IT Security/Threats/Application Attacks

From Wikiversity
Jump to navigation Jump to search
IT Security
Download Learning Guide

This lesson covers application attacks.

Objectives and Skills[edit | edit source]

Objectives and skills for the application attacks portion of Security+ certification include:[1]

Explain types of application attacks.
  • Cross-site scripting
  • SQL injection
  • LDAP injection
  • XML injection
  • Directory traversal/command injection
  • Buffer overflow
  • Integer overflow
  • Zero-day
  • Cookies and attachments
  • LSO (Locally Shared Objects)
  • Flash Cookies
  • Malicious add-ons
  • Session hijacking
  • Header manipulation
  • Arbitrary code execution / remote code execution

Readings[edit | edit source]

Multimedia[edit | edit source]

  1. YouTube: Cross-Site Scripting - CompTIA Security+ SY0-401: 3.5
  2. YouTube: SQL Injection, XML Injection, and LDAP Injection - CompTIA Security+ SY0-401: 3.5
  3. YouTube: Directory Traversal and Command Injection - CompTIA Security+ SY0-401: 3.5
  4. YouTube: Buffer Overflows and Integer Overflows - CompTIA Security+ SY0-401: 3.5
  5. YouTube: Zero-Day Attacks - CompTIA Security+ SY0-401: 3.5
  6. YouTube: Cookies, Header Manipulation, and Session Hijacking - CompTIA Security+ SY0-401: 3.5
  7. YouTube: Locally Shared Objects and Flash Cookies - CompTIA Security+ SY0-401: 3.5
  8. YouTube: Malicious Add-ons and Attachments - CompTIA Security+ SY0-401: 3.5
  9. YouTube: Arbitrary and Remote Code Execution - CompTIA Security+ SY0-401: 3.5

Activities[edit | edit source]

See Also[edit | edit source]

References[edit | edit source]

  1. CompTIA: Security+ Certification Exam Objectives - Exam SY0-401
Retrieved from "https://en.wikiversity.org/w/index.php?title=IT_Security/Threats/Application_Attacks&oldid=1688373"