Chapter 8: Software Development Security

Question 1

Abstraction

Answer 1

Information Hiding - focus on big picture….

Question 2

aggregation

Answer 2

pulling bits of different data together then make an assumption via inference…

Question 3

Agile Model

Answer 3

most common

very flexible in nature

requirements to change throughout. good for when projects requirements change a lot.

Pros:

• fewer defects
• greater flexibility
• immediate feedback

cons:

• Less Documentaion
• Less focus on system design.

Question 4

Atomicity

Answer 4

A transaction is fully complete or it is rolled back All or Nuthin looking for the “commit message”

Question 5

Attributes - Object Oriented Technology

Answer 5

Descriptors for each class

Question 6

auditing

Answer 6

create audit policy to track actions to a subject.

audits can be use to :

• ensure policies are being followed/are effective
• marke sure hat individual user accounts aren’t unntentinoally being allowed to accumulate rights/permissions.
• check the accuracty and completeness of transactions that are authorized
• privileged actions are restriced to authorized personnnel.

Question 7

Backdoor

Answer 7

Usually created by software developers for an emergency entry into a system. Example may be a hotkey in the event that a password is not available for access. Obviously can be used by anyone with such knowledge to gain access into the system. A trapdoor is rather created via malicious activity.

Question 8

brocken auth & session mgmt

Answer 8

applications fuctions related to authentication and session managment are often no implemented correctly.

Question 9

Capability Maturity Model Integrated - CMMI

Answer 9

from carnegie mellon an organization’s project management’s process can be ranked on their maturity and can be ranked 5 levels. 5 best most orgs want a level3 “i really don’t mind oranges” 5 levels: Initial-caotic and heroic effort Repeatable- trying to get processes going…time, scop Defined: Project management office Managed- good understanding of process and product Optimized - associated with Kiazen, CPI continue process improvent.

Question 10

Cardinality

Answer 10

the number of rows in a relation one to many (such as customer to orders made)

Question 11

CGI

Answer 11

common gateway interface

does the input validation.

Question 12

Classes - Object Oriented Technology

Answer 12

Defines attributes, characteristics, and behaviors

Question 13

Code Injection

Answer 13

Looking at language of database and issuing commands.

Entering malicous code into webforms. no brackets, drop-table..input validation

make sure no data control language entered.

data type… only specific data

drop downs etc…

Question 14

Cohesion

Answer 14

Singleness of purpose - you want HIGH cohesion both have H’s :)

Question 15

Consitencey

Answer 15

Enforce any rules that are system defined or Administrator define

Question 16

Coupling

Answer 16

the dependency between modules - sharing same code for other apps. LOOSE coupling both have L’s in them

Question 17

CSRF

Answer 17

Cros site request forgery

takes advantage of a webite’s trust in a user

two sessions going on across user’s computer.

Question 18

Data Marts

Answer 18

Often regional collection of info from database

Question 19

Data Mining

Answer 19

process of pulling info from data warehouse by utilizing meta-data. police mining info about perps…

Question 20

Data Warehouse

Answer 20

collection of information from data marts….think of meth..example.. law enforments pull mull all store info into warehouse

Question 21

Database Design - ACID test

Answer 21

Atomicity Consistency Isolation Durability

Question 22

DB Aggregation & Inference

Answer 22

a way of gathering information and coming to a conclusion based on that. code injection is only computer based

Question 23

Degree

Answer 23

the number of columns in a relation

Question 24

Distributes Databases

Answer 24

Client-server type of DB located on more than one server distributed in several locations Synchronization accomplished via a two-phase commit or replication methods Data accessible in a single search function despite separate location DNS Data Base Is an example

