Chapter 9- Security Vulnerabilities, Threats and Countermeasures Flashcards
- Explain Ultraviolet EPROMs (UVEPROMs):
UVEPROMs can be erased by light. After this is done, end users can burn new information into the UVEPROM as if it has never been programmed before.
- Explain Electronically Erasable Programmable Read-Only Memory (EEPROM).
Electronically Erasable Programmable Read-Only Memory (EEPROM) uses electronic voltages delivered to the pins of the chip to force erasure.
- Define Flash Memory
flash memory is a derivative concept from EEPROM.EEPROM must be fully erased to be rewritten whereas flash memory can be erased and written in blocks or pages.
- Explain Electronically Erasable Programmable Read-Only Memory (EEPROM).
Electronically Erasable Programmable Read-Only Memory (EEPROM) uses electronic voltages delivered to the pins of the chip to force erasure.
- Define Flash Memory
flash memory is a derivative concept from EEPROM.EEPROM must be fully erased to be rewritten whereas flash memory can be erased and written in blocks or pages
- Define Flash Memory
flash memory is a derivative concept from EEPROM.EEPROM must be fully erased to be rewritten whereas flash memory can be erased and written in blocks or pages
- A common type of flash is
NAND Flash.
- Uses of flash memory
Flash Memory is used in memory cards, thumb drives, mobile devices and SSD (Solid state drives)
- Explain Random Access Memory (RAM)
RAM is readable and writable memory that contains information a computer uses during processing. It I a temporary storage that losses data when powered off.
- Types of RAM
Real Memory, Cache RAM
- Explain Real Memory
Composed of a number of dynamic RAM chips, must be refreshed by the CPU on a periodic basis
- Explain Cache RAM
this involves the improvement of performance by taking data from slower devices and temporarily storing it on faster devices when repeated use is likely.
- Explain Real Memory
Composed of a number of dynamic RAM chips, must be refreshed by the CPU on a periodic basis
- Explain Cache RAM
this involves the improvement of performance by taking data from slower devices and temporarily storing it on faster devices when repeated use is likely.
- Explain Registers
this are limited amount of on board memory that are included on the CPU. It provides the CPU with directly accessible memory locations that the Arithmetic and Logical Unit (ALU) uses when performing calculations or processing instructions.
- Explain Memory Addressing
- Explain Memory Addressing: Memory Addressing occurs when using memory resources, the processor must have some means of referring to various locations in memory.
- List 5 addressing schemes
Memory Addressing Immediate Addressing Direct Addressing Indirect Register Addressing Base+Offset Addressing
- Define Register Addressing
when CPU needs information from one of its registers to complete an operation, it uses a register address
- Define immediate addressing
this is a way of referring to data that is supplied to the CPU as part of an instruction.
- Define Direct addressing
In Direct addressing the CPU is provided with an actual address of the memory location to access
- Define Indirect Addressing
For indirect addressing, memory address contains another memory address. The CPU reads the indirect address to learn the address where the desired data resides and then retrieves the actual operand from that address.
- Define Base+Offset Addressing
Base+Offset addressing uses a value stored in one of the CPU’s registers as the base location from which to begin counting.
- What is Secondary Memory:
Secondary Memory is a term commonly used to refer to magnetic, optical or flash-based media or other storage devices that contain data not immediately available to the CPU. It is cheap
- List some types of secondary memory
Hard disks Flash drives Optical media eg compact disks (CD) Digital Versatile Disks (DVD) Blu-ray Virtual Memory
- Explain Virtual Memory
Virtual Memory is a special type of memory that the OS manages to make look and act like real memory.
- The most common type of virtual memory is:
the pagefile
- Explain pagefile
Pagefile is a type of virtual memory. Most operating systems manage it as part of their memory management function
Explain Primary vs secondary storage
Primary memory means primary storage and refers to the RAM. Secondary storage consists of magnetic and optical media such as HDD, SSDs, flash drives, magnetic tapes, CDs, DVDs, flash memory cards, and the like.
- Explain the term volatility of memory
the volatility of storage refers to a measure of how likely it is to lose data when it is turned off. Devices designed to retain their data (such as magnetic media) are classified as non-volatile, whereas devices such as static or dynamic RAM modules, which are designed to lose their data, are classified as volatile.
