OWASP Flashcards

1
Q

Minimize Attack Surface Area

A

Minimize the amount of vulnerabilities a threat actor can exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Principle of least privilege

A

Give people the absolute minimum required access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Defense in depth

A

Varying security controls for different types of threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Separation of Duties

A

Critical processes should have multiple people responsible for different parts (eg: check creating and signing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Keep Shit Simple

A

Simple solutions = used solutions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Fix issues correctly

A

ID the root cause, contain it, ID vulnerabilities, and conduct tests on remediation efforts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Establish correct defaults

A

Make sure that optimal security is the default for all users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Fail securely

A

Make sure when a control fails, it defaults to the most secure option. Eg: a failing firewall shuts off app network access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Don’t trust services

A

Always get 3rd party software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Avoid security by obscurity

A

Don’t hide the details of what makes a system secure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly