Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Forensics > Multi-Tier Application > Flashcards

Multi-Tier Application Flashcards

1
Q

Multi-Tier Applications Layers

A

Presentation Layer
Application Layer
Data Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Servers and services require:

A 
Health monitoring and reporting
● Traffic monitoring
● Log export, centralization and review
● Backup
● Connection pooling
● Load balancing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is included in Presentation Tier:

a) Networking Traffic, IDS, IPS, Firewall, Network Hardware
b) Caching Server / Reverse Proxy Logs and Activity
c) Web Application Firewall (WAF) Logs
d) Web Server logs
e) All of the above

A

e)All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Learn your HTTP status codes!

1XX=?

A

Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Learn your HTTP status codes!

2XX=?

A

Success

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Learn your HTTP status codes!

3XX=?

A

Redirection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Learn your HTTP status codes!

4XX=?

A

Client Error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Learn your HTTP status codes!

5XX=?

A

Error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Can JS(front-end)send details to log?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

why do Application Tier logging:

a) Audit the business policy surrounding the app logic;
b) Ensure database integrity;
c) debug problems;
d) Monitor activities;
e) provide a more complete picture for an investigation;

A

a,c,e

  • Look for security events at the application level
  • Audit the business policy surrounding the app logic
  • Determine and monitor baselines
  • Debug problems
  • Provide a more complete picture for an investigation
  • Detect attacks and mitigate app exploitation
  • Monitor performance & compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How many login standards are there?

A 
4
• CLFS: Common Log File System
• CEF: Common Event Format
• CEE: Common Event Expression
• ELFF: Extended Log File Format
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What info to log:

When

A

TImestamp

Sequence number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What info to log:

Who

A

Source IP

User identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What info to log:

Where

A
  • Application identifier
  • Application server IP
  • Service/protocol involved
  • Geolocation
  • Application entry point (url, http method, etc)
  • Code location if possible
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What info to log:

What

A 
Type of event
• Severity (numeric?)
• Description
• Result/actions taken?
• Reason?
• Request headers and http status codes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What kind of info cant be included in the log?

A 
Sensitive data  (password, authentication
tokens, credit card numbers, personal data, encryption keys, etc)
17
Q

Where to Log info:

a) Local file system
b) Remote file system
c) Database

A

Local file system
• Log to a separate partition where possible
• Enforce strict permissions
• Don’t publically expose the logs (ie. Not in the web directory)
Remote file system
• Follow the same guidelines as local file system above
• Use a secure means of log transport (ie. Encrypt the transfer)
Database
• Create an account just for logging
• Enforce strict role-based permissions on the logging table

Forensics (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions