From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Privilege escalation
From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering
Privilege escalation
- [Instructor] Software developers must take care to write code that is not susceptible to privilege escalation attacks. These attacks seek to take normal user accounts and transform them into accounts with administrative rights. This can be especially dangerous on systems that have external exposures, allowing someone on the internet to take control of a server. These privilege escalation vulnerabilities often arise as a result of buffer overflow issues or other security issues in code that allow an end-user to execute arbitrary code on the server. When the end-user gets access to the underlying operating system, they can take advantage of privilege escalation vulnerabilities to leverage that access into gaining administrative privileges. There are some basic mitigation strategies that developers and operations teams can take to reduce the likelihood of successful privilege escalation attacks. First, developers…
Contents
-
-
-
-
-
-
-
(Locked)
OWASP Top 105m 36s
-
(Locked)
SQL injection prevention4m 25s
-
(Locked)
Cross-site scripting prevention3m 17s
-
(Locked)
Cross-site request forgery prevention4m 8s
-
(Locked)
Defending against directory traversal3m 6s
-
(Locked)
Overflow attacks3m 21s
-
(Locked)
Session hijacking4m 8s
-
(Locked)
Privilege escalation1m 56s
-
(Locked)
-
-
-
-
-
-
-
-
-
-
-