OO Threat Modelling (PPT 8.5)

Question 1

How should we approach security?

Answer 1

• Identify valuable assets
• Look at how it could be compromised
• Loom at how to mitigate threats

Question 2

What is threat modelling?

Answer 2

It is a structured approach to address the security of an application

Question 3

Why do we do threat modelling?

Answer 3

• To prevent embarrassing and costly security features
• Raises the profile of security early on, such as communication, early and ongoing tests and can expose problems early
• Deliver better (more secure) products

Question 4

What are some common threats?

Answer 4

• Denial of service
• SQL injection
• Cross-site scripting (XSS)
• Buffer overflows/ memory compromises
• Error-handling
• Spoofing
• Tampering
• Web server config issues
• Infrastructure issues

Question 5

What is Denial of Service?

Answer 5

This is flooding a system with data or requests to slow it down. Can be used as a distraction but often used as a ransom

Question 6

How do we prevent a DoS attack?

Answer 6

• Front end hardware to filter and analyse traffic
• Resource limits/allocations to throttle requests
• Blocking source IP addresses
• SYN cookies (prevents users from leaving a connection half open)

Question 7

What is a SQL Injection?

Answer 7

Injecting malicious code/scripts into a webpage

Question 8

How do we prevent SQL injection attacks?

Answer 8

-Validation
-Don’t trust user input
-Validate, don’t sanitise
Validate = reject input
Sanitise = remove malicious characters

Question 9

What is Cross Site Scripting?

Answer 9

Injecting malicious code, similar to SQL injection, but it is served up to a legitimate user and may direct them to malicious sites, etc

Question 10

What is a buffer overflow?

Answer 10

Force memory overflows in a running application to crash or compromise it

Question 11

What is poor error handling?

Answer 11

Hackers may force errors on your website, this may cause information to display which is sensitive and shouldn’t be viewed.

Question 12

What are web server config issues?

Answer 12

• Out of date software
• Configuration files storing plain text passwords
• Guest accounts not disabled
• File system no restricted

Question 13

What is spoofing?

Answer 13

When something is pretending to be something else, e.g. fake website
Could be
-user
-website
-files

Question 14

How do we prevent spoofing?

Answer 14

Users

• Authentication and validation and strong password policies
• Careful management of session IDs and cookies

URL
-Check security certificates

Files

• Check file signatures and timestamps
• Check privileges

Question 15

What is Information Disclosure?

Answer 15

Sensitive data passing over a network in plain text or stored in plain text or error messages revealing data

Question 16

What is an Insider threat?

Answer 16

This is when a person who is hired compromises the system in some way

Question 17

How can we avoid insider threats?

Answer 17

• Have proper recruitment processes
• Avoid complacency
• Monitor employee morale
• Monitor
• Logging
• Auditing
• Identifying behaviours

Question 18

What are abuse and misuse cases?

Answer 18

They are a way of identifying threats by looking at ways an unscrupulous actor may choose to harm the system

Question 19

What is Microsoft SDF?

Answer 19

Microsoft Security Development Lifecycle
It is a way of approaching threat modelling
Three stages are
-Decompose the application
-Determine and rank threats
-Determine counter measures and mitigation

Question 20

What does the decompose the application stage do?

Answer 20

• identify entities, processes, data stores and data flows between them
• identify trust boundaries

Question 21

What does the determine and rank threats stage do?

Answer 21

-Use STRIDE to determine threats

Question 22

What is Tampering?

Answer 22

• Modifying something you are not supposed to modify

- Countered by: encryption, validation, digital signatures, privileges

Question 23

What is Repudiation?

Answer 23

• Being able to claim you didn’t do something, leave no trace of activities
• Countermeasures: Logs and times stamps

Question 24

What is Elevation of privilege?

Answer 24

• Gaining access to things you shouldn’t have
• Counter: disable guest accounts, file access privileges, enforcement of user account policies, adopt a least privilege policy

Question 25

What does STRIDE stand for?

Answer 25

Spoofing
Tampering
Repudiation
Information Disclosure
Denial of service
Elevation of privilege