1.6 Explain the impact associated with types of vulnerabilities. Flashcards

1
Q

Vulnerability types

A
There are many types of vulnerabilities
• Some digital, some physical
• Cover a broad scope
• Programming, network design,
process/procedure
• Any of these can be exploited at any time
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Race condition

A

A programming conundrum
• Sometimes, things happen at the same time
• This can be bad if you’ve not planned for it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

End-of-life vulnerabilities

A

Without vendor support, no security patches

Upgrade to maintain security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Embedded system vulnerabilities

A

No direct access to the operating system

These devices are usually connected to the Internet - convenient to the hacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Lack of vendor support

A

Vendors are the only ones who can fix their products

Assuming they know about the problem And care about fixing it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Improper input handling

A

Many applications accept user input• We put data in, we get data back
• All input should be considered malicious• Check everything. Trust nobody
.• Allowing invalid input can be devastating• SQL injections, buffer overflows, denial of service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Improper error handling

A

Errors happen
Messages should be just informational enough
Network information, memory dump, stack traces, database dumps• This is an easy one to find and fix• A development best-practice

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Misconfiguration/weak configuration

A

• Very easy to leave a door open

The hackers will always find it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Default configuration

A

• Every application and network device has a default login• Not all of these are ever changed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Untrained users

A

It takes one person to allow a breach

Training is critical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Improperly configured accounts

A
Technical issue and process issue
• Frequent audits are important
• Accounts without a need
• Abandoned and unnecessary accounts
• Accounts with administrative access
• These should be severely limited
• Should not be able to login directly as administrator
• Unless it’s on a server console
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Vulnerable business processes

A

Vulnerable business processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Weak cipher suites

A

Encryption protocol (AES, 3DES, etc.) and key length (40 bits, 128 bits, 256 bits, etc.)
• Hash used for the integrity check (SHA, MD5, etc.)
• Some cipher suites are easier to break than others so Stay updated with the latest best practices
• TLS is one of the most common issues - Over 300 cipher suites
• Weak or null encryption (less than 128 bit key sizes), outdated hashes (MD5)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Memory/buffer vulnerabilities

A

Manipulating memory can be advantageous• Relatively difficult to accomplish

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Memory leak

A

Unused memory is not properly released
• Begins to slowly grow in size
• Eventually uses all available memory
• System crashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Integer overflow

A

Large number into a smaller sized space
• Where does the extra number go?
• You shouldn’t be able to manipulate memory this way

17
Q

Buffer overflow

A

• Overwriting a buffer of memory and Spilling over into other memory areas

18
Q

NULL Pointer dereference

A
  • Programming technique that references a portion of memory
  • What happens if that reference points to nothing?
  • Application crash, debug information displayed, Denial of Service, etc.
19
Q

DLL injection

A

• The bad guys didn’t write the application, But they could write an external library and manipulate the operating system or application to run the library

20
Q

System sprawl/undocumented assets

A

Hundreds of projects, test platforms, active operating systems, production VMs
• Spin up a new instance with a click
• Keeping track is a challenge
• Easy to miss a forgotten compute - Under a desk
• Part of a retired application
• Not part of regular security patches
• These become pivot points

21
Q

Architecture/design weaknesses

A
The best security system fails if you don’t have locks on the doors
• The network doors aren’t always visible
• Examine every part of the network
• Ingress
• VPN
• Third-party access
• Internal controls
• Account access
• Front door access
• Conference room access
22
Q

New threats/zero day

A

What you don’t know can really hurt you
• And you won’t even see it coming
• Vulnerabilities are sitting in your system, waiting for someone to find them
• Some problems are hidden for years
• As soon as the problem is discovered (day zero), patch it
• There isn’t always time to properly test
• Balance severity with stability

23
Q

Improper certificate and key management

A

Manage your keys and certificates
• This needs to be well planned
• Important decisions, can’t do this on the fly
• What will be the organization’s certificate authority?
• How will the CA content be protected?
• How will intermediate CAs be created and managed?
• Who will validate and sign the organization’s certificates?• What is the validation process?