Secure Coding Practices and Cybersecurity Concepts, Exams of Social Sciences

A wide range of secure coding practices and cybersecurity concepts, including buffer overflows, race conditions, input validation, format string attacks, authentication attacks, authorization attacks, cryptographic attacks, client-side attacks, cross-site scripting (xss), clickjacking, server-side attacks, database security issues, web analysis tools, fuzzing, os hardening, firewalls, proxy servers, demilitarized zones (dmz), cloud computing, operations security (opsec) processes, access control models, physical access controls, identity verification, authentication factors, and biometric characteristics. Solutions and explanations for these topics, making it a valuable resource for understanding and implementing secure software development practices.

Typology: Exams

2023/2024

Available from 09/13/2024

Emma_Johnson
Emma_Johnson šŸ‡¬šŸ‡§

2.1K documents

1 / 23

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
C836 Sociology REVISION Questions and
Answers)
bounds checking - Solution to set a limit on the amount of data we expect
to receive to set aside storage for that data
*Required in most programming languages
* Prevents buffer overflows
race conditions - Solution A type of software development vulnerability that
occurs when multiple processes or multiple threads within a process control
or share access to a particular resource, and the correct handling of that
resource depends on the proper ordering or timing of transactions
input validation - Solution a type of attack that can occur when we fail to
validate the input to our applications or take steps to filter out unexpected
or undesirable content
format string attack - Solution a type of input validation attacks in which
certain print functions within a programming language can be used to
manipulate or view the internal memory of an application
authentication attack - Solution A type of attack that can occur when we
fail to use strong authentication mechanisms for our applications
authorization attack - Solution A type of attack that can occur when we fail
to use authorization best practices for our applications
cryptographic attack - Solution A type of attack that can occur when we fail
to properly design our security mechanisms when implementing
cryptographic controls in our applications
client-side attack - Solution A type of attack that takes advantage of
weaknesses in the software loaded on client machines or one that uses
social engineering techniques to trick us into going along with the attack
XSS (Cross Site Scripting) - Solution an attack carried out by placing code
in the form of a scripting language into a web page or other media that is
interpreted by a client browser
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17

Partial preview of the text

Download Secure Coding Practices and Cybersecurity Concepts and more Exams Social Sciences in PDF only on Docsity!

C836 Sociology REVISION Questions and

Answers)

bounds checking - Solution to set a limit on the amount of data we expect to receive to set aside storage for that data *Required in most programming languages

  • Prevents buffer overflows race conditions - Solution A type of software development vulnerability that occurs when multiple processes or multiple threads within a process control or share access to a particular resource, and the correct handling of that resource depends on the proper ordering or timing of transactions input validation - Solution a type of attack that can occur when we fail to validate the input to our applications or take steps to filter out unexpected or undesirable content format string attack - Solution a type of input validation attacks in which certain print functions within a programming language can be used to manipulate or view the internal memory of an application authentication attack - Solution A type of attack that can occur when we fail to use strong authentication mechanisms for our applications authorization attack - Solution A type of attack that can occur when we fail to use authorization best practices for our applications cryptographic attack - Solution A type of attack that can occur when we fail to properly design our security mechanisms when implementing cryptographic controls in our applications client-side attack - Solution A type of attack that takes advantage of weaknesses in the software loaded on client machines or one that uses social engineering techniques to trick us into going along with the attack XSS (Cross Site Scripting) - Solution an attack carried out by placing code in the form of a scripting language into a web page or other media that is interpreted by a client browser

XSRF (cross-site request forgery) - Solution an attack in which the attacker places a link on a web page in such a way that it will be automatically executed to initiate a particular activity on another web page or application where the user is currently authenticated clickjacking - Solution An attack that takes advantage of the graphical display capabilities of our browser to trick us into clicking on something we might not otherwise server-side attack - Solution A type of attack on the web server that can target vulnerabilities such as lack of input validation, improper or inadequate permissions, or extraneous files left on the server from the development process Protocol issues, unauthenticated access, arbitrary code execution, and privilege escalation - Solution Name the 4 main categories of database security issues web application analysis tool - Solution A type of tool that analyzes web pages or web-based applications and searches for common flaws such as XSS or SQL injection flaws, and improperly set permissions, extraneous files, outdated software versions, and many more such items protocol issues - Solution unauthenticated flaws in network protocols, authenticated flaws in network protocols, flaws in authentication protocols arbitrary code execution - Solution An attack that exploits an applications vulnerability into allowing the attacker to execute commands on a user's computer.