- Define random access storage:
: the volatility of storage refers to a measure of how likely it is to lose data when it is turned off. Devices designed to retain their data (such as magnetic media) are classified as non-volatile, whereas devices such as static or dynamic RAM modules, which are designed to lose their data, are classified as volatile.
- Explain sequential storage devices
: the require that you read all the data physically stored prior to the desired location. E.g. magnetic tape, to provide access to the data stored in the middle of tape, the drive must physically scan through the entire tape until it reaches the desired point. It is slower than RAM, cheap and can hold massive data. Used for backup.
Explain Data Remanence:
data may remain on secondary storage devices even after it has been erased.
- Explain wear levelling
In SSDs wear levelling means that there are blocks of data that are not marked as live but that hold a copy the data when it was copied off to lower wear levelled blocks. Therefore traditional zero wipe is not effective for SSDs
- Disadvantage of secondary storage
Data may remain on the secondary storage
Secondary storage are prone to theft
Easy access to data
Unsure availability
Explain the risk posed to monitors
TEMPEST can compromise the security data displayed on a monitor. Cathode Ray Tube (CRT) monitors care prone to radiate significantly., Liquid Crystal Display (LCD) monitors leak much less
- Explain the compromise from TEMPEST
TEMPEST is a technology that allows the electronic emanations that every monitor produces (known as Van Eck radiation) to be read from a distance (this process is known as Van Eck phreaking) and even from another location. The technology is also used to protect against such activity
Explain Shoulder Surfing
Shoulder Surfing is a concept that someone can see what is on your screen with their eyes or video camera. It is a concern for desktop displays, notebook displays, tablets and mobile phones
- Explain the vulnerability around the use of printers
depending on physical security it may be possible to work out of a building with sensitive information
- How can you secure a printer
use of encrypted data transfer and authentication before printer interaction.
- Explain Keyboard/ Mice vulnerability
Keyboard and mice are vulnerable to TEMPEST monitoring, keyboards are vulnerable to less sophisticated bugging. A simple device can be placed inside a keyboard or along its connection cable to intercept all the keystrokes that take place and transmit them to a remote receiver using a radio signal. This has the same effect as TEMPEST monitoring but can be done with much less expensive gear. Additionally, if your keyboard and mouse are wireless, including Bluetooth, their radio signals can be intercepted
- Explain the vulnerability of using modems
Modems allow users to create uncontrolled access points into your network
- What is firmware
Firmware is a term that is used to describe the software that is stored in a ROM chip. This type of software hardly changes, and it drives the basic operation of a computing device.
- List 2 types of Firmware:
Firmware is a term that is used to describe the software that is stored in a ROM chip. This type of software hardly changes, and it drives the basic operation of a computing device.
- BIOS full name
Basic Input Output System
- What is BIOS
Basic Input Output System (BIOS) contains the operating system i.e. the independent primitive instructions that a computer needs to start up and load the operating system from disk. In most computers, BIOS is stored on the EEPROM chip to facilitate version updates
- Explain the term flashing the BIOS
this is the process of updating the BIOS.
What is phlashing
phlashing is an attack in which a malicious variation of official BIOS or firmware is installed that introduces remote control or other malicious features into a device
- What do you understand by UEFI
Unified Extensible Firmware Interface (UEFI) hav replaced traditional BIOS. It is a more advance interface between hardware and the operating system which maintains support for legacy BIOS services.
- What is client-based vulnerability
Client based vulnerability place the user, their data and their system at risk of compromise or destruction. A client-side or client-focused attack is one where the client itself, or a process on the client, is the target
- What are applets
Applets are code objects sent from server to client to perform some actions. They execute independently of the server that sent them
- Two types of applets are
Java applets and ActiveX Controls
- What are Java Applets
Java is a platform-independent programming language developed by Sun Microsystems (now owned by Oracle). Most programming languages use compilers that require the use of multiple compilers to produce different versions of a single application for each platform it must support. Java overcomes this limitation by inserting the Java Virtual Machine (JVM) into the picture.
