3 - Secure data management

Question 1

States of data

Answer 1

• At rest
• In transit
• In Use

Question 2

Database vulnerabilities

Answer 2

• Misconfiguration
• Lack of training
• Buffer overflows
• Forgotten Options
• Unused stored procedures
• Service account privilege issues (minimum)
• Weak or poor authentication methods enabled
• No or limited auditing
• Lack of input validation etc

Question 3

Buffer overflows

Answer 3

Crashing server by storing big thing in small place

Question 4

Forgotten options

Answer 4

Weak documentation/redundancy of staff etc

Question 5

Error log

Answer 5

Store any errors that occur

Question 6

Access Log

Answer 6

Store any attempts to access the system

Question 7

Lack of input validation

Answer 7

Santise data in input fields before saving. Never trust the user.

Question 8

Passive Threats

Answer 8

Threat to confidentiality
- Unauthorised person may listen to sensitive comms

Question 9

Active Threats

Answer 9

Threats to integrity
- Unauthorised person may alter/delete information

Question 10

Cryptanalysis

Answer 10

• Hacker tries to work out what encrypted information means

Question 11

Apps for locating databases on the network

Answer 11

• SQLPing 3.0
• SQLRecon

Question 12

Denial of Service

Answer 12

Intended to make data server unavailable/unable to respond to requests.

Question 13

Distributed DoS

Answer 13

Uses lots of systems to conduct a Denial of Service attack

Question 14

SQL Injection

Answer 14

Exploit “holes” in a Web application to run rogue SQL commands.

Done by placing special characters into existing SQL commands to achieve desired results.

Question 15

Avoiding SQL Injection

Answer 15

• Validating user input
• Input sanitisation
• Hashing & encrypting data
• Execute only with an account with least privilege
• Avoid error messages containing valuable data

Question 16

Backdoor

Answer 16

Runs in a hidden process to give attacker port to connect to this system.

• Can do basically everything, especially with admin privileges.

Question 17

Ransomware

Answer 17

Locks up a PC etc for a price.

Question 18

Cloud Computing Security Issues

ARL

Answer 18

• Availability (must be available)
• Reliability
• Loss of control

Question 19

Misconfiguration Risks

Answer 19

• Steal server info
• Run scripts
• Excecute remotely
• Enumerate servers
• Denial of serviceN

Question 20

Network based risks

Answer 20

• Attacker capturing network traffic etc

Question 21

Client Side risks

Answer 21

• Risks that affect the user’s system directly

Question 22

Key

Answer 22

bigger key = better, 1025bit min

Question 23

Symmetric Encryption

Answer 23

Shared key - one key

Relies on secrecy of key

Question 24

Asymmetric Encryption

Answer 24

Public key encryption - two keys

Question 25

Signatures

Answer 25

Encrypt with private key.
Decrypt with public key and matches received message (see cryptography for better details)

Question 26

Hashing

Answer 26

Function used for integrity assurance. Downloaded file’s hash should match the expected hash but working out the plaintext from a hash is very difficult.

Question 27

Asymmetric encryption problems (about the public key in particular!)

Answer 27

_ Ownership of the public key does not guarantee authenticity
- Having to revoke keys if compromised
- No way of proving that a Public Key belongs to Alice

Question 28

Digital Certificates

Answer 28

Used to auth users and provide non-repudiation.

Alcie sends request to CA with identity proof and public key. CA verifies ID then creates, signs and sends certificate