12) Application Security Flashcards
Which software development vulnerability is stopped by proper bounds checking?
Buffer overflows
___ is a web-related technology used to develop web pages while ___ refers to an attack where malicious code is embedded into the web page.
CSS & XSS
CSS is a web-related technology used to develop web pages while XSS refers to an attack where malicious code is embedded into the web page. What does CSS stand for?
Cascading Style Sheets
CSS is a web-related technology used to develop web pages while XSS refers to an attack where malicious code is embedded into the web page. What does XSS stand for?
Cross-site scripting
A database is vulnerable to SQL injection attacks through direct attempts to the database server or through applications software, including web applications. What is the most effective way of mitigating these attacks?
Validating user inputs
A type of software development problem that occurs when we do not properly account for the size of the data input into our applications.
Buffer overflows/overruns
A type of software development vulnerability that occurs when multiple processes or multiple threads within a process control or share access to a particular resource, and the correct handling of that resource depends on the proper ordering or timing of transactions.
Race conditions
A type of attack that can occur when we fail to validate the input to our applications or that steps to filter out unexpected or undesirable content.
Input validation attack
A type of attack that can occur when we fail to use strong authentication mechanisms for our applications.
Authentication attack
A type of attack that can occur when we fail to use authorization best practices for our applications.
Authorization attack
A type of attack that can occur when we fail to properly design our security mechanisms when implementing cryptographic controls in our applications.
Cryptographic attack
A type of attack that takes advantage of weaknesses in the software loaded on client machines, or one that uses social engineering techniques to trick us into going along with the attack.
Client-side attack
An attack carried out by placing code in the form of a scripting language into a web page, or other media, that is interpreted by a client browser.
XSS
XSS is an attack carried out by placing code in the form of a scripting language into a web page, or other media, that is interpreted by a client browser. What does XSS stand for?
Cross-site scripting
In this type of attack, the attacker places a link on a web page in such a way that it will be automatically executed, in order to initiate a particular activity on another web page or application where the user is currently authenticated.
XSRF
XSRF is an attack where the attacker places a link on a web page in such a way that it will be automatically executed, in order to initiate a particular activity on another web page or application where the user is currently authenticated. What does XSRF stand for?
Cross-site request forgery
An attack that takes advantage of the graphical display capabilities of our browser to trick us into clicking on something we might not otherwise
Clickjacking
A type of attack on the web server that can target vulnerabilities such as lack of input validation, improper or inadequate permissions, or extraneous files left on the server from the development process.
Server-side attack
A type of tool that analyzes web pages or web-based application and searches for common flaws such as XSS or SQL injection flaws, and improperly set permissions, extraneous files, outdated software versions, and many more such items.
Web application analysis tool
A web server analysis tool that performs checks for many common server-side vulnerabilities, and creates an index of all the files and directories it can see on the target web server.
Nikto/Wikto
A well-known web analysis tool that offers a free and a professional version; the pro version includes advanced tools for conducting more in-depth attacks.
Burp Suite
A type of tool that works by bombarding our applications with all manner of data and inputs from a wide variety of sources, in the hope that we can cause the application to fail or to perform in unexpected ways.
Fuzzer
A tool developed by Microsoft to find flaws in file-handling source code.
MiniFuzz File Fuzzer
A tool developed by Microsoft to examine source code for general good practices.
BinScope Binary Analyzer
A tool developed by Microsoft for testing certain pattern-matching expression for potential vulnerabilities.
SDL Regex Fuzzer
Which software development vulnerability occurs when multiple processes control or share a particular resource, and the correct handling of that resource depends on the proper ordering or timing of transactions?
Race conditions
Which of the following is NOT a major category of database security issues?
a) Unauthenticated access
b) Arbitrary code execution
c) Privilege escalation
d) Protocol issues
e) Improper indexing
e) Improper indexing
Which type of tool bombards out application with inputs from a wide variety of sources in an attempt to cause the application to fail or behave unexpectedly?
Fuzzers
Which tool performs checks for many common server-side vulnerabilities, and creates an index of all the fields and directories it can see on the target Web server?
Nikto/Wikto
Which Microsoft fuzzing tool examines source code for general good practices?
BinScope Binary Analyzer