Software Development Security Flashcards

Question

What is a Data Warehouse ?

Answer 1

A special-purpose database that’s used for business research, decision support, and planning; comparatively, typical databases support daily business operations. Used in decision support / data mining. You don't mine 'what if' scenarios on the production Database. You do it on a what if Database.

Answer 2

Data in a hierarchical database is arranged in a tree structure, with parent records at the top of the database, and a hierarchy of child records in successive layers.

Answer 3

Network databases represent an improvement in the design of hierarchical databases. In the hierarchical model, relationships between records are defined by the database’s tree structure. In a network database, records can be networked to other records through paths that are different from the hierarchy itself.

Answer 4

Relational databases are the culmination of database design. A relational database has relationships between data sets Records are often called rows, and rows are stored in tables. A table can have a primary key, which is one of the fields in the table that contains a unique value. A primary key permits rapid table lookups (queries to find specific records) through binary searches and other data lookup algorithms. An index can also be built for any of the other fields in a table, to facilitate more rapid lookups.

Answer 5

A schema is what defines the structure of a relational database, defines table sizes and rows within etc etc.

Answer 6

A table can have a primary key, which is one of the fields in the table that contains a unique value. A primary key permits rapid table lookups (queries to find specific records) through binary searches and other data lookup algorithms.

Answer 7

Stored procedures are subroutines that can be accessed by software applications. As their name suggests, stored procedures are actually stored in the relational database. * Helps make a database resilient to SQL Injection Attacks

Answer 8

Prepared statements (sometimes called parameterized statements) are basically canned statements that can be called by the application. * Helps make a database resilient to SQL Injection Attacks

Answer 9

* A database whose components exist in multiple physical locations. * Named because of its location, not because of its design. * Can be hierarchical, network, relational, object, or any other design.

Answer 10

The objects in an object database include data records, as well as their methods (application code). Like OO application programming languages, object databases can have classes (data types), instantiations (individual data records), inheritance, and encapsulation. Object databases are a niche player in the market for database management systems, where relational databases dominate.

Answer 11

A transaction is an action that is performed on a database that results in the addition, alteration, or removal of data.

Answer 12

The dominant computer language used to manipulate data in a database is Structured Query Language (SQL). Principal Commands: Select, Update, Insert.

Answer 13

SQL statements can also be grouped together in a transaction, to ensure that all of the statements are executed together, thus guaranteeing the integrity of the database.

Answer 14

Databases employ a mechanism known as locking in order to avoid collisions in which two or more programs may be trying to update the same table or row at the same time. A lock can be placed on a field, an entire row, or an entire table.

Answer 15

A Knowledge Based System (aka: AI) Expert systems build a database of past events in order to predict outcomes in future situations. An inference engine analyzes the past events to see whether it can find a match between a past event and the current problem.

Answer 16

* Used by Expert Systems * It breaks down the factors influencing a decision or outcome into its components, evaluates each individual component, and then recombines the individual evaluations in order to arrive at the yes/ no or true/ false conclusion for the big question or problem. * It produces a quantitative result based on uncertainties.

Answer 17

* Used by Expert Systems: * Operate on the numeric probability of yes/ no, true/ false, rain/ snow, or whatever the expert system is working on. The individual probabilities are aggregated, and the final conclusion is reached. Example: Tomorrow it will snow in Buffalo.

Answer 18

* A knowledge Based System (aka: AI) * Mimic the biological function of the brain. * A neural network accumulates knowledge by observing events; it measures their inputs and outcome. Over time, the neural network becomes proficient at correctly predicting an outcome because it has observed several repetitions of the circumstances and is also told the outcome each time. Then, when confronted with a fresh set of inputs for a new situation, the neural network predicts outcomes with increasing reliability over time. * Neural networks learn that input components are weighted, which is to say that their specific degree of influence on the outcome is calculated.

Answer 19

Operating system (OS) software is a set of programs that manage computer hardware resources and facilitate the use of application programs.

