Configuration Exploitation

From BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Revision as of 11:17, 3 November 2020 by Kalaivani (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
1. Configuration is part and parcel of every networks, hardware and software/applications within an organization. The security of the configuration determines if these IT infrastructures are strong against or vulnerable for cyber criminals to exploit.
Types of Cyber Security Threats from 'Configuration Exploitation'

Examples of configuration exploitation cyber security threats:

Click to know more about expert level training

(Source: Business Continuity Management Institute - BCM Institute)

 

A Manager’s Guide to Business Continuity Management for Cybersecurity Incident Response

2. Weak configurations occur from both a device and a network standpoint. From a device standpoint, these are the vectors of compromise. From a network standpoint, these allow for easy lateral movement after an established foothold, or as an avenue for data exfiltration.
Source: (Verizon, 2016)

3. Configuration is a part of every network schema, hardware device (firmware), and software application. Proper configuration can prevent or mitigate threat actor activity while weak configurations are prime targets for threat actors and their vulnerability exploits.
Source: (Verizon, 2017)