CH09 Application Security Flashcards
A web developer wants to protect their new web application from a man-in-the-middle attack. Which of the following controls would best prevent an attacker from stealing tokens stored in cookies?
a. Forcing the use of TLS for web application
b. Forcing the use of SSL for the web application
c. Setting secure attribute on the cookie
d. Hashing the cookie value
c. Setting the secure attribute on the cookie
When a cookie has the Secure attribute, the user agent includes the cookie in an HTTP request only if the request is transmitted over a secure channel (typically HTTPS). Although seemingly useful for protecting cookies from active network attackers, the Secure attribute protects only the cookie’s confidentiality.
Forcing the web application to use TLS or SSL does not force the cookie to be sent over TLS/SSL, so you still would need to set the Secure attribute on the cookie.
Hashing the cookie provides integrity of the cookie, not confidentiality.
A user reports that every time they try to access https://www.diontraining.com, they receive an error stating “Invalid or Expired Security Certificate”. The technician attempts to connect to the same site from other computers on the network, and no errors or issues are observed. Which of the following settings needs to be changed on the user’s workstation to fix the “Invalid or Expired Security Certificate” error?
a. Logon times
b. Date and time
c. User access control
d. UEFI boot mode
b. Date and time
There are two causes of the “Invalid or Expired Security Certificate”. The first is a problem with your computer, and the second occurs when the certificate itself has an issue. Since the technician can successfully connect to the website from other computers, it shows that the error is on the user’s computer. One of the common causes of an Invalid or Expired Security Certificate error is the clock on the user’s computer being wrong since the website security certificates are issued to be valid within a given date range.
Your company has created a baseline image for all of its workstations using Windows 10. Unfortunately, the image included a copy of Solitaire, and the CIO has created a policy to prevent anyone from playing the game on the company’s computers. You have been asked to create a technical control to enforce the policy (administrative control) that was recently published. What should you implement?
a. Application whitelist
b. Disable removable media
c. Application blacklist
d. Application hardening
c. You should create and implement an application blacklist that includes the Solitaire game on it. This will prevent the application from being able to be run on any corporate workstation.
Application whitelists will allow only authorized applications to be run, while application blacklists will prevent any application listed from being run.