2.10 - Browser Security

Question 1

Browser download and installation

Answer 1

• Always use trusted sources
  – Attackers want you to install the malware for them
  – No fancy exploit required
• Avoid untrusted third-party sites
  – Don’t click links in emails
  – Don’t follow links from other websites
  – Always visit a browser site directly
• Use hashes to verify the download
  – Confirm the downloaded file matches the
  version on the server

Question 2

Hash verification

Answer 2

• Install a hash checking application
  – Available for command line and GUI
  – Options available in the Microsoft Store
• Hash values may be available on the download site
  – Usually includes a digital signature for verification
• Verify the downloaded file
  – Compare the downloaded file hash with the posted hash value

Question 3

Extensions and plug-ins

Answer 3

• Trusted sources
  – Official browser extension library
  – Chrome Web Store
  – Microsoft Store
  – Known-good websites
• Untrusted sources
  – Random or unfamiliar websites
  – Installed by malware
• This is a significant attack vector
  – Almost everything we do is in our browser

Question 4

Malicious browser extensions

Answer 4

• March 2021
  – More than 24 malicious
  – Google Chrome extensions identified
  – Includes 40 malicious domains
  – Not identified by security technologies
• Malicious activity identified
  – Credential theft
  – Screenshots and keylogging
  – Data exfiltration
• Don’t trust any software - Always have backups

Question 5

Password managers

Answer 5

• Password vaults
  – All passwords in one location
  – A database of credentials
• Secure storage
  – All credentials are encrypted
  – Cloud-based synchronization options
• Create unique passwords
  – Passwords are not the same across sites
• Personal and enterprise options
  – Corporate access

Question 6

Secure connections

Answer 6

• Security alerts and invalid certificates
  – Something isn’t quite right
  – Should raise your interest
• Look at the certificate details
  – May be expired or the wrong domain name
  – The certificate may not be properly signed
  (untrusted certificate authority)
  – Correct time and date is important

Question 7

Enable pop-up blockers

Answer 7

• Pop-up blocker
  – Prevent unwanted notification windows
• Enable or disable
  – Should usually be enabled
  – Disable temporarily when troubleshooting
• Block and allow
  – Control pop-up blocking on certain websites

Question 8

Clearing private data

Answer 8

• Clear browsing data
  – History
  – Saved passwords
  – List of downloaded files
• Clear cache
  – Parts of a website are stored locally
  – Remove all local data

Question 9

Private browsing mode

Answer 9

• Don’t store information from a browsing session
  – Good for privacy
  – Useful when testing or troubleshooting
• Removes the information when the browser is closed
  – No history tracking
  – No download file list
  – Cached information is deleted

Question 10

Browser data synchronization

Answer 10

• Share browsing data across multiple systems
  – Sign in to the browser
• Use with other computers, tablets, and mobile devices
  – Browsing history
  – Favorites
  – Installed extensions
  – Other settings

Question 11

Ad blockers

Answer 11

• Some browsers can block advertising
  – This isn’t always an option
• Many sites will track visits
  – And recognize a return visit
• Difficult to always recognize an advertisement
  – You can control the security level