- What are ActiveX Controls
Active X controls are Microsoft’s answer to Sun’s java Applets. hey are implemented using a variety of languages, including Visual Basic, C, C++, and Java. There are two key distinctions between Java applets and ActiveX controls. First, ActiveX controls use proprietary Microsoft technology and, therefore, can execute only on systems running Microsoft browsers. Second, ActiveX controls are not subject to the sandbox restrictions placed on Java applets.
- What are local caches
Local cache is anything that is temporarily stored on the client for future reuse.
- List some local cache on a client
Address Resolution Protocol (ARP) cache, Domain Name System (DNS) cache, and internet files cache.
- What is ARP cache Poisoning
This is caused by an attack responding to Address Resolution Protocol (ARP) broadcast queries in order to send back falsified replies. If the false reply is received by the client before the valid reply, then the false reply is used to populate the ARP cache and the valid reply is discarded as being outside an open query.
- What is data flow
Data Flow is the movement of data between processes, devices, across a network or over communications channels
- List the advantages of management of data flows
efficient transmission with minimal delays or latency. Ensures reliable output using hashing and confidentiality protection with Encryption. Helps prevent overload of traffic that causes denial of service.
- What are load balancers used for
? Load balancers are used to spread or distribute network traffic load across several network links or network devices. It may be used to provide more control over data flow. To obtain more optimal infrastructure utilization, minimize response time, maximize throughput (output), reduce overloading and eliminate bottlenecks.
- Load Balancing techniques to perform load distribution are:
random choice, preferencing, round robin and load/utilization monitoring.
- Disadvantage of Data Load Balancing:
Denial of service attack is a severe detriment to data flow control.
- What is aggregation:
SQL provides a number of functions to combine records from one or more table to provide potentially useful information.
- Explain the security vulnerability of aggregation:
Aggregation attacks are used to collect numerous low level security items or low value items and combine them to create something of a high security level or value. For this reason, it’s especially important for database security administrators to strictly control access to aggregate functions and adequately assess the potential information they may reveal to unauthorized individuals.
- What is Inference
Inference attacks involve the combining of several pieces of non sensitive information to gain access to information that should be classified at a higher level. Inference makes use of the human mind’s deductive capacity rather than the raw mathematical ability of modern database platforms.
What is data dictionary
Data Dictionary is commonly used for storing critical information about data, including usage, type sources and relationships and format.
The Database Management System software reds the data dictionary to determine access rights for users attempting to access data.
- Explain Data Mining
Data Mining Techniques allow analysts to comb through data warehouses and look for potential correlated information. Data Mining techniques result in the development of data models that can be used to predict future activity.
- What is metadata
The activity of data mining produces metadata. Metadata is data about data or information about data. Metadata from a data mining operation is a concentration of data. It can also be a superset, a subset, or a representation of a larger dataset.
- What is an incident report
Incident report is metadata extracted from a data warehouse of audit logs through the use of a security auditing data mining tool.
- What is of a greater value or sensitivity (due to disclosure) than the bulk of the data in the warehouse?
Metadata
- What is data mart?
This a secure container used to store metadata.
- Define Data Analytics
Data Analytics is the science of raw data examination with the focus of extracting useful information out of the bulk information set.
- What is big data
Big Data refers to the collection of data that is so large that the traditional means of analysis or processing are ineffective, inefficient and insufficient
- List the challenges of big data
collection, storage, analysis, mining, transfer, distribution and results presentation
- What are parallel data systems or parallel computing
parallel data systems or parallel computing is a computation system designed to perform numerous calculations simultaneously.
- What is asymmetric multiprocessing
Asymmetric multiprocessing occurs when processors operate independently of each other.
- What is symmetric processing
symmetric multiprocessing occurs when the processors share a common OS and memory. The collective processors also work collectively on a single task, code or project
- What is Massive Parallel Processing (MPP):
Massive Parallel Processing (MPP) is a variation on AMP, where numerous Symmetric multiprocessing systems are linked together to work on a single primary task across multiple processes in multiple linked systems.