Question 25

Due Diligence

Answer 25

is reseach

due care is action… enact policies etc…

Question 26

Durability

Answer 26

You can’t roll back a transaction you got to start over

Question 27

elite

Answer 27

high level database peeps…

Question 28

Entity Integrity

Answer 28

Primary Key field can’t be null

Question 29

Foreign Key

Answer 29

Primary key from one table appears in a secondary table

Question 30

Hacker

Answer 30

Someone that is very good with computers…

white hat hackers - PEN testers

black hat - ill intent

grey hat - in the middle…

Question 31

Hierarchical Database

Answer 31

Stores related info in a tree-like fashion. Info traced from major group to sub-group Predetermined access paths to data data traced through parents (hierarchy) “inverted tree”

Question 32

Inference

Answer 32

making assumptions from the aggregated info

Question 33

Inheritance - Object Oriented Technology

Answer 33

Objects inherit attributes and behaviors from super class

Question 34

IPv6

Answer 34

128 bits

Hexidecimal

NAT has make lack of IP’s not as big as a deal…

ipv4 is unsecured…

using as example as talking about unsecure software… lack of security integration.. etc.

Question 35

Isolation

Answer 35

until commit message is received the transaction is invisible

Question 36

masking

Answer 36

blocking out sensitive information…

Question 37

Messages - Object Oriented Technology

Answer 37

means of communication by objects

Question 38

metadata

Answer 38

“data about data” like controlled substance purchase

Question 39

Methods - Object Oriented Technology

Answer 39

functionality performed by objects

Question 40

Monitoring the program

Answer 40

Consistency: results are the same data

Quantative: precise, objective, numberic values

Objectivity: unbiased

Reveleance- shoudl have a direct bearing on a desision

inexpensive: should be cost effective.

Question 41

NFC

Answer 41

Near field communications

like the hotel key cards.

Question 42

Normalization of Database

Answer 42

no duplicates- every table describes the primary key

Question 43

Object Oriented Database

Answer 43

Modular and re-useable by design (probably not testable)

Question 44

Objects - Object Oriented Technology

Answer 44

collection of attributes for a single instance

Question 45

OWASP

Answer 45

Open web application security project

publish to 10 list of most commonly orchestrated attacks

international non-profit

Question 46

Polyinstantiation

Answer 46

to Lie….multiple instances of an event.

Provide false info to people that don’t have clearance. bogus info at lower levels

making the information boring though lying… ;)

Question 47

Polymorphism

Answer 47

capability of different objects to respond differently to same message

Question 48

Primary Key

Answer 48

the unique identifier that ties all the tables together ie: customer number

Question 49

Prototyping Software Approach

Answer 49

Pros:

feedback directly from users

client and contactor can work very closely

also allow software engineer some insight into the accuracy of initial project estimates and wether the deadlines and milestones can be met sucessfully.

cons:

clients rarely understand all teh ramifications of proposed changes.

Question 50

Referential Integrity

Answer 50

Can reference a non-existing key

Question 51

Relational Database

Answer 51

uses tables ie: columns and rows. A DB in the form of tables (rows & columns) related to each other Stores data in such a way that a data manipulation language can be used independently on data Uses a database engine (Oracle, Sybase, etc.)

Question 52

RFID

Answer 52

Radio Frequecy ID like fast pass

credit cars passports…

Question 53

rich internet apps

client side threats

2 of them

Answer 53

cross side scripting

xss - attacker takes advantage of website that doesn’t provide validation - code injection

“takes advantage of user’s trust of website”

CSRF

Cross site request forgery attack

take advantage of two session going on at two times…messaging with attacker. bof a account has been compromised….etc. help to troubleshoot problems…steal that session info..

“takes advantage of a website’s trust in a user”

Question 54

Rootkits

Answer 54

Malicious code that is intended to take full or partial control of a system at the lowest level (core or kernel). They often hide themselves from monitoring or detection and modify system files. Most rootkit infections install back trapdoors, spyware, or other malicious codes once they gain control of the target system.

