Chapter 15 - Building a Security Assessment and Testing Program

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

3 major components of a security assessment program

1. Security Tests 2. Security Assessments 3. Security Audits

Generational fuzzing

A form of fuzzing that develops inputs based on models of expected inputs to perform the same task. This is also sometimes called intelligent fuzzing.

Mutation fuzzing

A form of fuzzing that modifies known inputs to generate synthetic inputs that may trigger unexpected behavior. Aka dumb fuzzing.

Misuse Case Testing

A process used by software testers to evaluate the vulnerability of their software to known risks. Testers first enumerate the known misuse cases and then attempt to exploit those use cases with manual and/or automated attack techniques. Aka abuse case testing.

Authenticated scan

A security scanner is granted authenticated read‐only access to the servers being scanned (typically via a user account) and can use this access to read configuration information from the target system and use that information when analyzing vulnerability testing results.

Fuzz Testing

A specialized dynamic testing technique that provides many different types of input to software to stress its limits and find previously undetected flaws. Fuzz testing software supplies invalid input to the software, either randomly generated or specially crafted to trigger known software vulnerabilities. The fuzz tester then monitors the performance of the application, watching for software crashes, buffer overflows, or other undesirable and/or unpredictable outcomes. zzuf tool can be utilized to perform fuzz testing

Vulnerability scan

A test performed on a system to find weaknesses in the security infrastructure. Vulnerability scans automatically probe systems, applications, and networks looking for weaknesses that may be exploited by an attacker. The scanning tools used in these tests provide quick point‐and‐click tests that perform otherwise tedious tasks without requiring manual intervention. Three types 1. Network discovery scans - NMAP 2. Network vulnerability scans - false positive/false negative. Nessus. 3. Web application vulnerability scan - Nessus.

Penetration test

An activity used to test the strength and effectiveness of deployed security measures with an authorized attempted intrusion attack. Penetration testing should be performed only with the consent and knowledge of the management staff. Common tool is Metasploit. 3 Types 1. White Box, Full-Knowledge 2. Gray Box, Partial-Knowledge 3. Black Box, Zero-Knowledge

Security Assessments

Comprehensive reviews of the security of a system, application, or other tested environment. During a security assessment, a trained information security professional performs a risk assessment that identifies vulnerabilities in the tested environment that may allow a compromise and makes recommendations for remediation, as needed.

Code Review

Developers other than the one who wrote the code review it for defects. Most common is Fagan inspections. Six steps 1. Planning 2. Overview 3. Preparation 4. Inspection 5. Rework 6. Follow-up

Dynamic Testing

Evaluates the security of software in a runtime environment and is often the only option for organizations deploying applications written by someone else.

Static Testing

Evaluates the security of software without running it by analyzing either the source code or the compiled application.

Security Audits

Evaluations performed with the purpose of demonstrating the effectiveness of controls to a third party. Security audits use many of the same techniques followed during security assessments but must be performed by independent auditors. The staff members who design, implement and monitor controls for an organization have an inherent conflict of interest when evaluating the effectiveness of those controls.

Ports

FTP 21 SSH 22 Telnet 23 SMTP 25 DNS 53 HTTP 80 POP3 110 NTP 123 HTTPS 443 Microsoft SQL Server 1433 Oracle 1521 H.323 1720 PPTP 1723 RDP 3389

Interface testing

Interface testing assesses the performance of modules against the interface specifications to ensure that they will work together properly when all of the development efforts are complete. 3 types of interfaces should be tested 1. Application Programming Interfaces (APIs) 2. User Interfaces (UIs) - GUI and Command Line 3. Physical Interfaces

Internal audits

Performed by an organization's internal audit staff and are typically intended for internal audiences

External audits

Performed by an outside auditing firm

Security Tests

Security tests verify that a control is functioning properly. These tests include automated scans, tool‐assisted penetration tests, and manual attempts to undermine security. Security testing should take place on a regular schedule, with attention paid to each of the key security controls protecting an organization.

Bit flipping

The activity of changing a bit to its opposite value. A technique commonly used in fuzzing to slightly modify input data.

Test Coverage Analysis

Used to estimate the degree of testing conducted against the new software


Kaugnay na mga set ng pag-aaral

Chapter 4 Drawing & Specificactions

View Set

Self & Impression Management Concept Quiz

View Set

MKTG 351: Test 2 Review - Chapter 10

View Set