TRANSCRIPT Slide 2: There are a few limited mitigation

Verified

Added on 2023/01/16

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

TRANSCRIPT
Slide 2:
There are a few limited mitigation strategies available for these kind of attacks. These kind of
attacks are injection type of attack which directly affects the computers. This type of attack
tries to directly attach to the computer files and then control it. They try to change the flow of
control in the system. They are mainly applicable on operating systems, architectures and
other kinds of platform technologies. They can control authentication and even control
systems remotely.
Slide 3:
In critical security level, vulnerabilities (CVE-2018-20718) that can score the critical range
which comes up with list of characteristics.
Software comes up with data and control in the given way that comprises of data and control
in proper way. It generally lacks any kind of vulnerability for user control that results in
injection issues.
In general, exploitation is considered to be very much straightforward in nature. It merely the
attackers do not require any particular kind of authentication. A list of authentication
credential and knowledge about the victim is produced. It does not require to peruse the given
target user. Social engineering can be considered to be as one of the methods of performing
any of the given special function.
Slide 4:
Exploitation of the given vulnerability can easily result in root –level of both server and
infrastructure based devices.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

In the cases of critical vulnerabilities, the best choice to upgrade the given patch quickly. It
needs to have another kind of mitigation measures for detection of attack. A proper
mitigation factor needs to be installed which is not accessible from the internet.
In high-security level, there are some vulnerabilities (CVE-2017-18330) that can score in the
given high range that comes up with huge number of characteristics like
There is some instance of buffer overflow in AES- CCM encryption which is done through
initialization vector in Snapdragon mobile.
Any kind of exploitation can result in elevation of privileges.
Exploitation of the data in the system and network can result in huge amount of system
downtime.
Slide 5:
To mitigate them programming languages can be chosen in such a way that they cannot be
subjected to the injection issue. The supporting technologies to develop the platform should
also be independent of the attack type. The user can while developing the platform use a
mixture of blacklist and whitelist parsing to parse the software and try to filter the control
panel syntax from all input.

1 out of 2

+13062052269

info@desklib.com

TRANSCRIPT Slide 2: There are a few limited mitigation

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

CVE-2018-20718 VULNERABILITY TYPE: INJECTION.

Vulnerabilities in Security Levels

Attack Surface Modelling

Cyber Security: Vulnerabilities, Exploitation, and Security Controls

Exploiting the Eternal Blue Vulnerability (CVE-2017-0144) in SMB

BYOD Policy Design for Southern Cross University