Domain Three: Architecture and Design Flashcards
What are the four main element of code quality and testing ?
Code Analysis, Stress Testing, Model Verification, Version Control
What are the two types of code analysis ?
Dynamic and Static
What is dynamic code analysis ?
Testing during execution by feeding inputs into the application
Fuzzing is a method of dynamic analysis in which a brute force test method is used to detect input and validation issues or vulnerabilities in the system
What is static code analysis ?
Involves examining the code without execution
What is model verification ?
Making sure that the systems does what it is intended to do in an expected manner. Do interdependencies with other functions and apps also behave as expected.
What is stress testing ?
Testing the app for performance bottlenecks under normal conditions. Load testing is the testing under peak conditions over and above stress testing.
What are embedded systems ?
Embedded systems are those that are incorporated into other systems examples are Smart TVs and Washing Machines.
Describe IOT/Smart Devices ?
These are characterised by remote control of the system at hand. You can think of home automation and fitness sensors as being prime examples of this.
During the course of the history of IOT functionality over security was very much the design pattern and it now should be considering that they have access to our biometric data.
What is the problem in terms of security with printers and MFD devices ?
Printers and MFDs are hackable. Printers communicate to servers and computers in a bidirectional manner taking jobs, queuing them and then sending back outcome notifications.
It is perfectly feasible that these devices can send malware back to the server especially as all to often they have been designed for functionality first and security was an afterthought.
What are real time operating systems ?
Characterised by not queuing data and events but operating on them as soon as they arrive. Think of a robot arm in a car assembly plant. The biggest security risk is something interrupting the timing and this often means that they are difficult to take offline to patch and update which in turn increases the security risk.
What are SCADA systems ?
Supervisory Control and Data Acquisition - These systems usually are part of another system that has a physical aspect to them an example being traffic lights.
Traditionally these systems were separated and air gapped so that the only access to them was via external media but they are increasingly becoming connected which has meant a greater security attack surface.
What are the issues of Aircraft and security ?
Physical buttons, switches, gauges etc are replaced with digital devices such as touch screens.
What are the issues of security with Medical devices ?
Often overlooked but these are critical and have to be re-certified everytime they are updated.
What are the issues with unmanned vehicles ?
Popular with military controlled over network connection which makes it an attractive target for hacking.
What are the security issues we should be aware of with vehicles ?
Vehicles are coming with more and more hackable technology.
What is system on a chip ?
These are systems where the software and hardware instructions are all governed from a single chip. Computers are multi chip systems.
What are the uses of benchmarks ?
These are usually guides on the best practice for configuring systems and components.
CIS (Centre for Internet Security)
What are the three ways of implementing defence in depth ?
There are three ways to implement
Vendor Diversity - For example having both windows and linux devices
Control Diversity - Administration controls such as policies and risk assessments and technical controls such as firewalls and IDS/IPS
User Training - Policy and procedure awareness.
Give an example of a non regulatory framework ?
NIST
Give some examples of Physical security controls ?
Lighting - Important to give visibility of action
Signs - Demarcates dangerous or high security areas
Alarms - Warnings
Barricades - Protection of areas
Fencing - Physical around area Cage - Indoor fencing Gate - monitoring on entrance to cage
Bollard - Simple Barricade
Mantraps - Effective against tailgating
Faraday Cages - Used to stop emi
TEMPEST - DoD program to emi and eavesdropping
CCTV - Should be on separate network so they dont provide an entrance to corporate network
Physical Security Logs - Should be taken
Bump Key Resistant Locks - Bump keys are those where the notches are deeply cut allowing an attacker to force the key into the lock and open it
HVAC - Heating, Ventilation, air con
Hot aisles and cold aisles can be used to maintain a data centre temp
Fire suppression systems - dont prevent fires but limit damage
Describe RAID 0
Striped Disks - Data is spread across multiple disks which increases speed but not redundancy
Describe RAID 1
Mirrored Disks - Data is copied from one disk to another. If the disk is lost we dont lose the data. This is more expensive than other methods.
Describe RAID 5
Block Striped with Error check - Most commonly used stripes data and parity checks across multiple drives; increased reliability and speed
Describe RAID 10
Stripe of Mirrors - combines striping and mirroring
What are distributive allocations ?
This is the mechanisms by which load is distributed across redundant resources. If the resources are servers then distributive load is the method that allocates work to those servers.
If the resource is data then geographical locations can be used as a means of distribution.
What is redundancy ?
Redundancy is the use of multiple independent elements to perform critical functions
This can be done through multiple servers, connections or even ISPs and many organisations maintain a supply of spare parts to readily repair any failed hardware components.
Describe high availability and fault tolerance ?
High Availability is the maintaining of a systems availability through an unusual event by the use of a hot systems.
Fault Tolerance is the maintaining of a systems availability during an non critical event by the use of a warm system. The event is non critical because we should have built enough redundancy in the system to cover a foreseen eventuality such as a disk failure,
What are the benefits of automation ?
Cuts down risks due to using humans. Releases operations team members back from routing tasks.
Continuous Monitoring can be used to automatically respond to certain events
Continuous validation - automated testing to resolve issues with configuration management
What is elasticity and scalability ?
