Software Development Security - Domain 4

Question 1

Q

Answer 1

A

Question 2

Software Development - Waterfall Method

Answer 2

1. Traditional Model. 2. Completion of one task leads to the start of another. 3. Long term projects (inflexible).

Question 3

Software Development - Prototyping method

Answer 3

1. Addresses time issues with Waterfall. 2. Produces basic prototypes that evolve each round. 3. 1970’s

Question 4

Software Development - Prototyping method - 4 phases

Answer 4

1. Initial concept. 2. Design and implement initial prototype. 3. Refine prototype until acceptable. 4. Complete and release final version. 5. 1980’s

Question 5

Software Development - Spiral Method

Answer 5

1. Combo of Waterfall and Prototyping. 2. Development of initial version is based on prototyping. 3. Development of each version is similar to waterfall. 4. Risk analysis after each step.

Question 6

Software Development - Clean room method

Answer 6

1. Engineered development process. 2. Focus on defect prevention instead of defect removal. 3. Increased design time reduces requirements for testing. 4. Results in substantial savings over the long term.

Question 7

Software Development - Extreme programming method

Answer 7

1. Function specific programming instead of application. 2. Executed by small teams. 3. Dynamic changing requirements.

Question 8

Software Development Models - Generic steps

Answer 8

1. Project initiation. 2. Functional design analysis and planning. 3. System design specifications. 4. Software development. 5. Installation/Test/Implementation. 6. Operation/maintenance. 7. Disposal.

Question 9

Software Development - Project Initiation (Step 1)

Answer 9

1. Conceptual definition of project is decided upon. 2. Identify security requirements. 3. Perform an initial risk analysis-analyze threats and countermeasures and estimate costs and benefits per countermeasure. 4. Identify security framework. 5. Determine SLA.

Question 10

Software Development - Function Design (Step 2)

Answer 10

1. Define security requirements. 2. Propose security checkpoint plan. 3. Develop contingency plans. 4. Preliminary security test plans. 5. Formal functional baseline includes security requirements.

Question 11

Software Development - System Design (Step 3)

Answer 11

1. Define security specifications. 2. Update test plans involving security. 3. Security specifications. 4. System design checklist. 5. Formal methods developed.

Question 12

Software Development - Software Development (Step 4)

Answer 12

1. Write programming code to meet specifications. 2. Implement security within code. 3. Perform unit tests.

Question 13

Software Development - Testing and Installation (Step 6)

Answer 13

1. Test system components. 2. User acceptance testing, data checking, and resiliency testing. 3. Install system. 4. Create manuals. 5. Perform acceptance test - certification and accreditation. 6. Accept system. 7. Garbage collection.

Question 14

Software Development - Testing Types (Step 7)

Answer 14

1. Unit testing - individual component is in a controlled environment where programmers validate data structure, logic, and boundary conditions. 2. Unit testing - verifying that components work together as outlined in design specifications. 3. Acceptance testing - ensuring that the code meets customer requirements. 4. Regression testing - after a change to a system takes place, restesting to ensure functionality, performance and protection.

Question 15

Software Development - Testing techniques

Answer 15

1. Black box testing - tester has no knowledge of system. 2. White box - tester has full knowledge of system. 3. Gray-box - tester has partial knowledge of system.

Question 16

Software Development - Operation

Answer 16

1. Maintain system through service level agreement 2. After changes re-certify 3. Audit and test security components periodically.

Question 17

Software Development - Disposal

Answer 17

1. Properly dispose of system 2. Repeat full cycle with a new project initiation 3. data moved to another system or discarded.

Question 18

Software Development - Verification

Answer 18

1. Determine if the product accurately represents the developers description and specifications. 2. Follows structure and logic o fo product.

Question 19

Software Development - Validation

Answer 19

1. Determine the degree to which the model represents a real world use. 2. Does the product actually solve a problem and or meet a demand?

Question 20

Software Development - Change Control

Answer 20

1. Without proper change control, a project can take longer that appropriate to complete. 2. Applications should be centrally managed. 3. Security controls must always be protected. 4. Programmer changes must be made through controlled libraries. 5. Changes should be made to source code and not production code.