- What is distributed system
the concept of client-server network is also known as distributed system or distributed architecture
- What is defence in depth
this is the use of multiple types of access controls in lateral or theoretical concentric circles
- What is monolithic security
A monolithic or fortress mentality is the belief that a single security mechanism is all that is required to provide sufficient security
- What is cloud computing
cloud computing is a concept of computing where processing and storage are performed elsewhere over a network rather than locally. Cloud computing is a natural extension and evolution of virtualization, the internet, distributed architecture, and the need for ubiquitous access to data and resources
- Cloud based computing is also known as
remote computing and remote virtualisation
- Disadvantages of cloud computing
Privacy concerns, regulation compliance difficulties, use of open versus closed-source options, adoption of open standards and security of data stored.
- What is hypervisor
Hypervisor is also known as Virtual Machine Monitor (VMM), is a component of virtualisation that creates, manages, and operates virtual machines
- The computer running the hypervisor is known as
the host OS
- The OSs running within a hypervisor supported virtual machine is known as
guest OS.
- Explain Type I hypervisor
there is no host OS, hypervisor installs directly onto hardware here the OS would normally reside. Type 1 hypervisors are often used to support server virtualization.
- Explain Type II hypervisor
this is a hosted hypervisor. In this configuration the standard OS is present on the hardware, and then the hypervisor is installed as another software application. E.g. guest OSs offer safe sandbox
- What is elasticity (cloud):
Elasticity refers to the flexibility of virtualization and cloud solutions to expand or contract based on need.
- What is Host Elasticity
Host Elasticity means that additional hardware hosts can be booted when needed and then used to distribute the workload of the virtualized services over the newly available capacity
- Explain Platform as a Service
computing platform is an environment in which a piece of software is executed. It may be hw or OS or even a web browser. Platform as a Service (PaaS) is the concept of providing a computing platform and service solution stack as a virtual or cloud based service
- Advantage of PaaS
avoidance of having to purchase and maintain a high end hardware and software locally
- Explain Software as a service (SaaS):
SaaS provides on demand online access to specific software applications or suites without the need for local installation. SaaS can be implemented as a subscription service (for example, Microsoft Office 365), a pay-as-you-go service, or a free service (for example, Google Docs).
- Explain On Premise Solution:
: this is the traditional deployment concept in which the organisation owns the hardware, licenses the software, operates and maintains the systems on its own usually in their own building
- Explain Hosted Solution
Hosted solution is a deployment concept where the organization must license software and then operates and maintains the software. The hosting provider owns, operates, and maintains the hardware that supports the organization’s software.
- What is a cloud solution
cloud solution is a deployment where an organisation contracts with a third party cloud provider. The cloud provider owns, operates and maintains the hardware and software
- List some cloud deployment options
Private, Public, Hybrid and Community.
- What is private cloud
a private cloud is a cloud service within a corporate network and isolated from the internet. It is for internal use only
- What is a virtual private cloud
virtual private cloud is a service offered by the public cloud provider that provides an isolated subsection of a public or external cloud for exclusive use or by an organisation internally
- What is public cloud
this is accessible to the general public, typically over an internet connection. It may involve pay as you use or subscription
- What do you understand by hybrid cloud
Hybrid Cloud is a mixture of private and public cloud components.
- What do you understand by community cloud:
community cloud is a cloud environment maintained, used and paid for by a group of users or organisations doe their shared benefit, such as collaboration and data exchange
- Advantages of cloud solutions
cloud solutions often have a lower up front cost, lower maintenance costs, vendor maintained security
- What are snapshots:
snapshots are backups of virtual machines. They offer quick means to recover from errors or poor updates
- Explain security management of cloud
virtualisation does not lessen the security management of OS. Therefore, patch management is essential. Virtualized OS can be tested in the same way as hardware installed Oss and vulnerability assessments and penetration testing can also be done.
- What is Cloud Access Security Broker (CASB)?
Cloud Access Security Broker (CASB) is a security enforcement solution that may be installed on-premises or it may be cloud based. The goal of the CASB is to enforce and ensure that proper security measures are implemented between a cloud solution and a customer organisation.
- What is SECaaS?
Security as a Service (SECaaS) is a cloud provider concept in which security is provided to an organisation through or by an online entity. SECaaS often implement software-only security components that do not need dedicated on-premises hardware.
What is Infrastructure as a service (IaaS)
is a type of cloud computing service that offers essential compute, storage, and networking resources on demand, on a pay-as-you-go basis. It includes virtualisations, servers, storage and networking
- SECaaS security products can be:
authentication, authorisation, auditing/accounting, anti-malware, intrusion detection, compliance and vulnerability scanning, penetration testing and security event management.