  • arbitrary code execution in intrinsic or securable SQL elements Privilege Escalation - Solution An attack that exploits a vulnerability in software to gain access to resources that the user normally would be restricted from accessing.
  • via SQL injection or local issues validating user inputs - Solution a security best practice for all software
  • the most effective way of mitigating SQL injection attacks

Principle of Least Privilege - Solution states we should only allow a party the absolute minimum permission needed for it to carry out its function stuxnet - Solution A particularly complex and impactful item of malware that targeted the Supervisory Control and Data Acquisition (SCADA) systems that run various industrial processes; this piece of malware raised the bar for malware from largely being a virtual-based attack to actually being physically destructive anti-malware tool - Solution A type of tool that uses signature matching or anomaly detection (heuristics) to detect malware threats, either in real-time or by performing scans of files and processes heuristics - Solution the process of anomaly detection used by anti- malware tools to detect malware without signatures executable space protection - Solution A hardware and software-based technology that prevents certain portions of the memory used by the operating system and applications from being used to execute code buffer overflow (overrun) - Solution The act of inputting more data than an application is expecting from a particular input, creating the possibility of executing commands by specifically crafting the excess data ASLR (Address Space Layout Randomization) - Solution a security method that involves shifting the contents of memory around to make tampering difficult software firewall - Solution This type of firewall generally contains a subset of the features on a large firewall appliance but is often capable of similar packet filtering and stateful packet inspection activities HIDS (host-based intrusion detection system) - Solution a system used to analyze the activities on or directed at the network interface of a particular host.

  • may communicate with management device by sending regular beacons scanner - Solution a type of tool that can detect various security flaws when examining hosts

vulnerability assessment tool - Solution A tool that is aimed specifically at the task of finding and reporting network services on hosts that have known vulnerabilities Nessus - Solution A well-known vulnerability assessment tool that includes a port scanner exploit framework - Solution A group of tools that can include network mapping tools, sniffers, and exploits exploits - Solution small bits of software that take advantage of flaws in software/applications in order to cause them to behave in ways that were not intended by their creators Metasploit, Immunity CANVAS, Core Impact - Solution Name 3 examples of exploit frameworks security in network design - Solution This method of security involves a well-configured and patched network, and incorporating elements such as network segmentation, choke points, and redundancy network segmentation - Solution The act of dividing a network into multiple smaller networks, each acting as its own small network (subnet) choke points - Solution certain points in the network, such as routers, firewalls, or proxies, where we can inspect, filter, and control network traffic redundancy - Solution a method of security that involves designing a network to always have another route if something fails or loses connection firewall - Solution a mechanism for maintaining control over the traffic that flows into and out of our networks packet filtering - Solution A firewall technology that inspects the contents of each packet in network traffic individually and makes a gross determination (based on source and destination IP address, port number, and the protocol being used) of whether the traffic should be allowed to pass

kismet - Solution a well-known Linux sniffing tool used to detect wireless access points NetStumbler - Solution A Windows tool used to detect wireless access points nmap - Solution A well-known port scanner that can also search for hosts on a network, identify the operating systems those hosts are running, detect the version of the services running on any open ports, and more packet sniffer (aka network or protocol analyzer) - Solution this type of tool can intercept traffic on a network; listens for any traffic that the network interface of our computer or device can see tcpdump (WinDump for Windows) - Solution classic, command-line sniffing tool that monitors network activities, filters traffic, and more runs on UNIX systems Wireshark - Solution a graphical interface protocol sniffing tool that is capable of filtering, sorting, & analyzing both wired and wireless traffic

  • popular troubleshooting tool honeypot - Solution A type of tool that deliberately displays vulnerabilities or attractive data so it can detect, monitor, and sometimes tamper with the activities of an attacker hping3 - Solution A tool used to test the security of firewalls and map network topology.
  • constructs specially crafted ICMP packets to evade measures to hide devices behind firewall
  • scripting functionality to test firewall/IDS physical security - Solution A type of security that is concerned with the protection of people, equipment, and data BCP (Business Continuity Plan) - Solution the plans we put in place to ensure that critical business functions can continue operations in the event of an emergency

DRP (Disaster Recovery Plan) - Solution the plans we put in place in preparation for a potential disaster, and what exactly we will do during and after major categories of physical threats - Solution extreme temperature, gases, living organisms, projectiles, movement, energy anomalies, people, toxins, smoke, and fire physical security controls - Solution The devices, systems, people, and other methods we put in place to ensure our security in a physical sense deterrent, detective, preventive - Solution name the 3 main types of physical controls deterrent controls - Solution Controls designed to discourage those who might seek to violate our security controls detective controls - Solution controls designed to detect and report undesirable events that are taking place preventive controls - Solution Controls designed to physically prevent unauthorized entities from breaching our physical security residual data - Solution Data that is unintentionally left behind on a storage device Safety, evacuation plans, administrative controls - Solution Name the 3 main considerations for protecting people availability, residual data, backups - Solution Name the 3 main considerations for protecting data equipment, facility repair/replacement - Solution Name the considerations for protecting equipment flash media - Solution storage media that is least sensitive to temperature, humidity, magnetic fields, and impacts RAID (redundant array of inexpensive disks) - Solution a data storage virtualization technology that combines multiple physical disk drive