Scalability is the ability of the system to accommodate larger loads just by adding resources either making hardware stronger (scale up) or adding additional nodes (scale out).
Elasticity is the ability to fit the resources needed to cope with loads dynamically usually in relation to scale out. So that when the load increases you scale by adding more resources and when demand wanes you shrink back and remove unneeded resources. Elasticity is mostly important in Cloud environments where you pay-per-use and don’t want to pay for resources you do not currently need on the one hand, and want to meet rising demand when needed on the other hand.
What is the concept of non persistence ?
These are machine images that changes are made to but are not expected to persists. Ephemeral storage is a good example.
Snapshots are the point in time backups of VMs
Rollback to known configuration - Microsoft term for rolling back to last known registry configuration that was saved by OS
Live Boot Media - USBs that have a bootable OS on them
What are templates and master images ?
Templates can be used to create master images of machine instances. You can use automation for post configuration task such as IP addresses, licensing and instance specific configuration.
Describe the two software development lifecycles ?
Agile vs Waterfall,
There are two forms of Agile - Scrum and XP or extreme programming
Scrum has a 30 day sprint and a product backlog. Its crucial that developers know secure coding practices.
XP has a more flexible definition of a sprint and there is a greater emphasis on user acceptance testing to create incremental advances.
What is the reasoning around code re-use ?
We should aim to re-use code where possible and remove dead code as it can be a security risk.
What is code signing ?
This is using PKI to digitally sign a code download in order to verify its source and integrity. A trusted CA should be used.
What is data exposure ?
Data at rest and in transit should always be protected.
What are the rules around encryption ?
Use the most up to date algorithms, dont craft your own.
What is the rule around memory management ?
Memory should be reclaimed after use and appropriate values should be assigned to variable types.
What is obfuscation ?
Is hiding element such as code or data items so if they are leaked hackers cant make use of them.
Code obfuscation is sometimes frowned upon.
What are the rules around proper error handling ?
Information when an application errors should never be relayed back to a user as it can be used against the system by a hacker. The main challenge is where to store the information. The ideal location is an acl controlled log file.
Why use proper input handling ?
We should use proper input validation to make sure that malicious users cant inject values and code into our applications that could cause a security issue.
All input should be viewed as hostile.
Proper input validation will mitigate the following attacks
Buffer Overflows
Cross Site Scripting
Cross Site Request Forgeries
Injection Attacks
Normalisation is the process of checking inputs and formatting them to be of the correct format - Postcodes, email, social security numbers.
Where should we implement checks server or client ?
Both are ideal but because we cant be sure of the client environment we must always have server side validation and checking. We should always distrust anything coming from the client and validate it on the server side.
Why use stored procedures ?
Stored Procedures on a database are preferred to dynamic queries sent from the application layer as they have a specific name and input structure and dont reveal the inner workings of the database as dynamic queries do.
This technique prevents sql injection attacks.
What is secure devops ?
Secure DevOps is about making sure that within the devops environment security has a first order place.
Automation of highly repetitive tasks releases workers to concentrate on more high value work.
Examples of automation are static code analysis and vulnerability scanning
Immutable Systems (Cattle) vs Pets
Describe the traditional four environment types ?
Dev, test, staging and prod
What is sandboxing ?
Can be done for whole environment down to applications running on your phone. The idea is to provide security through isolation.
What is emi/emp ?
EMI is electrical interference and EMP is a pulse of that interference and this can damage or prevent the operation of the affected device. Mitigated by the use of shielded cables and grounded circuits.
What is HSM ?
Generate and store keys, can connect via usb and can be used as a means to authenticate and encrypt and apply digital signatures as well.
What is secure boot ?
Malware targeting drivers present a problem because they get loaded before security tools and therefore can be missed. Secure boot only allows drivers signed and vetted to be installed.
What is a trusted platform module ?
Trusted Platform Modules are chips on the motherboard to create and store keys. The TPM hashes sections of the hardware, firmware and software and on the next run compares the new hash against the previous to see if anything has changed if it has it may prevent authentication.
TPM are not accessible via the normal channels so cannot be interfered with.
What is bios ?
UEFI and BIOS its older counterpart are the firmware that aids interoperability between the OS and hardware. UEFI is more recent and more secure.
Stored in non volatile memory so survives the powering down of the device.
What arethe different types of OS ?
Networking OS - That which runs on networking hardware such as routers
Server OS - Runs as an interface between hardware and applications normally doesnt have a gui
Workstation OS - GUI
Appliances - Machines dedicated to one task only
Kiosks - Standalone machines that allow some limited functionality
Mobile Operating Systems - Streamlined for mobile devices.
Describe virtualisation ?
Virtualisation is the ability to run distinct os separately on one machine
Type 1 - Hardware faster than type 2 alternative
Type 2 - Software easier to get up and running
Containerisations/Application Cells
Less overhead than virtualisation as it doesnt clone an entire copy of the os.
VM Sprawl is where we lose control over the amount of VMs that are being created and this can happen because it is just easy to spin up VMs. There should be proper policies and procedures in place to control VM sprawl.
VM escape is where an attack escapes the confines of a VM to attack the base operating system. We should have the same controls on these systems as others. IDP/IDS
When designing a network what are the major design considerations ?
Device Placement, Security Zones, Failure Modes, Connectivity