Question

BK1D: Relate any incident you have been involved with that relates to a web security issue.

Answer 1

Web Security Issues:

There area unit many varieties of cybersecurity incidents that would lead to intrusions on Associate in Nursing organization's network:

1. Unauthorized attempts to access systems or information
To prevent a threat actor from gaining access to systems or information victimization a licensed user's account, implement two-factor authentication. this needs a user to produce a second piece of distinctive data additionally to a countersign. to boot, cipher sensitive company information at rest or because it travels over a network victimization appropriate software package or hardware technology. That way, attackers will not be ready to access confidential information.

2. Privilege increase attack

An offender United Nations agency {attempts|makes Associate in Nursing attempt|tries} to achieve unauthorized access to an organization's network might then attempt to acquire higher-level privileges victimization what is referred to as a privilege increase exploit. Successful privilege increase attacks grant threat actors privileges that standard users do not have.

Typically, privilege increase happens once the threat actor takes advantage of a bug, configuration oversight, and programming errors, or Associate in Nursing vulnerability in an application or system to achieve elevated access to protected information.

3.Phishing attack

In a phishing attack, Associate in Nursing offender masquerades as a prestigious entity or person in Associate in Nursing email or different communication. The offender uses phishing emails to distribute malicious links or attachments that may perform a spread of functions, together with extracting login credentials or account data from victims. An additional targeted form of phishing attack far-famed as spear phishing occurs once the offender invests time researching the victim to drag off a fair additional triple-crown attack.

4.Malware attack

This is a broad term for various varieties of malicious software package (malware) that area unit put in on Associate in Nursing enterprise's system. Malware includes Trojans, worms, ransomware, adware, spyware and varied forms of viruses. Some malware is unwittingly put in once Associate in Nursing worker clicks on an advertisement, visits Associate in Nursing infected web site or installs software or different software package.

5.Password attack

This type of attack is aimed specifically at getting a user's countersign or Associate in Nursing account's countersign. To do this, hackers use a spread of ways, together with password-cracking programs, wordbook attacks, countersign sniffers or estimate passwords via brute force (trial and error).

A countersign cracker is an Associate in Nursing application accustomed to determine Associate in Nursing unknown or forgotten countersign to a laptop or network resources. This helps the Associate in Nursing offender acquire unauthorized access to resources. A wordbook attack could be a technique of breaking into a countersign-protected laptop or server by consistently getting into each word during a wordbook as a password.

6.Web application attack

This is an incident during which an online application is that the vector of the attack, together with exploits of code-level vulnerabilities within the application moreover as thwarting authentication mechanisms. One example of an online application attack is a cross-site scripting attack. this is often a sort of injection security attack during which Associate in Nursing offender injects information, like a malicious script, into content from otherwise trustworthy websites.

Thank U:)