Answer 20

* The central component of an operating system | * This is the core software in an operating system that performs system functions

Answer 21

* Performed by the Kernel * It is how the kernel deals with multiple applications running at the same time. * The kernel controls the initiation, execution, and termination of programs, as well as the allocation of hardware components (such as CPUs, memory, and peripherals) between the running programs.

Answer 22

* Performed by the Kernel * The kernel allocates memory to itself as well as to processes that are running. The kernel responds to processes that request more (or less) memory. Programs are permitted to use only the memory allocated to them; the kernel enforces this restriction.

Answer 23

* Performed by the Kernel. * An interrupt is a signal sent to the kernel that directs the kernel to temporarily suspend processing in order to take care of something else. Typically an interrupt comes from one of the computer’s hardware components when some event requires attention from the operating system.

Answer 24

* Performed by the OS Kernel. * The kernel manages each process’s access to the computer’s hardware, including memory, hard disks, network adaptors, and bus adaptors (such as USB and FireWire).

Answer 25

Another important part of the OS is its device drivers. These are programs used to permit interaction between the kernel and specific hardware devices that are connected to the computer.

Answer 26

* This is the part of the OS that we use to communicate with the computer. * The two primary types of user interfaces are Command line and Graphical. * The command line is simple interface controlled by a keyboard. * Graphical. This interface divides the screen into “windows” or “panes,” typically controlled by a pointing device (such as a mouse or touchpad) and perhaps also a keyboard.

Answer 27

The OS restricts processes by forbidding any process from accessing or modifying memory allocated to any other process. This prevents any process from tampering with other processes.

Answer 28

The OS includes basic network protocols to facilitate communication to other computers.

Answer 29

The OS restricts access to files and directories in file systems, basing access on permission labels affixed to each file and directory. Only authorized processes may access specific files. This is the mechanism used to restrict users’ access to files on workstations and servers.

Answer 30

Before any local or remote user may access any programs or data, the OS needs to know who is performing the access request. The OS requires that the user identify him or herself, typically by entering a userid and password.

Answer 31

Most OSs control which users are permitted to access resources on the system,

Answer 32

* The systems development life cycle (SDLC, often called the software development life cycle) refers to all the steps required to develop a system from conception through implementation, support, and (ultimately) retirement. * In other words from beginning till end.

Answer 33

The waterfall model is so-called because its steps progress like a series of waterfalls. In a software development project performed using the waterfall model, each of the stages is performed sequentially, one at a time.

Answer 34

* SDLC * Waterfall * A high level description of the system

Answer 35

* SDLC * Waterfall * Functional requirements are basically a list of required characteristics of the system.

Answer 36

* SDLC * Waterfall * You could call the functional specifications the Engineering department’s version of functional requirements. Rather than a list of have-to-have and nice-to-have items, the functional specification is more of a what-it-is (we hope) or a what-we-think-we-can-build statement.

Answer 37

* SDLC * Waterfall * Design is the process of developing highest-detail designs. In the application software world, design includes entity-relationship diagrams, data-flow diagrams, database schemas, over-the-wire protocols, and more.

Answer 38

* SDLC * Waterfall * The design review is the last step in the design process, in which a group of experts (some of whom are on the design team and some of whom aren’t) examine the detailed designs.

Answer 39

* SDLC * Waterfall * Coding usually includes unit testing, which is the process of verifying all the modules that are built in this phase.

Answer 40

* The Open Web Applications Security Project | * Security practices and designs for building a more secure mouse trap.

Answer 41

* SDLC * Waterfall * the coding phase ends with a code review * more bugs are found (hopefully) * software vulns discovered.

Answer 42

* When portions of an application have been developed, it’s often possible to test the pieces separately. This is called unit testing. * Unit testing allows a developer or tester to verify the correct functioning of individual modules in an application. Unit testing is usually done during the coding stage.

Answer 43

* A system test occurs when all the components of the entire system have been assembled, and the entire system is tested from end to end. * The test plan that was developed back in the functional requirements step (see the section “Functional requirements,” earlier in this chapter) is carried out here.