- What is grid computing?
Grid Computing is a form of parallel distributed processing that loosely groups a significant number of processing nodes to work towards a specific processing goal.
- What is Peer-to-Peer (P2P):
Peer-to-Peer technologies are networking and distributed application solution that share tasks and workloads among peers. e.g. VoIP services like skype, Spotify etc.
- What is the Internet of Things (IoT):
Internet of Things involve smart devices that are internet connected in order to provide automation, remote control, or AI processing to traditional or new appliances or devices in a home or office setting.
What are Industrial Control Systems (ICS)?
Industrial Control Systems is a form of computer management device that controls industrial processes and machines.
- Industrial Control Systems are used across a wide range of industries name them: manufacturing, electricity generation and distribution, water distribution, sewage processing and oil refining.
- List some forms of Industrial Control Systems (ICS):
Distribution Control Systems (DCS), Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA)
- What are Distribution Control Systems (DCS)?
Distribution control Systems are found in industrial process plans where the need to gather data and implement control over a large scale environment from a single location is essential.
- What are Programmable Logic Controllers (PLCs):
Programmable Logic Controllers (PLCs) are single purpose or focused purpose digital computers. they are deployed for the management and automation of various industrial electro-mechanical operations. E.g. giant display system in a stadium.
- What are SCADA
Supervisory Control and Data Acquisition (SCADA) systems can operate as a stand-alone device, networked with other SCADA Systems or networked with traditional information technology (IT) systems. They are designed with minimal human interfaces.
- What is OWASP
Open Web Application Security Project (OWASP) is a non profit security project focussing on improving security for online or web-based applications. It is a large community that works together to freely share information, methodology, tools and techniques related to better coding practices and more secure deployment architectures.
- What is injection attack?
Injection Attack is any exploitation that allows an attacker to submit code to a target system in order to modify its operations and or poison and corrupt its dataset.
- What are SQL injection attacks?
SQL injection attacks use unexpected input to alter or compromise a web application. They are used to gain unauthorised access to an underlying database and related assets
- List ways prevent SQL injection attacks:
SQL injection attacks use unexpected input to alter or compromise a web application. They are used to gain unauthorised access to an underlying database and related assets
- List ways prevent SQL injection attacks
Performing input validation and limiting account privileges.
- Describe Lightweight Directory Access Protocol (LDAP) injection
Lightweight Directory Access Protocol (LDAP) injection is a variation of an input injection attack, the focus is on the back end of an LDAP directory service rather than the database server. Just as with SQL injection, sanitization of input and defensive coding are essential to eliminate this threat.
- Explain XML injection
XML injection is another variant of SQL injection, where the backend target is an XML application
- What is XML exploitation
XML exploitation is a form of attack that is used either to falsify an information being sent to a visitor or cause their system to give up information without authorisation
- What is Security Association Markup Language (SAML):
Security Association Markup Language is an XML based convention for the organisation and exchange of communication authentication and authorization details between security domains, often over web protocols.
- What is used to provide single sign own?
SAML i.e. Security Association Markup Language.
- What is Cross-site scripting (XSS)
Cross-site scripting (XSS) this is a form of malicious code-injection attack in which an attacker is able to compromise a web server and inject their own malicious code into the content sent to other visitors
- Defences against Cross Site Scripting (XSS) for admin of websites:
maintaining a patched server,
using web application firewalls,
operating Host-based Intrusion Detection Systems (HIDS),
performing server-side input validation and auditing for suspicious activities.
- Server-side Input Validation involves:
server-side input validation for length, malicious content and metacharacter filtering
- How to avoid XSS as a web user:
keeping system patched, running antivirus software and avoiding nonmainstream websites. There are addons that allow only scripts of your choosing to be executed e.g. NoScript for Firefox and uBlock for Chrome.
- What is Cross-site Request Forgery (XSRF)
the main purpose of XSRF is to trick the user or the user’s browser into performing actions they had not intended or would not have authorised. This could include logging out of a session, uploading a site cookie, changing account information, downloading account details, making a purchase, and so on.