Question 21

Software Development - Change Control Procedure

Answer 21

1. Request for change is formally made to CCB. 2. Analyze request - a. develop the implementation strategy b. calculate the cost of this implementation c. review any security implications. 3. Record change request. 4. Submit change request for approval. 5. Develop change. 6. Re-code segments of the product and modify functionality. 7. Link these changes in the code to formal change control request. 8. Submit software for testing and quality approval. 9. repeat until quality is adequate. 10. Make version changes. 11. Report changes to management. 12. Establish a baseline setting.

Question 22

Software Development - Change Control Issues

Answer 22

1. Changes must be submitted, approved, tested, and recorded. 2. Logic of change is separate from the process of change control.

Question 23

Computer aided software engineering (CASE)

Answer 23

1. General term for a wide variety of tools to help programmers, project managers, and analysts during a project. 2. Automation of repetitive tasks. 3. Debuggers, code analyzers, version control tools. 4. Development is quicker and more accurate with computer aided tools. 5. Allows for rapid prototyping.

Question 24

Capabilities Maturity Model (CMMI)

Answer 24

1. Developed by Software Engineering Institute at Carnegie-Mellon Uni in Pitts. 2. Assumes that the quality of the software development process directly impacts the quality of the software product. 3. Five maturity levels for software development.

Question 25

CMMI Levels

Answer 25

1. Initiating 2. Repeatable 3. Defined 4. Managed 5. Optimization

Question 26

Object Oriented Programming (OOP)

Answer 26

1. Increases speed in software development because objects can be reused. 2. Saves money and time.3. Closely maps to real activities. 4. Self contained. 5. Highly modular.

Question 27

OOP Terms

Answer 27

1. Inheritance 2. Abstraction 3. Encapsulation 4. Polymorphism 5. Polyinstantiation

Question 28

OOP Terminology

Answer 28

1. Classes - defines attributes and characteristics of the possible objects within them (objects are members of classes). 2. Objects - software entities that are grouped into classes (objects inherit attributes from class type).

Question 29

OOP Objects

Answer 29

1. re-useable module of code. 2. Each re-use of the object creates an instance. 3. Modularity approach provides more efficiency and structure.

Question 30

OOP Behavior

Answer 30

1. Commands performed by object are a method. 2. Objects communicate with each other through messages.

Question 31

Abstraction

Answer 31

1. Looking at the “big picture” versus focusing on all the small details of the picture. 2. Suppressing unnecessary detail so that overall goal of an object can be utilized.

Question 32

Abstraction Example - Objects

Answer 32

1. Characteristics of objects are encapsulated - only accessible through messaging. 2. Viewed as a black box - internal workings are not apparent to the system.

Question 33

Polymorphism

Answer 33

Two objects are sent the same message but react differently-this is possible because objects can belong to different classes, meaning they will exhibit different behaviors.

Question 34

Polyinstantiation

Answer 34

The creation of another version of an object using different values for its variables to ensure that lower level subjects do not access data at a higher classification.

Question 35

Module Interaction - Cohesive

Answer 35

1. Object is highly cohesive if it can perform a task with little or no help from others. 2. Highly cohesive objects are not as dependent upon other objects as low cohesive objects. 3. Higher cohesive objects are better.

Question 36

Module Interaction - Coupling

Answer 36

1. Measurement of interaction between objects. 2. Lower coupling means less interaction. 3. Lower coupling provides better software design because objects are more independent. 3. Lower coupling is easier to troubleshoot and update.

Question 37

Data Base Types

Answer 37

1. Relational - presents data in tables with columns and rows (attributes and tuples). 2. Hierarchical - logical tree structure (branches and leaves-data fields). Highest node is root; parents can have children. 3. Distributed - data is stored in bases in different places and a re logically connected.

Question 38

dBase Terminology - Attribute

Answer 38

Column in a relational dbase.

Question 39

dBase Terminology - Tuple

Answer 39

A row representing a relationship among values.

Question 40

dBase Terminology - Cell

Answer 40

The intersection of the row and column in a relational dbase.

Question 41

dBase Terminology - Element

Answer 41

Each data value in a row under a column.

Question 42

dBase Terminology - File

Answer 42

Table - collection of records of the same type.

Question 43

dBase Terminology - Base Relation

Answer 43

A table stored in a database.

