for example, a memory leak is because we have an application that isn't written properly, that it has some type of problem. This is talks about a recode or update And you're going to have to go through and dig it up memory leaks are one of the most notorious problems that we can get. The bottom line is, is that if you run out of memory on on a system, even with virtual memory, the system's going to lock up, you will be deprived of that service completely. Now, a little bit different than that is integer overflow, or a buffer overflow overflows will not necessarily turn the system off. But what they can do is they can make the system do weird things that it wasn't anticipating.

They're famous buffer overflows on a particular type of server, where if you forced a buffer overflow, you basically got yourself to a terminal prompt. So we're really putting ourselves in a lot of danger with these types of things, simply because it could allow a bad actor to take higher control of the system that we anticipated. Now, pointer dereferences and DLL injections to me those kind of fit into a different world in this particular case, the systems up and running fine. But we're sneaking behind a backdoor to do potential naughty things. So there's not a big clue with a pointer dereference or a DLL injection, that something bad's happened with an integer overflow or a buffer overflow, usually the service itself is turned off, suddenly the web server stops working or something like that. These other two can be more nefarious.

The bottom line is that we have to have good firewalling we're going to have to have good code that is robust against these types of problems, primarily input validation. And we're going to have to be watching these systems very, very closely, especially if we're using third party libraries for anything because that's tends to be where those types of problems come from system sprawl or undocumented assets. Wow, I can't even begin to start to talk about the impact of the vulnerabilities or something like that. Let's start with easy stuff. Number one, it's not under my control as an administrator, there is it being patched is it being is being properly be controlled? Is it being plugged into the right place?

It what are we using it for? What are the user accounts being used for on that? So at the very least, sprawling systems that are undocumented because system sprawl and undocumented assets tend to go hand in hand, meaning that there is stuff that's outside the umbrella of administration, that unless the person who's deciding to take care of it is just as good as I am, we can be left open to any type of vulnerability that you'd see with any individual host, or application or VM or whatever this sprawl device is and it could cause disastrous results.

Sign Up

Share

Share with friends, get 20% off
Invite your friends to LearnDesk learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.