3.6 Summarize secure application development and deployment concepts

Question 1

Development lifecycle models

Answer 1

Waterfall vs Agile.

Waterfall: each phase must be completed sequentially.

Agile: iterates through phases concurrently.

Question 2

Secure DevOps

Answer 2

DevOps means that there is much more collaboration between developers and system administrators.

Question 3

Security automation

Answer 3

The concept of scripted or programmed infrastructure can also be applied to security infrastructure (firewalls, IDS, SIEM, and privilege management). For example, security automation might mean that a user account is provisioned by running a script for the appropriate role rather than relying on a human administrator to select the appropriate security groups and policy settings.

Question 4

Continuous integration

Answer 4

The principle that developers should commit updates often (every day or sometimes even more frequently).

Question 5

Immutable systems

Answer 5

This approach first strictly divides data from the components processing data. Once designed and provisioned as instances, the components are never changed or patched in place. Deploying a patch or adding a new application means building a new instance and deploying that.

Question 6

Infrastructure as code

Answer 6

This is the principle that when deploying an application, the SERVER INSTANCE supporting the application can be defined and provisioned through the software code. Imagine a setup program that not only installs the application but also creates a VM and OS on which to run the application.

Question 7

Version control and change management

Answer 7

An ID system for each iteration of a software product.

Question 8

Provisioning and deprovisioning

Answer 8

Provisioning is the process of deploying an application to the target environment, such as enterprise desktops, mobile devices, or cloud infrastructure.

Deprovisioning is the process of removing an application from packages or instances.

Question 9

Proper error handling

Answer 9

Ideally, the programmer will have written an error or exception handler to dictate what the application should then do in case of invalid user input, a loss of network connectivity, another server or process failing.

Question 10

Proper input validation

Answer 10

To mitigate this risk, all input methods should be documented with a view to reducing the potential attack surface exposed by the application. There must be routines to check user input, and anything that does not conform to what is required must be rejected. Can reduce risk of injection attacks.

Question 11

Normalization

Answer 11

Means that a string is stripped of illegal characters or substrings and converted to the accepted character set. This ensures that the string is in a format that can be processed correctly by the input validation routines.

Question 12

Stored procedures

Answer 12

A part of a database that executes a custom query. The procedure is supplied an input by the calling program and returns a pre-defined output for matched records.

Question 13

Code signing

Answer 13

The principal means of proving the authenticity and integrity of code (an executable or a script). The developer creates a cryptographic hash of the file then signs the hash using his or her private key.

Question 14

Obfuscation/camouflage

Answer 14

A software that randomizes the names of variables, constants, functions, and procedures, removes comments and white space, and performs other operations to make the compiled code physically and mentally difficult to read and follow.

Question 15

Code reuse/dead code

Answer 15

Dead code is executed but has no effect on the program flow.

Question 16

Server-side vs. client-side execution and validation

Answer 16

The main issue with client-side validation is that the client will always be more vulnerable to some sort of malware interfering with the validation process. The main issue with server-side validation is that it can be time-consuming, as it may involve multiple transactions between the server and client. Consequently, client-side validation is usually restricted to informing the user that there is some sort of problem with the input before submitting it to the server.

Question 17

Use of third-party libraries and SDKs

Answer 17

Third-party library—a binary package (such as a Dynamic Link Library) that implements some sort of standard functionality, such as establishing a network connection or performing cryptography. Each library must be monitored for vulnerabilities and patched promptly.

(SDK)—the programming environment used to create the software might provide sample code or libraries of pre-built functions. As with other third-party libraries or code, it is imperative to monitor for vulnerabilities.

Question 18

Data exposure

Answer 18

A fault that allows privileged information (such as a token, password, or PII) to be read without being subject to the appropriate access controls.

Question 19

Static code analyzers

Answer 19

Software that can scan code for known security risks.

Question 20

Dynamic analysis (e.g., fuzzing)

Answer 20

Software that tests code for vulnerabilities in the runtime environment.

Question 21

Stress testing

Answer 21

Tests an application performance under extreme usage.

Question 22

Sandboxing

Answer 22

Each development environment should be segmented from the others. No processes should be able to connect to anything outside the sandbox. Only the minimum tools and services necessary to perform code development and testing should be allowed in each sandbox.

Question 23

Model verification

Answer 23

A compliance testing process to ensure that the product or system meets its design goals.

Question 24

Compiled vs. runtime code

Answer 24

Compiled code is syntactically correct.

Runtime code is functioning properly without errors.