Question 44

dBase Terminology - View

Answer 44

A virtual relation defined by database to control subjects viewing certain data (a.k.a. role-based access control).

Question 45

dBase Terminology - Primary Key

Answer 45

A field that links all the data within a record to a corresponding value.

Question 46

dBase Terminology - Foreign Key

Answer 46

An attribute of one table that is the primary key of another table.

Question 47

dBase Terminology - Schema

Answer 47

Holds data that describes a dbase.

Question 48

dBase Terminology - Meta Data

Answer 48

Data about data-data to describe a base and the data within.

Question 49

Data Dictionary

Answer 49

1. Central repository of meta-data, which is critical information about the whole database. 2. Cross reference between the groups of data elements and how they interact with each other (relationships). 3. A central cllection of data element definitions, schema objects, and reference keys. 4. Allows for central management of dbase. 5. Central catalog of data.

Question 50

Open dBase Connectivity (ODBC)

Answer 50

1. Allows applications to communicate with different types of bases. 2. Interface between the application and the different base drivers.

Question 51

Data Warehousing

Answer 51

1. Combines data from multiple bases into a larger base with the purpose of a fuller extent of information retrieval and data analysis. 2. Extracting operational data and making it into informational data. 3. Not just mirroring data. 4. Redundancies and inconsistencies are removed.

Question 52

Data Mart

Answer 52

1. Smaller and more focused on a particular subject when compared to a data warehouse. 2. A Data Warehouse combines data across an enterprise. 3. A data mart can access data for specific groups.

Question 53

Data Mining

Answer 53

1. The process of analyzing a base using tools that look for trends or anomalies without having the knowledge of the meaning of the data. 2. Creates meta-data which is more useful to the user. 3. Identifies patterns and relationships between data sets. 4. Can be used to test for inference vulnerabilities.

Question 54

Software Security Downfalls

Answer 54

1. Most attacks take advantage of a weakness or vulnerability in some type of software. 2. Security controls are deployed to prevent attackers from exploiting those weaknesses. 3. Software is a critical component of all business transactions. 4. Software is changing than software security technology.

Question 55

Software Security Challenges

Answer 55

1. It was not as crucial to implement security during the development stages. 2. Many programmers do not practice these procedures. 3. A majority of security professionals themselves are not software developers. 4. Software vendors rush products to market with their eyes set on functionality, not security.

Question 56

Approches to SW Security

Answer 56

1. Firewalls, routers, ACL’s, IDSs, bastion hosts -vs- 2. Design and develop software with security in mind - ISO 27034.

Question 57

Software Security - Seperation of Duties

Answer 57

1. Programmers shouldn’t be the only ones testing their software- a. operations should not have access to source or object code in production b. programmers should not be interacting with software in production. 2. Once software is completed, it should go to the library- a. software released to production should come in a library, not directly from programmers b. proper testing is managements responsibility.

Question 58

dBase ACID Test - A

Answer 58

Atomicity - either all changes take effect or none do.

Question 59

dBase ACID Test - C

Answer 59

Consistency - A transaction is allowed only if it follows owner - or system - defined integrity constraints.

Question 60

dBase ACID Test - I

Answer 60

Isolation - the results of the transaction are not visible until the transaction is complete.

Question 61

dBase ACID Test - D

Answer 61

Durability - the results of a completed transaction are permanent.

Question 62

dBase Security Mechanisms and Issues

Answer 62

1. Concurrency problems. 2. Checkpoints. 3. Trusted front end. 4. Aggregation. 5. Inference. 6. views.

Question 63

dBase Security Mechanisms Add-on Example - Trusted front-end

Answer 63

1. Adds multilevel security to a dbase. 2. Another control between subjects and objects. 3. Used to retrofit security to a dbase.

Question 64

dbase Security Attacks - Aggregation

Answer 64

1. Act of combining information from separate sources. 2. this combination forms new information, to which the subject does not have authorized access. 3. The combined information has a sensitivity that is greater than the individual parts.

Question 65

dbase Security Attacks - Inference

Answer 65

1. Inference is the ability to derive additional information from learned facts about a particular system. 2. Countermeasures: cell suppression, pertaining, insertion of noise data, polyinstantiation.