Question 55

Script Kiddies

Answer 55

someone that has no real talent but can copy and paste borrowed code… deragatory term…

Still pose a threat… don’t understand ramifications…

Question 56

Service Oriented Architechture

Answer 56

SOE is an architecture and a vision on how heterogeneous application should be developed and inegrated in the enterprise

share a formal contract

loosely coupled abstraction composable

reusable

autonomous

standard operating stuff…

Question 57

Spiral Software Approach

Answer 57

combo of waterfall :stepping + circular nature of prototyping = spiral dev.

Pros:

High amount of risk analysis

good for large and mission critical projects

software is produced early in software life cycle.

Cons:

can be costly

risk analysis requires specific expertise

project’s success is highly dependent of the risk analysis phase.

not for smaller projects.

Question 58

trojan horse

Answer 58

Malicious code that masquerades as a harmless file. It usually performs a variety of actions, including key-logging, opening the computer to further attacks, destroying data or files, among others.

Question 59

Tuples

Answer 59

Rows…across in relational databases

Question 60

virus

Answer 60

spreads from computer to computer via attaching itself to other file…requires user input

Question 61

Waterfall Software Dev. Approach

Answer 61

a phased based approach

one step after another..

better for shorter lived projects.

Pros:

• each phase specific deliverables
• phases are processed and competed one at a time.
• best for small projects
• it reinfoces “define before design” and “design before code.

Cons:

• Adjusting scope during life cycle can kill a project
• no working software until late in the gem
• high risk, uncerainty
• poor model for long and ongoin projects
• poor model high probability of chance.

Question 62

Why is software unsecure

Answer 62

lack of training

lack of funding

no priortiztion of security

security as afterthought

Question 63

Worms

Answer 63

malicious code that spread around a network on its own. self-replicating

Question 64

XSS

Answer 64

takes advantage of trust of a website

cross site scripting…

not good input validation…

allows attacker to exectue scrips in the victim’s browser which can hijack user’s sessions.

Question 65

Insecure direct object references

Answer 65

defined as an authorized user or process which can invoke the internal functionality of the software by manipulating parameters and other object vales that directly refernce this functionality resulting it problems…

Question 66

sensitve data exposure

Answer 66

owasp 6

http vs https…etc.

Question 67

missing function level access control

Answer 67

changing parameters in url to gain access to information u should have access to.

Question 68

owasp 9 known vulnerablity component usage

Answer 68

components such as libraries frameworks and other software modules, almost alway run with full software priveleges.

don’t use old crappy code..

Question 69

owasp 10

Answer 69

unvalidated redirects and fowards

make sure we’re redirected in valid mannar…

Question 71

Defensive coding

Answer 71

proactive, secure coding intended to ensure the continueing function the softwarer under unforseen cicumstances:

Examples:

Input validation

Sanitization - more generic info for example/output sanitization

error handling - non verbose

safe API’s

concurrency - use file lockimg

tokenizing- replace sensitve data with unique id’s.

sandboxing apps.

anti-tampering- code signing/obfuscation

versioning

code analysis/code review

Question 72

Change Management

Answer 72

changes must be controlled there has to be a process.

should happen in a stuctural way.

make sure everything is documented..

Question 73

whitebox/clearbox testing

Answer 73

test has access to all the code.

Question 74

blackbox testing

Answer 74

Zero knowlege attack.

Question 75

fuzzing

Answer 75

fault injection to see if anything is successful

brute force of testing ….. challenges input validation.

buffer overflow error…etc.

Question 76

scanning

Answer 76

passive

map the enviornment

ident. server verions open ports and running services.

types:

Vulnerability scan

Content Scan

Privacy Scan - to detect privacy violations..

Question 77

Database Models

Answer 77

1. hierarchical - top down
2. distributed - DNS no single server
3. object oriented - re-usable and modular in nature.
4. relational database - sql, oracle, table/fields..etc.

Question 78

what condition is necessary on a web page for it to be used for a cross site scriptign attack

Answer 78

reflected-input