Different attack methods
The CISM aspirant should be aware of the following methods and techniques for information system attacks:
- Alteration attack: In this type of attack, alteration or modification of the data or code is done without authorization. Cryptographic code is used to prevent alteration attacks.
- Botnets: Botnets are compromised computers, also known as zombie computers. They are primarily used to run malicious software for distributed denial of service (DDoS) attacks, adware, or spam.
- Buffer overflow: A buffer overflow is also known as a buffer overrun. They are normally due to a software coding error, which can be exploited by an attacker to gain unauthorized access to the system. A buffer overflow occurs when more data is fed to the buffer than it can handle and excess data overflows to adjacent storage.
Due to this, the attacker gets an opportunity to manipulate the coding errors for malicious actions.
A major cause of buffer overflows is poor programming...