tailieunhanh - CompTIA SY0-201 Security+ Exam Guide phần 9

Phương tiện truyền thông không điều khiển là một cụm từ được sử dụng để trang trải tất cả các phương tiện truyền thông truyền dẫn không hướng dẫn bằng cáp, dây điện, hoặc hạn chế khác, nó bao gồm tần số vô tuyến (RF), hồng ngoại (IR), và phương pháp vi sóng. | SY0 - 201 between that system and another. system so that an unauthorized individual can take over an authorized session or to disrupt service to authorized users. From a high-level standpoint attacks on computer systems and networks can be grouped into two broad categories attacks on specific software such as an application or the operating system and attacks on a specific protocol or service. Attacks on a specific application or operating system are generally possible because of an oversight in the code and possibly in the testing of that code or because of a flaw or bug in the code again indicating a lack of thorough testing . Attacks on specific protocols or services are attempts either to take advantage of a specific feature of the protocol or service or use the protocol or service in a manner for which it was not intended. This section discusses various forms of attacks of which security professionals need to be aware. Denial-of-Service Attacks Denial-of-service DoS attacks can exploit a known vulnerability in a specific application or operating system or they can attack features or weaknesses in specific protocols or services. In a DoS attack the attacker attempts to deny authorized users access either to specific information or to the computer system or network itself. This can be accomplished by crashing the system taking it offline or by sending so many requests that the machine is overwhelmed. The purpose of a DoS attack can be simply to prevent access to the target system or the attack can be used in conjunction with other actions to gain unauthorized access to a computer or network. For example a SYN flooding attack can be used to prevent service to a system temporarily in order to take advantage of a trusted relationship that exists SYN flooding is an example of a DoS attack that takes advantage of the way TCP IP networks were designed to function and it can be used to illustrate the basic principles of any DoS attack. SYN flooding uses the TCP .