malware - Solution a security awareness issue that involves educating users about malicious software and how to avoid it use of personal equipment - Solution security awareness issue that is concerned with protecting a company's assets clean desk policy - Solution a security awareness issue that requires users to protect sensitive information at all times, even when away from one's desk policy and regulatory knowledge - Solution a security awareness issue that is necessary to maintain compliance throughout the organization SATE (Security Awareness, Training and Education) - Solution a program that seeks to make users aware of the risk they are accepting through their current actions and attempts to change their behavior through targeted efforts OPSEC (Operations Security) - Solution the process we use to protect our information Sun Tzu - Solution A Chinese military general from 6th century BC who wrote The Art of War, a text that shows early examples of operations security principles Purple Dragon - Solution The codename of a study conducted to discover the cause of an information leak during the Vietnam War; is now a symbol of OPSEC competitive intelligence - Solution the process of intelligence gathering and analysis in order to support business decisions 5 steps of the operations security process - Solution 1.Identification of critical information 2.Analysis of threats 3.Analysis of vulnerabilities 4.Assessment of risks 5.Application of countermeasures

If you don't know the threat, how do you know what to protect? - Solution The 1st Law of Haas' Laws of Operations Security If you don't know what to protect, how do you know you are protecting it? - Solution The 2nd Law of Haas' Laws of Operations Security If you are not protecting it, the dragon wins! - Solution The 3rd Law of Haas' Laws of Operations Security cloud computing - Solution services that are hosted, often over the Internet, for the purposes of delivering easily scaled computing services or resources identification of critical information - Solution 1st step in the OPSEC process, arguably the most important: to identify the assets that most need protection and will cause us the most harm if exposed analysis of threats - Solution 2nd step in the OPSEC process: to look at the potential harm or financial impact that might be caused by critical information being exposed, and who might exploit that exposure analysis of vulnerabilities - Solution 3rd step in the OPSEC process: to look at the weaknesses that can be used to harm us assessment of risks - Solution 4th step in the OPSEC process: to determine what issues we really need to be concerned about (areas with matching threats and vulnerabilities) appliance of countermeasures - Solution 5th step in the OPSEC process: to put measures in place to mitigate risks FISMA (Federal Information Security Modernization Act) - Solution this law provides a framework for ensuring the effectiveness of information security controls in federal government

  • changed from Management (2002) to Modernization in 2014 HIPAA (Health Insurance Portability and Accountability Act) - Solution this law improves the efficiency and effectiveness of the health care system and protects patient privacy

cryptographic algorithm (cipher) - Solution The specifics of the process used to encrypt plaintext or decrypt ciphertext plaintext (cleartext) - Solution unencrypted data ciphertext - Solution encrypted data Caesar cipher - Solution an ancient cryptographic technique based on transposition; involves shifting each letter of a plaintext message by a certain number of letters (historically 3) ROT13 cipher - Solution a more recent cipher that uses the same mechanism as the Caesar cipher but moves each letter 13 places forward symmetric key cryptography (private key cryptography) - Solution uses a single key for both encryption of the plaintext and decryption of the ciphertext block cipher - Solution A type of cipher that takes a predetermined number of bits in the plaintext message (commonly 64 bits) and encrypts that block stream cipher - Solution A type of cipher that encrypts each bit in the plaintext message, 1 bit at a time AES (Advanced Encryption Standard) - Solution A set of symmetric block ciphers endorsed by the US government through NIST. Shares the same block modes that DES uses and also includes other modes such as XEX- based Tweaked CodeBook (TCB) mode asymmetric key cryptography (public key cryptography) - Solution this method uses 2 keys, a public key and a private key SSL (secure sockets layer) - Solution a protocol that uses the RSA algorithm (an asymmetric algorithm) to secure web and email traffic hash function (message digest) - Solution keyless cryptography that creates a largely unique and fixed-length hash value based on the original mesage

