Domain 1 - Network Security

An attacker changes the browser settings on a device

An attacker redirects data being sent from a browser to a device of their choosing

An attacker uses a script to obtain the cookies and certificates stored on a browser

An attacker changes the browser settings on a device

An attacker runs SQL statements to infiltrate and change the data in a webpage

An attacker redirects data being sent from a browser to a device of their choosing

An attacker redirects data being sent from a browser to a device of their choosing

An attacker records a user’s keystrokes and uses the captured password to hack into the user’s browser

An attacker uses a script to obtain the cookies and certificates stored on a browser

An attacker changes the browser settings on a device

An attacker redirects data being sent from a browser to a device of their choosing

An attacker uses a script to obtain the cookies and certificates stored on a browser

Man-in-the-middle attack

Brute force attack

   Cross-site scripting

SQL injection

Man-in-the-browser attack

Executive

Global

Administrative

Guest

Integer, number

Buffer, integer

Integer, integer

Buffer, number

Zero day attack

Polymorphica

I’ma Hoax

Logic bomb

Trojan horse

Zero day attack

Worm

Virus

An attacker sets a logic bomb to detonate in a power grid  on the Western coast

An attacker sets a logic bomb to detonate on May 5, 2005 at 5 PM

An attacker sets a logic bomb to detonate on Christmas Eve

An attacker sets a logic bomb to detonate in a power grid  on the Western coast

An attacker sets a logic bomb to detonate on May 5, 2005 at 5 PM

An attacker sets a logic bomb to detonate one month after they were fired from a company

An attacker sets a logic bomb to detonate randomly across several machines

An attacker sets a logic bomb to detonate one month after they were fired from a company

An attacker sets a logic bomb to detonate on Christmas Eve

An attacker sets a logic bomb to detonate randomly across several machines

An attacker sets a logic bomb to detonate in a power grid  on the Western coast

An attacker sets a logic bomb to detonate on May 5, 2005 at 5 PM

An attacker sets a logic bomb to detonate on May 5, 2005 at 5 PM

An attacker sets a logic bomb to detonate one month after they were fired from a company

An attacker sets a logic bomb to detonate on Christmas Eve

Full backups are typically not performed every day

Full backups are set to occur automatically by default

Full backups are typically not performed every day

Full backups connected to an external hard drive are less secure than those saved to a local drive)

Full backups should not interfere with day-to-day operations

Full backups are set to occur automatically by default

Full backups are typically not performed every day

Full backups should not interfere with day-to-day operations

Full backups are typically performed every day

Full backups are set to occur automatically by default

Lessening the impact of a risk

Do nothing about it but acknowledge the risk.

Sharing the risk burden

Do nothing about it

Man-in-the-browser attack

SQL injection

Man-in-the-middle attack

Cross-site scripting

Brute force attack