6.2 Application Security Flashcards by joe Moore

*
Mobile, embedded, and IoT devices are_____________; security programs should include them.
*

prevalent and vulnerable

How well did you know this?

Not at all

Perfectly

Compromised devices can lead to consequences ranging from ____________ to ______________

embarrassing to fatal.

How well did you know this?

Not at all

Perfectly

*
Mobile devices are increasingly vulnerable due to (4)?
*

powerful hardware, constant network connectivity, and movement between environments.

How well did you know this?

Not at all

Perfectly

__________ _____________ include smartphones, tablets, head-mounted devices, and smartwatches, performing similar functions to non-mobile computers.

Mobile devices

How well did you know this?

Not at all

Perfectly

*
The line between __________ and ____________has blurred, with some smartphones rivaling computer power and some computers running mobile operating systems.

mobile devices and computers

How well did you know this?

Not at all

Perfectly

*
Businesses typically use__________ and _____________ to maintain mobile device security.

software and policies

How well did you know this?

Not at all

Perfectly

*
__________________solutions allow central control of devices, including patching, password changes, and software regulation.

Mobile device management

How well did you know this?

Not at all

Perfectly

*
Management solutions use agents on devices to _______________________

enforce configurations and can remotely wipe or disable devices.

How well did you know this?

Not at all

Perfectly

*
Organizations often have __________ policies regulating personal and corporate device use in the workplace.

BYOD

How well did you know this?

Not at all

Perfectly

*
_________________ are easier to manage centrally, allowing stricter control over apps and security settings.

Corporate-owned devices

How well did you know this?

Not at all

Perfectly

*
__________ ________________may have limited management capabilities, potentially subverted by savvy users.
*

Personal devices

How well did you know this?

Not at all

Perfectly

Many organizations allow a mix of personal and corporate-owned devices with varying levels of _______________ and ______________.

access and security features.

How well did you know this?

Not at all

Perfectly

*
Mobile devices face several specific security issues, including__________________________.

baseband operating system vulnerabilities.

How well did you know this?

Not at all

Perfectly

*
The baseband operating system handles_______________ and ____________________.
*

hardware functions and is often proprietary and infrequently updated

How well did you know this?

Not at all

Perfectly

Baseband vulnerabilities can lead to attacks like ___________________________.
*

spying on cell phone communications via SS protocol.

How well did you know this?

Not at all

Perfectly

_____________ removes manufacturer restrictions, often disabling security features and leaving devices vulnerable.
*

Jailbreaking

How well did you know this?

Not at all

Perfectly

Jailbreaks typically require
_____________to bypass security, sometimes disabling features or patching files permanently.
*

exploits

How well did you know this?

Not at all

Perfectly

_____________ patch jailbreak vulnerabilities in new OS versions, leading to a ___________ being developed.
*

Vendors; cycle of new jailbreaks

How well did you know this?

Not at all

Perfectly

Management solutions and anti-malware apps can help ______________________.

prevent or detect jailbreaking attempts.
*

How well did you know this?

Not at all

Perfectly

_____________can compromise mobile device security by exploiting granted privileges.

Malicious apps

How well did you know this?

Not at all

Perfectly

*
Even official app stores aren’t completely safe from malicious apps, as shown by ____________________

cryptocurrency app incidents.
*

How well did you know this?

Not at all

Perfectly

Jailbroken devices are especially vulnerable to___________________.

malicious apps from unofficial sources.

How well did you know this?

Not at all

Perfectly

*
To protect against malicious apps, stick to _____________ and avoid _____________.

official app stores; jailbreaking

How well did you know this?

Not at all

Perfectly

*
Lack of________ ____________for mobile devices and apps can cause major security problems.
*

timely updates

How well did you know this?

Not at all

Perfectly

Manufacturers often ______________ older devices, leaving them vulnerable to new security threats. *

stop updating

App updates can also be ____________, especially for _____________with less consistent support.

problematic; smaller apps

* Users can mitigate update issues by choosing devices from __________________.

vendors with better update track records.

* Embedded devices are _________________.

computers inside other devices, performing single functions in various applications.

* ________________ and ________________systems commonly use embedded devices to control critical infrastructure.