Question 66

Controlling dBase access - Content dependent

Answer 66

1. Controlling access based on contents of the object. 2. Query results depend upon the values within tables.

Question 67

Controlling dBase access - Context dependent

Answer 67

1. Access decision based on the context of the request. 2. Mechanism required to keep track of who accessed and in what sequence.

Question 68

dBase Integrity - Entity

Answer 68

1. No primary key attribute can have a null value. 2. Primary key value must be unique.

Question 69

dBase Integrity - Referential

Answer 69

1. When there is a relationship between two entities, those two entities need to actually exist. 2. No record can contain a reference to a key of a non-existing record.

Question 70

Distributed Computing

Answer 70

Data processing takes place on different systems: 1. Common object request brokers (CORBA, ORB). 2. Distributed communication standard (COM-Component Object Model, dCOM-distributed COM). 3. Enterprise Java Bean (EJB). 3. Simple Object Access Protocol (SOAP).

Question 71

DCOM

Answer 71

How the blaster worm was spread.

Question 72

SOAP

Answer 72

Replacement for DCOM-uses XML based comms.

Question 73

CORBA

Answer 73

1. Common Object Request Broker Architecture. 2. Standard developed by Object Management Group which allows different applications written in different languages to communicate. 3. Standard set of interfaces and API’s for systems to use to communicate with other ORB’s.

Question 74

Component Object Model (COM)

Answer 74

1. Architecture to allow simple inter-process comms between objects. 2. Allows objects on one system to communicate.

Question 75

Distributed Component Object Model (DCOM)

Answer 75

1. Allows for COM inter-process communication in a distributed form. 2. Allows objects on different systems to interact. 3. Works as middleware for distributed processing.

Question 76

Linking through COM - OLE

Answer 76

Object Linking and Embedding: 1. Provides a way for objects to be shared on a local workstation and uses COM as its foundation base. 2. Allows objects to be embedded into documents (i.e. graphics, pictures, and spreadsheets). 3. Linking is the capability for one program to call another. 4. The capability to put a piece of data inside a foreign program or document is embedding.

Question 77

Mobile Code - Active Content

Answer 77

!. Documents or scripts that can carry out actions without user intervention.2. Increase user functionality through a browser. 3. Java applets, Java Script, ActiveX controls, macros and executable e-mail attachments. 4. Extend capabilities and functionality, but can introduce more risks. 5. Trojan horse, backdoors, viruses, malicious code, and worms all take advantage of Active content.

Question 78

World Wide Web OLE - ActiveX

Answer 78

1. Platform specific and language dependent. 2. ActiveX controls communicate to objects using COM services. 3. Outgrowth of OLE and COM technologies for the WWW.

Question 79

ActiveX Controls

Answer 79

1. Is MS technology that is used to write controls that Internet users can download to increase their functionality and user experience. 2. Extension of OLE. 3. Security scheme: inform user of the origin of the componentt who will decide if it should be trusted. 4. Security relies on digital certificates and trusting certificate authorities.

Question 80

Java

Answer 80

1. Language developed by Sun. 2. Object-oriented, platform-independant programming language. 3. Runs on top of the Java VM which allows applets to run on several different platforms. 4. Uses byte-code instead of being compiled directly into machine code.

Question 81

Java Applets

Answer 81

1. Small Java programs that run within a users browser. 2. Mobile code that is restricted from accessing loval disks and network connections by being contained in a sandbox. 3. Several bugs within Java code allow malicious code to escape the sandbox and perform malicious acts.

Question 82

Common Gateway Interface (CGI)

Answer 82

1. CGI is a method of manipulating data passed into a website. 2. CGI script resides on web server, not the browser. 3. Allows for interactive Websites that process user input. 4. Security risks are that they use an array of low level system commands that can be exploited. 5. Scripts are interpreted and not compiled-there is more a risk of it being modified. 6. The CGI scripts should

Question 83

Web Applications - Input Validation

Answer 83

1. Web forms can be a source of attack if special characters or code is allowed to be entered. 2. Developers must check input parameters and perform “inout cleansing” before the form is submitted to the server.

Question 84

Web Applications - SQL Injection

Answer 84

1. When SQL statements are entered into a form. 2. Allows attacker to manipulate the database tier of a web application.

Question 85

Web Applications - Cross Site Scripting

Answer 85

1. JavaScript is entered through a form or url parameter. 2. Comes back around to the victims browser and executes. 3. Commonly found in the URLs within phishing emails.