Answer 44

``` top ten software risks cited by OWASP are: * Injection Cross-site scripting (XSS) Broken authentication and session management Insecure direct object reference Cross-site request forgery (CSRF) Security misconfiguration Insecure cryptographic storage Failure to restrict URL access Insufficient transport layer protection Invalidated redirects and forwards ```

Answer 45

* Certification is the formal evaluation of the system. The system is declared fully functional. * Every intended feature performs as planned. * Accreditation means the final code / application / product is okay to be put into production.

Answer 46

* Change Management is the formal business process that ensures all changes made to a system receive formal review and approval from all stakeholders before implementation. * Change Management gives everyone a chance to voice their opinions and concerns about any proposed change so that the change goes as smoothly as possible, with no surprises or interruptions in service.

Answer 47

A Change Review Board — which has members from departments such as Development, Operations, Customer Support, and Security as well as other stakeholders in the organization — usually performs Change Management.

Answer 48

Configuration Management captures actual changes to software code, end-user documentation, operations documentation, disaster recovery planning documentation, and anything else that’s affected by the change. Configuration Management archives technical details for each change and release of the system, as well as for each instance of the system, if more than one instance exists. Change Management and Configuration Management address two different aspects of change in a system’s maintenance mode. Change Management is the what, and Configuration Management is the how.

Answer 49

* Security in the requirements * Security in the Design * Security in the Testing * Security in the implementation

Answer 50

* With process isolation, running processes aren’t allowed to view or modify memory and cache that’s assigned to another process. * A service provided by the Operating System

Answer 51

* Hardware segmentation refers to the practice of isolating functions to separate hardware platforms as required to ensure the integrity and security of system functions. * Segregation of Duties * least privilege

Answer 52

Also known as least privilege, separation of privilege assures that no individuals or objects (such as programs that make requests of databases) have excessive functions on a system.

Answer 53

Accountability refers to an application’s ability to record every auditable event by describing the event: who made the change, what the change was, and when the change was made.

Answer 54

* Also known as layering, defense in depth is a security architecture concept wherein multiple separate mechanisms form protective layers around assets that require protection. * For example, a company may have a firewall, but additionally implement host-based access control and other mechanisms. Then, if any one of these protections fails, the others still presumably run and prevent or detect security problems in the environment.

Answer 55

Abstraction is a process of viewing an application from its highest-level functions, which makes all lower-level functions into abstractions. Lower-level functions are treated as black boxes — known to work, even if we don’t know how.

Answer 56

Data hiding Data hiding is an object-orientation term that refers to the practice of encapsulating an object within another in order to hide the first object’s functioning details.

Answer 57

System high mode refers to a system that operates at the highest level of information classification. Any user who wants to access such a system must have clearance at or above the information classification level.

Answer 58

* The security kernel is composed of hardware, software, and firmware components that mediate access and functions between subjects and objects. * The security kernel is a part of the protection rings model in which the operating system kernel occupies the innermost ring, and rings farther away from the innermost ring represent fewer access rights. & The security kernel is the innermost ring and has full access to all system hardware and data. User programs occupy outer rings and have fewer access privileges.

Answer 59

The reference monitor is a component implemented by the security kernel that enforces access controls on data and devices on a system. In other words, when a user tries to access a file, the reference monitor ultimately performs the Is This Person Allowed to Access This File? function.

Answer 60

Modern operating systems use the concept of privilege associated with user accounts. For instance, UNIX has the root account, and Windows Server has the Domain Administrator and Local Administrator roles. Only system or network administrators can use these accounts, with which they perform operating system and utility management functions.

Answer 61

The Service-Level Agreement (SLA) is a quasi-legal document (it’s a real legal document when the application service provider is a different company than the organization that uses the application) that pledges the application performs to a set of minimum standards.

Answer 62

* Hours of availability * Average and peak number of concurrent users: * Transaction throughput * Data storage capacity * Application response times * Service desk response times * Security incident response times * Escalation process during times of failure