hash - Solution used to determine whether the message has changed; provides integrity (but not confidentiality) digital signature - Solution a method of securing a message that involves generating a hash and encrypting it using a private key certificate - Solution created to link a public key to a particular individual; used as a form of electronic identification for that person CA (certificate authority) - Solution a trusted entity that handles digital certificates PKI (public key infrastructure) - Solution infrastructure that includes the CAs that issue and verify certificates and the RAs that verify the identity of the individuals associated with the certificates RA (registration authority) - Solution An authority in a PKI that verifies the identity of the individual associated with the certificate CRL (Certificate Revocation List) - Solution a public list that holds all the revoked certifications for a certain period of time data at rest - Solution Data that is on a storage device of some kind and is not moving data in motion - Solution Data that is moving over a WAN or LAN, a wireless network, over the internet, or in other ways data at rest - Solution This type of data is protected using data security (encryption) and physical security data in motion - Solution This type of data is best protected by protecting the data itself (using SSL, TLS) and protecting the connection (using IPsec VPN, SSL VPN) data in use - Solution This type of data is the hardest to protect encryption - Solution a subset of cryptography that refers specifically to the transformation of unencrypted data into its encrypted form

vulnerability assessment - Solution An activity involving the careful examination of our environment using vulnerability scanning tools in order to discover vulnerabilities penetration testing - Solution A more active method of finding security holes that includes using the kinds of tools attackers use to mimic an attack on our environment chain of custody - Solution a record of where evidence was and how it was passed and protected; required by courts for admissibility of records authorization - Solution enables us to determine what users are allowed to do principle of least privilege - Solution States that we should allow only the bare minimum access required in order for a given party (person, user account, or process) to perform a needed functionality violation - Solution the act of doing something that is prohibited by law or rule allowing access - Solution An act that grants a particular party access to a given resource denying access - Solution an act that prevents a party from accessing something, such as logging on to a machine or entering the lobby of our building after hours limiting access - Solution An act that allows some access to a given resource, but only up to a certain point sandbox - Solution A set of resources devoted to a program, process, or similar entity, outside of which the entity cannot operate revocation - Solution the ability to remove access from a resource at any point in time

ACL (Access Control List) - Solution typically built to a certain resource, these contain the identifiers of the party allowed to access the resource and what that party is allowed to do capability-based security - Solution in this method of security, a person's capabilities are oriented around the use of a token that controls their access (e.g. a personal badge) confused deputy problem - Solution A type of attack that is more common in systems that use ACLs rather than capabilities;

  • when software has greater permissions than user, the user can trick the software into misusing authority CSRF (Cross Site Request Forgery) - Solution a type of attack that misuses the authority of the browser on the user's computer clickjacking (user interface redressing) - Solution client-side attack that involves the attacker placing an invisible layer over something on a website that the user would normally click on in order to execute a command differing from what a user thinks they are performing
  • takes advantage of some of the page rendering features that are available in newer browsers DAC (Discretionary Access Control) - Solution access control model in which access is determined by the owner of the resource in question
  • e.g. network share permissions RBAC (Role Based Access Control) - Solution access is based on the role the individual is performing
  • similar to MAC in that access controls are set by an authority responsible for doing so, rather than by the owner of the resource ABAC (attribute-based access control) - Solution access control model in which access is based on attributes (of a person, a resource, or an environment) subject attributes - Solution Attributes of a particular individual, such as height

identification - Solution the claim of what someone or something is Falsifying Identification - Solution Authentication requirements help prevent this crime something you know - Solution A password is an example of this type of factor something you are - Solution An iris scan is an example of this type of factor something you have - Solution A swipe card is an example of this type of factor something you do - Solution The time delay between your keystrokes is an example of this type of factor where you are - Solution Being at a specific terminal is an example of this type of factor multifactor authentication - Solution Uses one or more authentication methods for access mutual authentication - Solution An authentication mechanism in which both parties authenticate each other -can prevent a man-in-the-middle attack elements of a complex password - Solution a password that is a combination of uppercase letters, lowercase letters, numbers, and symbols, such as punctuation marks biometrics - Solution Unique physical characteristics of an individual, such as the color patterns in an iris, fingerprints, or handprints universality - Solution a stipulation that our chosen biometric characteristic should be present in the majority of people we expect to enroll in the system

uniqueness - Solution a measure of the differences of a particular characteristic among a group of individuals permanence - Solution how well a particular characteristic resists change over time and with advancing age collectability - Solution How easy it is to acquire a characteristic that we can later use to authenticate a user performance measurement - Solution A set of metrics that judge how well a given system functions acceptability - Solution A measure of how agreeable a particular characteristic is to the users of a system circumvention - Solution Describes the ease with which a system can be tricked by a falsified biometric identifier FAR (false acceptance rate) - Solution the rate at which we accept users whom we should actually have rejected FRR (false rejection rate) - Solution the rate at which we reject legitimate users when we should have accepted them Information Security - Solution protects information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction PCI DSS (Payment Card Industry Data Security Standard) - Solution companies that process credit card payments must comply with this set of standards Confidentiality - Solution the act of holding information in confidence, not to be released to unauthorized individuals -a necessary component of privacy integrity - Solution refers to the ability to prevent our data from being changed in an unauthorized or undesirable manner