How can attackers use ActiveX to modify resources on an implementation of Windows?
What will be an ideal response?
Attackers can use ActiveX to modify resources on an implementation of Windows in three ways. The first method is direct commands. An attacker specifies certain commands that the compromised ActiveX control executes upon download, such as editing the executable PATH or deleting/replacing a specific file. The second method is indirect attack, such as editing the preferences of Internet Explorer to make an unsafe site of the attacker's choice appear in the Trusted Sites list in Internet Options; or to change the default search engine to one of the attacker's choice; or, perhaps, to disable personal firewall software. These two attack modalities can be defeated by setting the security and privacy controls to disallow unsafe ActiveX behavior or unsigned components.?A third way is deceiving the browser security checks to indicate that an ActiveX control is secure.
You might also like to view...
Explain how fit among the H CI elements of the human, the computer, and the tasks to be performed leads to performance and well-being.
What will be an ideal response?
Compute the volume of a cube with the diagonal of a side 2 meters in length.
What will be an ideal response?
The _______ application uses the .PDF extension
Fill in the blank(s) with correct word
IANA does not pass our IPv6 prefixes; the five _______________ perform this task.
Fill in the blank(s) with the appropriate word(s).