Answer 63

Worms propagate by attacking known weaknesses on computer systems. On those systems where the worm finds a weakness, it can successfully break in and enter. Whatever the weakness happens to be, the result is the same: The worm can assume enough control of the system (or just of the application whose weakness it exploited) to use it as a base to launch attacks against more systems. EX: Nimda, CodeRed, Conficker.

Answer 64

* The main purpose of a computer virus, a (usually) small program, is to replicate itself. Early computer viruses attached themselves to floppy disks’ boot sectors or to executables (such as .com or .exe files). * Viruses attached to executable files would spread when a user ran those executable files. Multi-partition viruses spread by using both the boot sector and executable files. Today, viruses spread in many other ways, including macros found in documents, as well as in image files, JavaScript and ActiveX controls. We’ve also seen viruses spread through cross-site scripting vulnerabilities in websites and through instant messaging software.

Answer 65

A rootkit is a malicious program that’s designed to hide itself on the target system in order to evade detection. *The purpose of a rootkit varies according to its maker. A rootkit may perform any of the actions that most other types of malware are capable of, including destroying, altering, or stealing data; intercepting or altering data transmissions; or changing the behavior of the target system.

Answer 66

A Trojan horse, is an object that claims to be one thing but turns out to be something far different. Trojan horses generally don’t spread by replicating themselves, but they can be very damaging nonetheless. A typical Trojan horse arrives in the payload of an e-mail message, usually an attached executable file or a file with macros.

Answer 67

* A logic bomb is a program designed to cause damage when some computer/ network event has occurred. * For instance, a logic bomb could destroy files when a user invokes a certain program, such as a text editor. * Logic bombs don’t replicate themselves, but viruses or worms can leave them behind.

Answer 68

ActiveX and Java applets can carry malicious code and wreak havoc on users’ computers. Strictly speaking, attackers can write destructive ActiveX applets more easily than Java applets because the applets have unfettered access to the entire computer. Destructive Java applets are far more difficult to write because they must exploit some weakness in the Java sandbox in order to break out of it and do whatever damaging deed it was designed to do.

Answer 69

A trap door is a type of logic bomb that functions as part of a program. The trap door performs an undocumented function when certain conditions are met. Often these functions are designed to bypass security and other control mechanisms.

Answer 70

Hidden code is a set of computer instructions hiding inside another program that carries out some usually-malicious act. An example of hidden code would be an application’s reporting program that also happens to erase certain entries from the audit trail.

Answer 71

An injection attack is one where the attacker is attempting to insert computer instructions into a computer program’s input field, in an attempt to trick the target computer into performing functions unintended by the program’s designer. Example: SQL Injection: Here, the attacker is injecting SQL statements in an attempt to trick the back-end database server to perform specific functions. Example: Frame Injection (also known as cross-frame scripting, or XFS): Here, the attacker is attempting to load arbitrary code into a browser in order to steal data from other frames present in the browser session.

Answer 72

A cross-site scripting attack, (XSS), is one where an attacker is able to inject client-side script into web pages viewed by other intended victims. This attack allows an attacker to bypass security mechanisms present in websites and web browsers. The two principal types of XSS attacks are non-persistent and persistent attacks. In a typical non-persistent attack, the attacker must trick the victim into clicking a malicious URL that contains malicious script, which will be executed on the victim’s browser. Such a script could, for instance, steal the victim’s session cookies — which could then be used by the attacker to access the victim’s session. In a persistent attack, the attacker arranges to store malicious code on a website (such as a message board, or comments in a blog). Then any users who click the malicious link will be executing malicious script on their systems.

Answer 73

In a cross-site request forgery (CSRF) attack, the attacker is attempting to trick a victim into clicking a link that will perform some action that the victim would not otherwise approve. A common method used to protect users from CSRF attacks is the inclusion of one-time-use hidden variables (known as a “nonce”) on important pages. The website keeps track of these hidden variables; any variation (or repeat) will indicate possible tampering. Another method used to protect users against CSRF attacks is the inclusion of a secondary approval dialogue for any significant transaction. That way, if the attacker is able to sneak in a CSRF link that the victim clicks, the attack won’t be successful unless the victim also approves the transaction.

