CySA+ domain #7: Common vulnerabilities
Introduction
The vulnerability landscape today is wide-reaching and extends to nearly all systems, devices and applications, and vulnerabilities can come in many forms. And yet, despite this large universe of potential vulnerabilities, there is a set of common vulnerabilities that appear time after time.
This article will detail the common vulnerabilities covered on the CySA+ certification exam hosted by CompTIA. On a finer level of detail, this article will examine servers, endpoints, network infrastructure, network appliances, virtual infrastructure, mobile devices and interconnected networks. If you are preparing for the CySA+ certification exam or just looking to brush up your common vulnerability knowledge, this article is for you.
13 common vulnerabilities covered on the CySA+
Servers
Organizations all have different kinds of servers throughout the business world, but most vulnerabilities occur on web servers and database servers.
Web servers
The most common vulnerabilities in web servers are its services and web applications. The different software on the server is normally composed of different modules which may have their own vulnerabilities.
It is pivotal to keep the web services on a web server patched; being behind on new patches puts your server in a position where vulnerabilities may develop. It is also important to only enable those modules that are needed, because more enabled modules mean a larger attack surface.
Database servers
Database servers are mainly vulnerable in two ways — directly and from web applications. An example of a database server exploit is when information is sent to it (web application specifically) without validation. Unvalidated input exposes the database server to SQL injection attacks.
Endpoints
Endpoints are traditionally among the weakest points in an organization. All endpoints have different software packages, and all need their own updates so as not to be a potential vulnerability.
There is also the human factor, (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/Yhekz6fLKiQ/