Industrial control systems and SCADA

* Attacks on _________________ can have physical world impacts, as demonstrated by ____________. .

industrial control systems; Stuxnet

* Many industrial control systems run on proprietary _________ with_______________ similar to mobile baseband systems.

RTOSs; security issues

* _________________ aren't foolproof protection against attacks on industrial control systems.

Air-gapped networks

* _____________________systems range from vital signs monitors to implanted devices like pacemakers. *

Medical devices with embedded

Security vulnerabilities in medical devices can have life-threatening consequences, as shown by the ___________ _______________issue.

Medtronic pacemaker

*___________ can have up to 70 embedded devices communicating over a ___________ to control various functions. *

Cars ; CAN bus

_________ ____________ has demonstrated the potential for remote control of vehicle functions, posing serious safety risks.

Car hacking

* _____________ embedded devices can be challenging or impossible, especially for_________ _________devices.

Upgrading; implanted medical

* The hardware in embedded devices is typically expected to __________________ of the containing device.

last the lifetime

* Compromised embedded devices can have huge ____________ and critical _____________.

physical impacts on human safety - infrastructure

* _________________ may target embedded devices controlling essential systems like power and water. *

Nation-state attacks

Vendors and _____________ are increasing attention to embedded device security, with more training available. *

governments

________ devices are becoming more prevalent in everyday appliances, bringing new security challenges. *

IoT

The term "Internet of Things" was coined in ____ and now refers to any _____________________without a ____________.

1999; internet-connected device ; full desktop OS

* Network printers are common _____________with complex operating systems and potential security vulnerabilities. *

IoT devices

Networked surveillance cameras are often vulnerable due to simple________________ or __________________. *

default credentials or backdoors.

Smart locks and other physical security IoT devices can have serious vulnerabilities, as demonstrated by the _____________________ issue.

Tapplock (smart padlock) issues.

* The line between embedded and IoT devices is fuzzy, with some key differences in ____________ and ____________. *

design and connectivity.

IoT devices often lack ________________ in their operations, making it difficult to detect ___________________. *

transparency; unusual behavior

The proliferation of IoT devices has led to large-scale attacks, such as the_______________attack. *

Mirai botnet DDoS

_____________ IoT devices pose ongoing security risks, as many older devices remain in use without _________. *

Outdated - updates

Updating older IoT devices can be challenging, especially for ________________ users

non-technical

Describe Bounds checking -

When you don't properly account for the size of data input into your application

What does a fuzzing tool do?

a technique to bombard an application with data and input from all sources to get it to fail or act strangely.

Give an example of a race condition.

Saving a document in the cloud at the same time another person does; which document truly saves the latest version. Occurs when multiple threads within a process control access to a particular resource and the correct handling depends on timing or transactions.

Why is it important to remove extraneous files from a web server?

attackers could use against your system, ie..source code

What does the tool Burp Suite do and in what situation might you use it?

Web analysis too; discover, exploit, and mitigate security vulnerabilities. When you need to scan a web application for security vulnerabilities, Burp Scanner can automate this process

Name the two main categories of web security.

Client Side and Server Side

Is a SQL injection attack an attack on the database or an attack on the web application?

Database attack

Why is input validation important?

Could leave you open to a format string attack if user input isn't in correct format.

Explain a cross-site request forgery attack and what you might do to prevent it.

Log out of websites and close those windows when finished.

How might you use a sniffer to increase the security of your applications

You can watch specific network traffic that is being exchanged.

How can you prevent buffer overflows in your applications?

Use bounds checking to limit the amount of data you take in

What is cross site scripting (XSS)? Is it client side or server side attack?

Attacks inserts code in a scripting language into a page or other media like adobe -; displayed by the client browser. Client side attack.

What is a directory transversal attack? Is it client side or server side attack?

When you don't validate input into web applications - Server Side Attack

Is clickjacking client side or server side attack?

client side

A ______________ occurs when multiple threads within a process control access to a particular resource and the correct handling depends on timing or transactions.

race condition

______________________is a data-network packet analyzer computer program that runs under a command line interface. It is not a type of tool categorized as an exploit framework.

TCPdump

_______________is a centralized penetration testing tool that enables security teams to conduct advanced, multi-phased penetration tests. It is a type of tool categorized as an exploit framework. Exploit frameworks include pre-packaged sets of exploits.

Core Impact