- List some measures that Website administrators can use to prevent Cross-site Request Forgery (XSRF):
request to re-enter passwords, sending text to user via email or phone or solving a Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) Another potential protection mechanism is to add a randomization string (called a nonce) to each URL request and session establishment and to check the client HTTP request header referrer for spoofing.
- List vulnerabilities of android
exposure to malicious apps, running scripts from malicious websites, allowing insecure data transmissions
- PEDs means
Portable Electronic Devices.
- Explain Remote Wiping
remote wipe allows the deletion of all data and even configuration settings from a device remotely. It Is not a guarantee of data security as it is a deletion operation that can be undeleted. To ensure that remote wipe destroys data beyond recovery, the devise should be encrypted.
- What is application control:
Application control is a device management solution that limits the applications that can be installed on a device
- What is storage segmentation
Storage Segmentation is used to artificially compartmentalize various types or values of data on a storage medium. E.g. device management systems may be used to separate company data from user data and apps.
- What is Mobile Device management (MDM)?
- Mobile Device management (MDM)is a software solution to the challenging task of managing mobile devices that employees use to access company devices
- What are the goals of Mobile Device Management
Mobile Device Management can be used to push or remove apps, manage data, enforce configuration settings both over the air and wifi connections. It can be used to manage company and personally owned devices (BYOD).
- Best option for key storage is
use of removable hardware or use of Trusted Platform Module (TPM).
- What is credential management?
Credential Management refers to the storage of credentials in a central location. Some credential management options can provide, auto login options for apps and websites.
- List mobile authentication ways:
use a password, provide a personal identification number (PIN), offer your eyeball or face for recognition, scan your fingerprint, or use a proximity device such as an Near Field Communication (NFC) or Radio Frequency Identification (RFID) ring or tile.
- What is geotagging
Geotagging is a mobile devices with GPS support that enable the embedding of geographical location in the form of latitude and longitude as well as date or time and information on photos taken with these devices.
- What is encryption?
Encryption id a protection against unauthorised access to data, whether in storage or transit.
- What is encryption
Encryption id a protection against unauthorised access to data, whether in storage or transit.
- What is application whitelisting?
Application whitelisting is a security option that prohibits unauthorized software from being able to execute.
- What are other names for whitelisting: whitelisting is also known as implicit deny or deny by default.
whitelisting is also known as implicit deny or deny by default.
- Explain BYOD
Bring Your Own Device (BYOD) is a policy that allows employees to bring their own mobile devices into work and use those devices to connect to the business network, business resources or the internet.
- List other alternatives to BYOD
Company Owned Personally Enabled (COPE), Choose Your Own Device (CYOD)
- Explain Virtual Mobile Infrastructure
Virtual Mobile Infrastructure (VMI) occurs when the operating system of a mobile device in virtualized on a central server.
- Explain Mobile Onboarding
: Mobile Onboarding includes installing security, management and productivity apps along with implementing secure and productive configuration settings.
- What is an embedded system
An Embedded System is a computer implemented as part of a larger system.
- List some embedded systems
network attached printers, smart TVs, HCAC controls, smart thermostats, smart appliances, driver assist etc
- What are static environments
Static Environment is a set of conditions, events and surroundings that don’t change. They are applications OSs, hardware sets or networks that are configured for a specific need, capability or function
- What are cyber physical systems
cyber physical systems are devices that offer a computational means to control something in the physical world they are key elements in robotics and sensor networks. E.g. collision avoidance vehicles, air traffic control etc.
- What is IoT?
Internet of Things (IoT) is a collection of devices that can communicate over the internet with one another or with a control console in other to affect and monitor the real world
- Examples of static systems
Internet of Things (IoT) is a collection of devices that can communicate over the internet with one another or with a control console in other to affect and monitor the real world.
- What is network segmentation:
Network Segmentation involves controlling traffic among networked devices.
- What is Complete or Physical Network Segmentation
Complete or Physical Network Segmentation occurs when a network is isolated from all outside communications or transactions only.
- How can you impose logical network segmentation?
Logical network segmentation can be imposed through the use Virtual Local Area Networks (VLANs) or through other traffic control means.
- What is security Layers
security layers exists where devices with different level of classification or sensitivity are grouped together and isolated from other groups with different levels. Logical Isolation involves the use of classification Labels on data and packets which must be respected and enforced by network management. Physical segmentation involves the use of air gaps between networks of different security levels.
