Week 2 Classification of Attacks, Software Weapons and Social Engineering

Question 1

What is secure coding and why is it important?

Answer 1

Secure coding, also referred to as secure programming, involves writing code in a high-level language that follows strict principles, with the goal of preventing potential vulnerabilities

More and more financial transactions are also moving online. Security incidents often originate deep in an application’s underlying software and can have serious consequences for businesses and individuals alike. Insecure code in important industries (e.g., finance, healthcare, energy, and transport) could result in financial and property damages, market manipulation and theft, even physical harm and fatalities.

Question 2

What are the three axes of classifcation of possible attacks?

Answer 2

• the state of the asset,
• the type of assurance the asset offers,
• and the type of vulnerability necessary for an attack to be carried out.

Question 3

What are the attacks on the CIA Triad called?

Answer 3

DAD
Disclosure
Alteration
Denial

Question 4

What does STRIDE mean?

Answer 4

Spoofing
Tampering
Repudiation
Information disclosure
Denial of Service
Elevation of Privelage

https://mylms.vossie.net/pluginfile.php/763792/mod_book/chapter/961633/image.png

Question 5

What are the information states?

Answer 5

Storage
Transmission
Processing

Question 6

What are the 7 layers of OSI

Answer 6

1. Physical
2. Data Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application

Question 7

The software weapons

Answer 7

• Adware
• Trojan
• Ransomware
• Back Door
• Virus
• SPAM
• Botware
• SEO