Physical Device Security
If you have physical access to a device, a long list of attacks suddenly become possible! The PenTest+ exam covers three physical device attacks: cold-boot attacks, serial console access, and JTAG debug exploits.
Cold-Boot Attacks
Cold-boot attacks are used to capture encryption keys from a running system. Two primary methods have been used for cold-boot attacks: removing memory modules from a running system and placing them in a system under the attacker’s control to capture memory contents, and performing a cold-boot (full shutdown and restart) with a removable drive used to load an operating system that can read the contents of pre-boot physical memory.
Cold-boot attacks...