Question 86

Cookies

Answer 86

1. HTTP cannot track web users and their actions. 2. Cookies can allow sites to “remember” users visits and choices - tokens within HTTP requests and responses. 3. Can be per session. 4. Can be persistent. 5. Privacy issues - collect personal information about users and can contain sensitive information that an attacker may try to access.

Question 87

Malware

Answer 87

1. Virus. 2. Worm. 3. Logic Bomb. 4. Trojan Horse. 5. Other attack types.

Question 88

Malicous Code Detection

Answer 88

1. File size increase. 2. Many unexpected disk accesses. 3. Change in update or modified timestamp. 4. Sudden decrease of hard drive space. 5. Calculating checksums on system files. 6. Unexpected and strange activity by applications.

Question 89

Malware types - Virus

Answer 89

1. A virus is a program that searches out other programs and infects them by embedding a copy of itself.

Question 90

Types of Viruses

Answer 90

1. Macro Viruses: easy to create because of the simplicity of the macro languages. 2. Boot sector virus: malicious code inserted into the disk boot sector. 3. Compression virus: when decompressed, it initializes and attacks the host system. 4. Stealth virus: hides its forrprints and changes that it has made.5. Plymorphic virus: makes copies and changes the copies in same way - uses a mutation engine. 6. Multi-partite virus: infects both boot sector and hard drive (the file system).

Question 91

Malware types - Virus - Worms

Answer 91

1. Can reproduce on their own - different than virus. 2. Self contained programs.

Question 92

Malware types - Virus - Logic Bomb

Answer 92

An event triggers the execution of specific code.

Question 93

Malware types - Virus - Trojan Horse

Answer 93

1. Program disguised as another program. 2. Useful program that contains hidden code exploiting the authorization of process to violate security.

Question 94

Attack types - Smurf

Answer 94

1. ICMP Echo broadcast is sent to a network with a spoofed address. 2. All systems on network segment send ICMP Echo Reply packtes to the victim. 3. DoS attack.

Question 95

Attack types - Fraggle

Answer 95

1. Same as SMURF. 2. Uses UDP instead of ICMP protocol.

Question 96

DDOS

Answer 96

Distributed Denial of Service: 1. Committing resources on a computer so that it cannot respond to valid requests. 2. Can be distributed and amplified by using other systems to commit the attack - DDoD (Masters and Zombies and Handler Systems).

Question 97

DDoS - Handlers and Zombies

Answer 97

Comprise BotNet. Common DDoS attacks are Tribal, trin00 and TFN.

Question 98

DDoS Countermeasures

Answer 98

1. Drop all ICMP packets originating from the Internet. 2. Drop any requests to broadcast addresses. 3. Ingress filtering: do not allow packets to leave with external source addresses.

Question 99

Salami Attack

Answer 99

Taking insignificant pieces of data, say pennies, from a user’s bank account and moving them to the attacker’s account.

Question 100

Session Hijacking and Man in the Middle (MITM)

Answer 100

Capturing a session just prior to the user signing off an attacker could use the existing credentials to continue accessing and altering data.

Question 101

Artificial Intelligence - Expert Systems

Answer 101

1. A computer program containing a knowledge base and set of algorithms and rules. 2. Used to infer new facts from existing knowledge and incoming data. 3. Uses AI to mimic human logic. 4. Data is collected from human experts and stored in a dbase-collected data is used for problem solving and best when working with a limited domain of data.

Question 102

AI - Inference Engine - Rule-based programming

Answer 102

1. Rules are based on “if - then” logic units. 2. This specifics a set of actions to be performed for a given situation. 3. Uses human logic.

Question 103

AI - Inference Engine

Answer 103

1. The engine matches facts against patterns and determines which rules are applicable. 2. The engine can find patterns not obvious to humans and then it can apply human logic.

Question 104

Artifical Neural Networks

Answer 104

1. Electronic model based on the neural structure of the brain. 2. ANN systems have: a. the ability to remember and learn from new experiences b. the capacity to generalize. 3. Decisions by neural networks are only as good as the experiences they are given.