2: 3 Application Attacks

Question 1

OWASP

Answer 1

Open Web Application Security Project: maintains a top 10 application security list that all sec professionals should be aware of

Question 2

Injection Flaws

Answer 2

insert unwanted code that a website will then run, SQLInjection

Question 3

SQL

Answer 3

Structured Query Language - request data from database that applications often use

Question 4

SQLInjection

Answer 4

Changes to SQL that can change the password

Question 5

Ways to protect against Injection Flaws

Answer 5

Input Validation, Parameterized SQL

Question 6

Broken Authentication

Answer 6

Flaws in a websites authentication process

Question 7

Sensitive Data Exposure

Answer 7

discloses confidential information to the public

Question 8

Broken Access Controls

Answer 8

Provides unauthorized access, insecure Direct Object References
Manually brute forcing IDs when they shouldn’t be able to

Question 9

Security Misconfigurations

Answer 9

Can jeopardize systems - web servers, application servers, firewalls, other components

Question 10

XSS

Answer 10

Cross Site Scripting - Scripts embedded in 3rd party system that executes in browser of victims, targets HTML

Question 11

Protect against XSS

Answer 11

Input Validation

Question 12

Application Hardening

Answer 12

ensuring apps are safe against attacks

Question 13

What are different ways to harden an application

Answer 13

Proper authentication, encryption, validate user inputs, avoid and remediate known exploits, deploy obfuscation and camouflaged to hide source code details

Question 14

ERP system

Answer 14

encryption type, user access type, types of access granted, and security of underlying infrastructure

Question 15

CSRF

Answer 15

Cross Site Request Forgery - Use 1 site to trick a users browser to send info from one site to another (multiple tabs communicate each other). XSRF secretly sends requests without users knowledge

Question 16

SSRF

Answer 16

Variant of CSRF that is server sided - pretending to be a trusted server to manipulate server

Question 17

Directory Traversal attacks

Answer 17

manipulate file structure on a server using linux commands

Question 18

Best way to beat Directory Traversal attacks

Answer 18

Input validation, strict file access control

Question 19

Overflow Attacks

Answer 19

Target the memory set aside to store user variable content, large inputs yield unexpected behavior, getting dangerous result

Question 20

Best way to beat Overflow Attacks

Answer 20

Input validation

Question 21

Cookies and attachments

Answer 21

Track behavior across multiple websites

Question 22

Guessable Cookies

Answer 22

Using known changes in the format of the cookies - dangerous

Question 23

Cookie Guessing

Answer 23

Attempting to breach cookies by changing their value

Question 24

Session Replay Attacks -

Answer 24

possible cookie values are not encrypted in transit

Protect by making cookies secure

Question 25

Code Execution Attacks

Answer 25

attack exploits vulnerabilities that allows them to run code

Question 26

Privilege Escalation Attack

Answer 26

Takes a normal user account and transforms them to those with admin rights

Question 27

What are the ways to protect against a privilege escalation attack

Answer 27

Input Validation, Patch OS and apps, Enforce principle of least privilege, Use DEP and ASLR Technologies

Question 28

Driver Manipulation

Answer 28

Installing Malicious drivers/modifying existing drivers to access drivers that have low level access to the OS

Question 29

Shimming

Answer 29

Wraps legit driver with a malicious shim, does not require access to source code

Question 30

Code Signing

Answer 30

Digital sign of driver that validates functions

Question 31

Memory Overflow

Answer 31

Allows arbitrary code execution

Question 32

Resource Exhaustion

Answer 32

Slows down/disables system

Question 33

Memory Leak

Answer 33

Fails to release memory for reuse

Question 34

Memory Pointer

Answer 34

Area of memory that stores the address of another location in memory

Question 35

Null-pointer dereferencing

Answer 35

Causes Application to Crash

Question 36

DLL lnjection

Answer 36

Trick an application into loading malicious code i.e. library

Question 37

Race Conditions

Answer 37

Proper Functions of a security controls depends upon the timing of actions i.e. accessing the same bank account

Question 38

Best ways to protect against a Time of Use/Time of Check vulnerability

Answer 38

Using a lock that prevents two people from accessing the same account