Security Operations 4.1

Question 1

Secure Baselines - Establish

Answer 1

Security Baselines need to be established. All application instances must follow this baseline. List of security baselines is often already established and provided by the manufacture.

Question 2

Secure Baselines - Deploy

Answer 2

How do we put those baselines into action. How do we deploy the baselines. May require multiple deployment mechanisms.

Question 3

Secure Baselines- Maintain

Answer 3

Many of these are maintained through best practices. Test and measure to avoid conflicts. Audit baselines to make sure they maintain in effect.

Question 4

Hardening targets - Mobile Phones

Answer 4

Bug fixes and security Patches, Prevent any known vulnerabilities.
Segmentation can protect data (Company data and user data are separated)

Question 5

Harding Techniques- Workstations

Answer 5

User desktops and laptops likely use windows, macOS, Linux, etc
Constant monitoring and updates
Remove unnecessary software.

Question 6

Network Infrastructure Devices

Answer 6

Examples: Switches, routers
They often have an embedded OS, with a limited OS.

Harden by not using default credentials and checking with the manufacturer for security updates. Not usually updated frequently.

Question 6

Cloud infrastructure

Answer 6

Secure the cloud management workstation. Use principle of least privilege. All services, network setting, application rights and permissions.
Configure endpoint detection and response.
Always have back ups - Cloud to cloud

Question 7

Servers

Answer 7

Make sure operating system is updated. Make sure user accounts have minimum password lengths. Network access and security. Server should have anti-virus and anti-malware

Question 8

SCADA/ICS - hardening techniques.

Answer 8

Supervisory Control and Data Acquisition System

Provide insight into the the systems. Should be hardened with the use of segmentation no access from the outside.

Question 9

Embedded system - Hardening techniques

Answer 9

Hardware and software designed for a specific function. Can be difficult to harden, unlikely to have a security patch. Important to provide additional security by putting them on a segmented network and a firewall.

Question 10

RTOS - hardening techniques

Answer 10

Real time operating system.
An operating system with a deterministic processing schedule. Industrial equipment, automobiles, military environments.

Isolated from the rest of the network
Run with the minimum services which helps to prevent for exploit.

Question 11

IoT - hardening devices.

Answer 11

Internet of things
Heating, cooling and lighting. Home automation, wearable technology.
Put updates for IoT’s at a high priority.

Question 12

Securing Wireless and Mobile - Site Survey

Answer 12

Determine the existing wireless landscape. Sample the existing wireless spectrum. Identify existing access points. Work around existing frequencies.
Heat maps.

Question 13

Wireless survey tools - Security.

Answer 13

Shows signal coverage, Potential interference, Built-in tools, 3rd.

Question 14

Mobile Device management -Securing Wireless and Mobile

Answer 14

Manage company owned and user-owned mobile devices. Centralised management of mobile devices.Employer can implement security controls and segmentation on mobile devices.

Question 15

BYOD -Securing Wireless and Mobile

Answer 15

Bring your own device.
Employee own the device. Difficult to secure. Policies and procedures are necessary to keep personal devices secure

Question 16

COPE - Securing Wireless and Mobile

Answer 16

Corporate owned, personally enabled.
Used as both a corporate device and a personal device.

Organisation Keeps full control of the device. Similar to company-owned laptops.

CYOD - Choose your own device.

Question 17

Security challenges relating to mobile phones?

Answer 17

-Can be easily hidden on somebodies person
-Contain a lot of data
-Can be located anywhere in the world

Question 18

Wifi - Securing Wireless and Mobile

Answer 18

Encrypt the data with VPN
On path attacks - allow/ and or modify data.
Denial of service - Frequency interference.

Question 19

Bluetooth - Securing Wireless and Mobile

Answer 19

High speed communication over short distances. There is a formal pairing process to prevent unauthorised connections.

Question 20

Wireless network settings - WPA2 what is it?

Answer 20

Used to encrypt wireless data

Question 21

WPA2 Problem.

Answer 21

WPA2 has a problem where the hash associated with the four way handshake at the during the connection is derived by an attacker.

Once the hash is derived, attackers run it through a brute force attack to find the pre -shared key.

A weak PSK is easier to brute force, GPU processing and Cloud based password cracking make finding the PSK easier.

Question 22

WPA3 and GCMP

Answer 22

Stronger encryption used with WPA3 than WPA2

GCMP - Galois/ Counter mode Protocol - stronger encryption.

Includes data confidentiality
Message integrity check

Question 23

WPA3 Changes the PSK authentication process.

Answer 23

Includes mutual authentication. Creates a shared session key on the end devices rather than sending hashes these keys across the network. Nothing for the attacker to brute force.

Question 24

SAE

Answer 24

Simultaneous Authentication of Equal.

The way in which pre-shared keys are derived in WPA3

A diffie-hellman derived key exchanged with an authentication component.
Everyone uses a different session key
Included in IEEE Standard

Question 25

Radius (A AAA server)

Answer 25

Authentication protocol, Remote authentication dial in user service. Including connections on a local network.

Question 26

EAP

Answer 26

Extensible Authentication Protocol.

Question 27

Input validation

Answer 27

Analysing data and making sure it matches the data entry that what was expected.

Question 28

Secure cookies

Answer 28

Bits of information stored on your computer by bowser. Information inside the cookie can be valuable to the attacker. Secure cookies often used.

Sensitive information often not put in cookies.

Question 28

Static code analyses (SAST)

Answer 28

Used to find security flaws in applications. Not everything can be identified through analysis. Helps to find many security vulnerabilities such as buffer overflows, database injections but not everything can be identified by analysis.

Question 29

Code Signing

Answer 29

A way to check if the code on an application is the same code that was sent by the manufacturer.

Has the application been modified in any way?
Can you confirm that the application was written by a specific developer.

Code is digitally signed. If the code. The OS will analyse the code and then alert if anything has changed.

Question 30

Sandboxing the application

Answer 30

The application begins executing but only has access to the data it needs for the application to work.

Developers will create code in a separated sandbox so they do not impact the production during development.

Sandbox used in mobile devices which keeps applications separated from having access to the rest of the personal details on the phone.

Question 31

Application security Monitoring

Answer 31

View blocked attacks, SQL injection attempts. patched vulnerabilities