6.2 Application Security Flashcards
*
Mobile, embedded, and IoT devices are_____________; security programs should include them.
*
prevalent and vulnerable
Compromised devices can lead to consequences ranging from ____________ to ______________
embarrassing to fatal.
*
Mobile devices are increasingly vulnerable due to (4)?
*
powerful hardware, constant network connectivity, and movement between environments.
__________ _____________ include smartphones, tablets, head-mounted devices, and smartwatches, performing similar functions to non-mobile computers.
Mobile devices
*
The line between __________ and ____________has blurred, with some smartphones rivaling computer power and some computers running mobile operating systems.
mobile devices and computers
*
Businesses typically use__________ and _____________ to maintain mobile device security.
software and policies
*
__________________solutions allow central control of devices, including patching, password changes, and software regulation.
Mobile device management
*
Management solutions use agents on devices to _______________________
enforce configurations and can remotely wipe or disable devices.
*
Organizations often have __________ policies regulating personal and corporate device use in the workplace.
BYOD
*
_________________ are easier to manage centrally, allowing stricter control over apps and security settings.
Corporate-owned devices
*
__________ ________________may have limited management capabilities, potentially subverted by savvy users.
*
Personal devices
Many organizations allow a mix of personal and corporate-owned devices with varying levels of _______________ and ______________.
access and security features.
*
Mobile devices face several specific security issues, including__________________________.
baseband operating system vulnerabilities.
*
The baseband operating system handles_______________ and ____________________.
*
hardware functions and is often proprietary and infrequently updated
Baseband vulnerabilities can lead to attacks like ___________________________.
*
spying on cell phone communications via SS protocol.
_____________ removes manufacturer restrictions, often disabling security features and leaving devices vulnerable.
*
Jailbreaking
Jailbreaks typically require
_____________to bypass security, sometimes disabling features or patching files permanently.
*
exploits
_____________ patch jailbreak vulnerabilities in new OS versions, leading to a ___________ being developed.
*
Vendors; cycle of new jailbreaks
Management solutions and anti-malware apps can help ______________________.
prevent or detect jailbreaking attempts.
*
_____________can compromise mobile device security by exploiting granted privileges.
Malicious apps
*
Even official app stores aren’t completely safe from malicious apps, as shown by ____________________
cryptocurrency app incidents.
*
Jailbroken devices are especially vulnerable to___________________.
malicious apps from unofficial sources.
*
To protect against malicious apps, stick to _____________ and avoid _____________.
official app stores; jailbreaking
*
Lack of________ ____________for mobile devices and apps can cause major security problems.
*
timely updates
Manufacturers often ______________ older devices, leaving them vulnerable to new security threats.
*
stop updating
App updates can also be ____________, especially for _____________with less consistent support.
problematic; smaller apps
*
Users can mitigate update issues by choosing devices from __________________.
vendors with better update track records.
*
Embedded devices are _________________.
computers inside other devices, performing single functions in various applications.
*
________________ and ________________systems commonly use embedded devices to control critical infrastructure.
Industrial control systems and SCADA
*
Attacks on _________________ can have physical world impacts, as demonstrated by ____________.
.
industrial control systems; Stuxnet
*
Many industrial control systems run on proprietary _________ with_______________ similar to mobile baseband systems.
RTOSs; security issues
*
_________________ aren’t foolproof protection against attacks on industrial control systems.
Air-gapped networks
*
_____________________systems range from vital signs monitors to implanted devices like pacemakers.
*
Medical devices with embedded
Security vulnerabilities in medical devices can have life-threatening consequences, as shown by the ___________ _______________issue.
Medtronic pacemaker
*___________ can have up to 70 embedded devices communicating over a ___________ to control various functions.
*
Cars ; CAN bus
_________ ____________ has demonstrated the potential for remote control of vehicle functions, posing serious safety risks.
Car hacking
*
_____________ embedded devices can be challenging or impossible, especially for_________ _________devices.
Upgrading; implanted medical
*
The hardware in embedded devices is typically expected to __________________ of the containing device.
last the lifetime
*
Compromised embedded devices can have huge ____________ and critical _____________.
physical impacts on human safety - infrastructure
*
_________________ may target embedded devices controlling essential systems like power and water.
*
Nation-state attacks
Vendors and _____________ are increasing attention to embedded device security, with more training available.
*
governments
________ devices are becoming more prevalent in everyday appliances, bringing new security challenges.
*
IoT
The term “Internet of Things” was coined in ____ and now refers to any _____________________without a ____________.
1999; internet-connected device ; full desktop OS
*
Network printers are common _____________with complex operating systems and potential security vulnerabilities.
*
IoT devices
Networked surveillance cameras are often vulnerable due to simple________________ or __________________.
*
default credentials or backdoors.
Smart locks and other physical security IoT devices can have serious vulnerabilities, as demonstrated by the _____________________ issue.
Tapplock (smart padlock) issues.
*
The line between embedded and IoT devices is fuzzy, with some key differences in ____________ and ____________.
*
design and connectivity.
IoT devices often lack ________________ in their operations, making it difficult to detect ___________________.
*
transparency; unusual behavior
The proliferation of IoT devices has led to large-scale attacks, such as the_______________attack.
*
Mirai botnet DDoS
_____________ IoT devices pose ongoing security risks, as many older devices remain in use without _________.
*
Outdated - updates
Updating older IoT devices can be challenging, especially for ________________ users
non-technical
Describe Bounds checking -
When you don’t properly account for the size of data input into your application
What does a fuzzing tool do?
a technique to bombard an application with data and input from all sources to get it to fail or act strangely.
Give an example of a race condition.
Saving a document in the cloud at the same time another person does; which document truly saves the latest version.
Occurs when multiple threads within a process control access to a particular resource and the correct handling depends on timing or transactions.
Why is it important to remove extraneous files from a web server?
attackers could use against your system, ie..source code
What does the tool Burp Suite do and in what situation might you use it?
Web analysis too; discover, exploit, and mitigate security vulnerabilities. When you need to scan a web application for security vulnerabilities, Burp Scanner can automate this process
Name the two main categories of web security.
Client Side and Server Side
Is a SQL injection attack an attack on the database or an attack on the web application?
Database attack
Why is input validation important?
Could leave you open to a format string attack if user input isn’t in correct format.
Explain a cross-site request forgery attack and what you might do to prevent it.
Log out of websites and close those windows when finished.
How might you use a sniffer to increase the security of your applications
You can watch specific network traffic that is being exchanged.
How can you prevent buffer overflows in your applications?
Use bounds checking to limit the amount of data you take in
What is cross site scripting (XSS)? Is it client side or server side attack?
Attacks inserts code in a scripting language into a page or other media like adobe -; displayed by the client browser. Client side attack.
What is a directory transversal attack? Is it client side or server side attack?
When you don’t validate input into web applications - Server Side Attack
Is clickjacking client side or server side attack?
client side
A ______________ occurs when multiple threads within a process control access to a particular resource and the correct handling depends on timing or transactions.
race condition
______________________is a data-network packet analyzer computer program that runs under a command line interface. It is not a type of tool categorized as an exploit framework.
TCPdump
_______________is a centralized penetration testing tool that enables security teams to conduct advanced, multi-phased penetration tests. It is a type of tool categorized as an exploit framework. Exploit frameworks include pre-packaged sets of exploits.
Core Impact
