IT Security/Threats/Application Attacks
Appearance
< IT Security | Threats
This lesson covers application attacks.
Objectives and Skills
[edit | edit source]Objectives and skills for the application attacks portion of Security+ certification include:[1]
- Explain types of application attacks.
- Cross-site scripting
- SQL injection
- LDAP injection
- XML injection
- Directory traversal/command injection
- Buffer overflow
- Integer overflow
- Zero-day
- Cookies and attachments
- LSO (Locally Shared Objects)
- Flash Cookies
- Malicious add-ons
- Session hijacking
- Header manipulation
- Arbitrary code execution / remote code execution
Readings
[edit | edit source]Multimedia
[edit | edit source]- YouTube: Cross-Site Scripting - CompTIA Security+ SY0-401: 3.5
- YouTube: SQL Injection, XML Injection, and LDAP Injection - CompTIA Security+ SY0-401: 3.5
- YouTube: Directory Traversal and Command Injection - CompTIA Security+ SY0-401: 3.5
- YouTube: Buffer Overflows and Integer Overflows - CompTIA Security+ SY0-401: 3.5
- YouTube: Zero-Day Attacks - CompTIA Security+ SY0-401: 3.5
- YouTube: Cookies, Header Manipulation, and Session Hijacking - CompTIA Security+ SY0-401: 3.5
- YouTube: Locally Shared Objects and Flash Cookies - CompTIA Security+ SY0-401: 3.5
- YouTube: Malicious Add-ons and Attachments - CompTIA Security+ SY0-401: 3.5
- YouTube: Arbitrary and Remote Code Execution - CompTIA Security+ SY0-401: 3.5