Lesson 11: Enhance Application Security Capabilities Flashcards
What secure protocols should be used for data transmission?
HTTPS, SMTPS, SFTP, FTPS, LDAPS, and DNSSEC.
Which protocols should be avoided due to insecurity?
Avoid insecure options (e.g., HTTP, Telnet) and implement encryption with industry-standard libraries.
What are the benefits of using TLS 1.2 and 1.3?
Modern TLS protocols (1.2 and 1.3) secure communications, replacing outdated SSL versions.
Cipher suites define encryption and hashing algorithms; TLS 1.3 simplifies this for enhanced security.
How does LDAPS secure directory services?
Use LDAPS (port 636) or LDAP with SASL and STARTTLS to secure directory access. It does this by encrypting LDAP traffic using TLS/SSL.
Block anonymous/simple authentication and apply access control policies to manage permissions.
What are examples of secure FTP alternatives?
SFTP: Uses SSH (port 22).
FTPS/FTPES: Secures data transfer using SSL/TLS.
How can email services be secured?
Secure email with SMTPS, POP3S, IMAPS, and protocols like:
SPF: Validates sender IP.
DKIM: Verifies email integrity.
DMARC: Ensures email authenticity and provides reporting.
What tools support DNS filtering?
Pi-hole and OpenDNS
They block malicious domains, while DNSSEC validates DNS responses and prevents spoofing/poisoning attacks.
What coding frameworks should you follow for secure development?
OWASP Top 10 and Microsoft SDL.
What are key secure coding practices?
Input Validation: Prevent injection attacks.
Static Code Analysis: Use tools like SonarQube or Fortify to identify vulnerabilities pre-deployment.
Code Signing: Digitally sign software to verify integrity and authenticity.
What are some web application protections?
Error Handling: Design exception handlers to avoid leaking sensitive information.
Memory Management: Prevent arbitrary code attacks by avoiding insecure practices.
Client/Server Validation: Use both client-side (quick checks) and server-side (secure, final validation).
What key practices harden cloud environments?
Encryption for data at rest/in transit.
Regular monitoring, audits, and penetration tests.
Role-based least privilege policies.
What are essential features of application monitoring and logging?
Generating meaningful logs for audits and incident response.
Real-time alerts for events like repeated login failures or unusual data transfers.
What does software sandboxing achieve?
Isolates running processes to minimize risks of malicious activity.
Examples include:
Browser Sandboxing: Separates browser tabs to protect against malicious code.
VMs & Containers: Provides isolated environments for applications.
What are examples of software sandboxing tools?
Cuckoo Sandbox: Executes and analyzes potential malware in isolated environments.
Joe Sandbox: Web-accessible sandbox using machine learning for analysis.