Answer 74

One technique commonly used by attackers is known as escalation of privilege. Here an attacker accesses a system, and then uses any number of attack techniques (such as an injection attack) to increase the attacker’s privilege level from (say) that of an ordinary user to that of an administrator.

Answer 75

The Denial of Service (DoS) attack is an interesting one because the attacker never does gain entry into the targeted computer system — then again, he or she isn’t trying to get in. Instead, the attacker is trying to make the target system unavailable for its users. The ping of death attack (where a malformed or extremely large “ping” packet is sent to the target system) is a good example of a DoS attack. A form of DoS attack, called Distributed Denial of Service (DDoS), occurs when an attacker uses hundreds, or even thousands or tens of thousands, of systems to attack a target simultaneously.

Answer 76

The dictionary attack is a method used to crack computer account passwords by using common words found in a dictionary. Most commonly, a dictionary-attack tool acquires a copy of the UNIX password or shadow file, or the Windows SAM file. The hacker then loads the file on his or her local system and runs a password-cracking program to attempt to discover account passwords by guessing dictionary words and combinations of dictionary words and numbers.

Answer 77

In a spoofing attack, the attacker changes the network identity of a computer or program some way so as to trick the targeted system into granting access to the attacker.

Answer 78

Social engineering is an attack against people as a way of getting access to targeted systems. The classic case of social engineering occurs when a hacker makes a number of telephone calls to various people in an organization and gets a tidbit of information from each one.

Answer 79

* A perpetrator creates genuine-looking e-mail messages that appear to have originated from real, high-value sites, such as online banking. * The purpose of the e-mail is to trick the recipient into clicking the hyperlink and stealing the users credentials.

Answer 80

The end result of pharming is very similar to phishing: A user goes to an imposter website whose owner wants to steal users’ login credentials. The method of attack, however, is quite different. In a pharming attack, the attacker targets the user’s DNS environment so that it returns incorrect values, leading victims to imposter sites.

Answer 81

Spear phishing: A type of phishing in which the attacker targets certain users or groups of users.

Answer 82

A type of phishing attack that targets senior executives in one or more organizations.

Answer 83

A pseudo flaw attack is a special form of social engineering in which an attacker, posing as a system or security administrator or vendor, tells unsuspecting users that a security flaw has been discovered on their system and that they should install a certain patch, which is usually a Trojan horse.

Answer 84

When a developer builds hooks into an application that can change the run time mode into a maintenance or management mode (such as the user of a certain user name) this new mode could expose features and functions and leads to vulnerabilities.

Answer 85

An intruder (or employee) may devise some means for listening to traffic on the organization’s internal network by using a sniffer program. Sniffer programs can listen for and capture login sessions, recording user IDs and passwords.

Answer 86

An attacker can analyze network traffic patterns and other types of transmissions in order to make inferences about something that he or she wants to know more about. In this type of attack, the attacker doesn’t have access to the contents of the transmissions — only their patterns.

Answer 87

Brute force is the most time-consuming and generally a last resort effort. Whatever the target, the perpetrator of a brute-force attack repeatedly hits his or her target, making small changes each time, hoping that he or she can eventually get in.

Answer 88

Antivirus software operates by intercepting operating system routines that store files and open files. The AV software compares the contents of the file being opened or stored against a list of virus signatures. If the AV software detects a virus, it prevents the file from being opened or saved, usually alerting the user via a pop-up window

Answer 89

Rather than looking for a specific signature of a specific file a heuristics engine looks for a pattern or anomalous behaviour, such as renaming a .exe file. Benefits: Conservation of space Decreased download time Improved computer performance

Answer 90

Bot herders are individuals who establish, grow, and use bot armies to carry out attacks and cause other types of trouble. They may develop their own bot software, but mostly they use bot software developed by others.

Answer 91

A less knowledgeable attacker that uses a tool developed by someone else to cause damage.

Answer 92

The original phreakers were people who cracked telephone networks in order to get free long-distance service. Improvements in telephone networks have rendered the original techniques useless, and some phreakers have resorted to outright criminal acts, such as stealing long-distance calling cards. The term phreakers is sometimes used to describe hackers who try to break into systems and services