- What is application firewall?
Application firewall is a device, server add on, virtual service or system filter that defines a strict set of communication rules.
- What is network firewall?
Network Firewall is a hardware device, typically called an appliance, designed for general network filtering
- What are manual updates?
Manual updates should be used in a static environment to ensure that only tested and authorised changes are implemented.
- What are wrappers
Wrappers are used to enclose or contain something else. Wrappers are well known in the security community in relation to Trojan horse malware. A wrapper of this sort is used to combine a benign host with a malicious payload.
- What is abstraction?
Abstraction says that users of an object don’t necessarily know how the object works they need to know just the proper syntax for using the object and the type of data that will be returned as a result. E.g. classes
- What is data hiding?
Data Hiding ensures that data existing at one level of security is not visible to processes running at diff security levels. i.e. need to know.
- What is process isolation:
Process Isolation requires that the system provide separate memory spaces for each process’s instruction and data. It also requires that the operating system enforce those boundaries, preventing one process from reading or writing data that belongs to another process.
- Advantages of process isolation
it prevents unauthorised access, it protects the integrity of processes.
- What is hardware segmentation?
Hardware segmentation enforces requirements through the use of physical hardware controls rather than logical process isolation controls imposed by the operating system
- What is the principle of least privilege
when designing operating processes, you should ensure that they run in user mode whenever possible. The greater the number of processes that execute in privileged mode, the higher the number of potential vulnerabilities that a malicious individual could exploit to gain supervisory access to the system.
- Principle of separation of privilege
this requires the use of granular access permissions, that is diff permissions for each type of privileged operation
- Explain Accountability
Accountability is an essential component in any security design.it involves ability to monitor activities and interactions with system resources and configuration data and to protect resulting logs from unwanted access or alteration so that .
- Explain covert channel:
Covert channel is a method that is used to pass information over a path that is not commonly used for communication
What is covert timing channel
covert timing channel conveys information by altering the performance of a system component or modifying a resource’s timing in a predictable.
- What is covert storage channel
covert storage channel conveys information by writing data to a common storage area where another process can read it.
- What is buffer overflow
this violation occurs when programmers fail to validate input data sufficiently, particularly when they do not impose a limit on the amount of data their software will accept as input.
- What are maintenance hooks
These are entry points into a system that are known only by the developer of the system. They are also known as back doors
- What is data diddling
this occurs when an attacker gains access to a system and makes small, random or incremental changes to data during storage, processing, input, output or transaction rather than obviously altering file contents
- How can data diddling be detected?
Such changes can be difficult to detect unless files and data are protected by encryption or unless some kind of integrity check (such as a checksum or message digest) is routinely performed and applied each time a file is read or written. Encrypted file systems, file-level encryption techniques, or some form of file monitoring (which includes integrity checks like those performed by applications such as Tripwire and other file integrity monitoring [FIM] tools).
- What is salami attack?
Salami attack is the systemic whittling of assets in accounts or other records with financial value, where small amounts are deducted from balances regularly and routinely.
- How can salami attacks be avoided
Salami attacks can be avoided through proper separation of duties and controls.
- List some security flaws of programming
buffer overflow, any program must be able to handle exception.
- What is Time of Check (TOC)?
Time of check (TOC) is the time at which the subject checks the status of the object.
- What is time of use (TOU):
Time of Use (TOU) when the decision is made to access the object, the procedure accesses it at the time of use (TOU).
- What are race conditions:
race conditions are situations where the attacker is racing with the legitimate process to replace the object before it is used.
- What is service oriented architecture
Service Oriented Architecture (SOA) constructs new applications or functions out of existing but separate and distinct software services.
- How to eliminate electromagnetic radiation interception
electromagnetic radiation interception can be eliminated by reducing emanation through cable shielding or conduit and block unauthorised personnel and devices from getting close to the equipment or cabling by applying physical security controls. TEMPEST Technology can provide protection against EM radiation eavesdropping. These include Faraday cags, jamming or noise generators and control zones.
- What is Faraday Cage:
: Faraday Cage is a special enclosure that acts as an EM capacitor.
a
a
a
a
a
a
a
a
a
a
