2.4 Software Vulnerabilities

Question 1

(Application Security Design Considerations)

Secure by Design

Answer 1

an application has considered the threat environment it will be operating within and that it appropriately uses available technology to achieve security

Question 2

(Application Security Design Considerations)

Secure by default

Answer 2

the principle that when an application is deployed in a default configuration, security is maintained

Question 3

(Application Security Design Considerations)

Default by deployment

Answer 3

an application is deployed into an environment that will support the security goals of the application

Question 4

(Specific Application Issues)

Unsecure direct objective references

Answer 4

a direct object occurs when an application refers to the actual name of objects such as files, folders, databases, or storage elements

Question 5

(Specific Application Issues)

XSS

Answer 5

Cross site scripting
-involves attackers discovering and exploiting vulnerabilities on websites in order to inject malicious code-typically JavaScript

Question 6

(Specific Application Issues)

CSRF

Answer 6

Cross-Site request forgery
-malicious code found in emails, websites, or instant messages and cause a user’s WEB BROWSER to execute undesired actions on a site to which the user is already authenticated

Question 7

(Specific Application Issues)

Click-Jacking

Answer 7

an attack where a use is tricked into clicking something on a web page causing a different operation to be performed

Question 8

(Specific Application Issues)

Session Management

Answer 8

Session management is done through the use of cookies and session IDs

Question 9

(Specific Application Issues)

Input Validation

Answer 9

Screening all input to ensure it is in proper form and length before processing

Question 10

(Specific Application Issues)

SQL injection

Answer 10

designed to attack the database associated with a web application

Question 11

(Specific Application Issues)

Improper error and exception handling

Answer 11

occurs when an error message provides too much information to the attacker, thus revealing vulnerabilities

Question 12

(Specific Application Issues)

Fuzzing/fault injection

Answer 12

a software testing methodology used to detect input validation errors

Question 13

(Specific Application Issues)

Secure cookie storage and transmission

Answer 13

cookies provide client-managed storage in the form of text files that enable a web browse to locally store information from a web application

Question 14

(Specific Application Issues)

Buffer overflow

Answer 14

when the size of the data being read is larger than the destination buffer causing an overflow condition resulting in application failure

Question 15

(Specific Application Issues)

Memory leaks

Answer 15

result in failure of an application to correctly manage memory, which can lead to a memory shortage

Question 16

(Specific Application Issues)

Integer overflows

Answer 16

error that occurs when a number is too large to be stored in the variable

Question 17

(Specific Application Issues)

Race Condition

Answer 17

software flaws that arise from different processes or threads having a dependence on an object or resource that affects another thread or process

Question 18

(Specific Application Issues)

Resource Exhaustion

Answer 18

a form of DoS where a required resource to perform some specific action is not available at the time of need

Question 19

(Specific Application Issues)

Geotagging

Answer 19

attaching geographical identification properties to media such as pictures,websites, videos etc

Question 20

(Specific Application Issues)

Use of third party libraries

Answer 20

helps reduce development time and improves code quality and security

Question 21

(Specific Application Issues)

Data remnants

Answer 21

any unwanted pieces of information that remain after a deletion operation

Question 22

(Specific Application Issues)

Code reuse

Answer 22

the authorized use of someone else’s proven code, to improve your software development efforts

Question 23

Application Sandboxing

Answer 23

a mechanism to constrain an application into a confined area during execution

Question 24

Secure encrypted enclaves

Answer 24

secure enclaves use a separate coprocessor from the system’s main processor to prevent the main processor from having direct access to information stored in the secure encrypted enclave

Question 25

Database activity monitor

Answer 25

independently monitor the transactions and other activity of database services
-monitors applications and uses for unauthorized or fraudulent activity such as SQL injection attacks

Question 26

Web application firewalls

Answer 26

firewalls created for web apps to impart HTTP-specific rules to guard against attacks such as XSS, session hijacking, SQL injection

Question 27

Client-Side processing Vs. Server-side processing

Answer 27

• Client-side processing is faster than a round-trip to the server
• Server-side processing acts as the real input validation, preventing any input overflow or canonicalization errors

Question 28

(Client-Side processing Vs. Server-side processing)

JSON

Answer 28

SavaScript Object Notation
- language-independent format derived from JavaScript that utilizes simple text format for the storage and exchange of data between a browser and web application

Question 29

(Client-Side processing Vs. Server-side processing)

REST

Answer 29

Representational State Transfer
-framework that relies on various web protocols to define how clients and servers can exchange web resources with a high degree of interoperability

Question 30

(Client-Side processing Vs. Server-side processing)

Browser extensions

Answer 30

known add-ins or plugins, are tiny programs connected to a web browser to provide extra functionality

Question 31

(Client-Side processing Vs. Server-side processing)

ActiveX

Answer 31

microsoft software framework designed for internet explorer for the purpose of running dynamic media content
-built on object oriented programming technologies

Question 32

(Client-Side processing Vs. Server-side processing)

Java applets

Answer 32

small platform-independent and internet-based programs accessible within a web browser

Question 33

(Client-Side processing Vs. Server-side processing)

HTML5

Answer 33

fifth generation of HTML markup language

• used for describing the contents and appearance of web pages
• enhanced to support more multimedia capabilities , added mobile device support, plus many other features

Question 34

(Client-Side processing Vs. Server-side processing)

AJAX

Answer 34

Asynchronous JavaScript and XML

-common programming methodology used to improve the end-user web applications

Question 35

(Client-Side processing Vs. Server-side processing)

SOAP

Answer 35

a specification for exchanging information associated with web services

Question 36

(Client-Side processing Vs. Server-side processing)

State Management

Answer 36

states can be managed in a variety of manners, but the two primary means are both via cookies, with the state being maintained either in the cookie or on the server via a lookup process

Question 37

(Client-Side processing Vs. Server-side processing)

JavaScript

Answer 37

scripting language developed by netscape and designed to be operating within a browser instance

Question 38

Operating system vulnerabilities

Answer 38

can include unnecessary services, lack of encryption, lack or hardening, open ports, and missing patches

Question 39

Firmware vulnerabilities

Answer 39

result in serious security issues