SANS GICSP Priority Study List
Web Based Attacks - CORRECT ANSWER-Modern HMI's are now web-based.
Common Vulnerabilities affect them and may effect non web-based applications
Web Based Attacks - CORRECT ANSWER-Authentication Bypass
Web Based Attacks - CORRECT ANSWER-Weak Session Management
Web Based Attacks - CORRECT ANSWER-(SQLi) SQL Injection
Web Based Attacks - CORRECT ANSWER-(XSS) Cross site Scripting
Web Based Attacks - CORRECT ANSWER-(CSRF) Cross Site Request Forgery
Web Based Attacks - CORRECT ANSWER-(LFI & RFI) Local and remote file
Inclusions.
Authentication Bypass - CORRECT ANSWER-Most often occurs when a
developer forgets to require every page to verify that a user is logged in.
If the attacker knows the correct request to send and the application doesn't
verify the requester is logged in for that request, the request will work without
Authentication.
Weak Session Management - CORRECT ANSWER-Once you give an
application a username
and a password, the application usually glves
you a secure cookie with a session token.
Your browser must send this cookie back to
the server for every request so the server
knows who you are
If the attacker can obtain your cookle or
guess its contents, they can hijack your
, session.
(SQLi) SQL Injection - CORRECT ANSWER-Many inputs in applications are
used in backend
database queries
- username and password to match correct credentials
-Search fields are used to find matching data in the database*
If developers use these inputs from the user
improperly, an attacker could add SQL commands in the input and have them run
on the database.
With SQL injection attacks, attackers cannot only read and write to your
database, but they can often interact with your operating system and its files.
(XSS) Cross site Scripting - CORRECT ANSWER-Other inputs that applications
get from a user maybe displayed back on the page.
-If you search for the term "plc53" in a search field, it may say something in
response like "Here are your search results for plc53"
If developers do not properly handle* that input, attackers could add JavaScript in
the input and have it execute in other users' browsers.
XSS attacks can do anything to the user's browser that the application can do,
including issue control signals or make configuration changes.
(CSRF) Cross Site Request Forgery - CORRECT ANSWER-If someone was to
give you a link to click on that looked like this and you clicked on it, what would
you expect to happen?
http://www.google.com/search?q=SamuraiSTFU
Now if someone was to give you a link like this to click on, and it was a valid link
for the application, what would you expect to happen if you were logged in?
http://hmi.powerutility.com/disconnect?meter=35499
Now, what if an attacker hid this link and tricked you to click on it, or had your
browser automatically click on it using JavaScript...
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller EXAMQA. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.89. You're not tied to anything after your purchase.