CH10 Secure Software Development Flashcards
What is SDLC ?
SDLC = Software Development Life Cycle
What are the seven phases of the software development life cycle ?
- Planning and Analysis
- Software / Systems Design
- Implementation
- Testing
- Integration
- Deployment
- Maintenance
What is Agile software development ?
Performed in time-boxed or small increments to allow more adaptivity to change.
Agile development projects work in either two-week or four-week time period known as sprint.
What is DevOps ?
Software development and information technology operations.
Software developers and IT operation personal work closely together to speed up the development and deployment of the applications and to get things out to the end user quicker.
What is CIA triad ?
confidentiality, integrity, and availability
Confidentiality – ensures that only authorized users can access the data. The most common way of ensuring confidentiality is to include the use of encryption to maintain the secrecy of the data being stored.
Integrity – ensuring that the data is not modified or altered without permission. Two main ways that we do this as developers is by utilizing hash algorithms as a method of integrity check for the data or by using journaling and logging functions to create audit trail showing the integrity of the data has not been compromised.
Availability – Ensuring that data is available to authorized users when it is needed. Developers do this by creating redundancy in the overall system design, by ensuring their software code is error-free, or by ensuring that their software can conduct error handling appropriately to prevent crashes.
What does Threat modeling do?
Threat modeling helps prioritize vulnerability identification and patching
What is a concept of Defense in Depth?
Layering of security controls is more effective and secure than relying on a single control
What are SDLC Principles ?
o Developers should always remember confidentiality, integrity, and availability
o Threat modeling helps prioritize vulnerability identification and patching
o Least Privilege
o Defense in Depth
o Never Trust User Input
o Minimize Attack Surface
o Create Secure Defaults
o Authenticity and Integrity
o Fail Securely
o Fix Security Issues
o Rely on Trusted SDKs
What is Black-box Testing ?
Occurs when a tester is not provided with any information about the system or program prior to conducting the test
What is White-box Testing ?
Occurs when a tester is provided full details of a system including the source code, diagrams, and user credentials in order to conduct the test
What is Gray-box testing ?
mixture of black-box and white-box. Tester is given some amount of information about the system and conducts his testing as if he doesn’t have full access to it
What is Static Analysis ?
Source code of an application is reviewed manually or with automatic tools without running the code
What is Dynamic Analysis ?
Analysis and testing of a program occurs while it is being executed or run
What is Fuzzing ?
Injection of randomized data into a software program in an attempt to find system failures, memory leaks, error handling issues, and improper input validation
What is Backdoor vulnerabilities ?
code placed in computer programs to bypass normal authentication and other security mechanisms.
Backdoors are a poor coding practice and should not be utilized.
What is Arbitrary Code Execution ?
occurs when an attacker is able to execute or run commands on a victim computer. (Ex: someone start executing code on your computer while you have stepped away)
What is Directory Traversal ?
method of accessing unauthorized directories by moving through the directory structure on a remote server.
a directory traversal is used as a way to access a file on a web server and sometimes you can even use it to conduct an arbitrary code execution on that server
For the exam: any time you see that there’s a series of ../ in them, it is most likely a directory traversal and it’s being used as part of an exploit
What is RCE ?
RCE = Remote Code Execution
occurs when the attacker is able to execute or run commands on a remote computer
What is Zero Day Exploit?
Attack against a vulnerability that is unknown to the original developer or manufacturer
What is Buffer Overflow ?
Occurs when a process stores data outside the memory range allocated by the developer.
Buffer overflows attempt to put more data into memory than it is designed to hold
What is Stack ?
reserved area of memory where the program saves the return address when a function call instruction is received.
What is Smash the Stack ?
occurs when an attacker fills up the buffer with NOP so that the return address may hit a NOP (non-operation instruction) and continue on until it finds the attacker’s code to run.
What is ASLR ?
ASLR = Address Space Layout Randomization
It is one of the ways to mitigate against a buffer overflow attack.
It is a method used by programmers to randomly arrange the different address spaces used by a program or process to prevent buffer overflow exploits.
What is XSS ?
XSS = Cross-Site Scripting
Occurs when an attacker embeds malicious scripting commands on a trusted website
When this occurs, the attacker is trying to gain elevated privileges, steal information from the victims cookies, or gain other information stored by the victim’s web browser. It focuses on exploiting the trust between a user’s web browser and website.
To prevent Cross-site scripting (XSS) attack, programmers should use the output encoding of their web applications to prevent codes from being injected into them during delivery, and they should also use proper input validation to prevent the ability for HTML tags to be inserted by users when they’re entering information on a web form.
