Module 5, Unit 4 - Secure Application Development
Which secure staging deployment environment is where the code from multiple developers is merged into a single master copy and subjected to a number of basic unit and functional tests?
Test/Integration
Most software development environments use a build server to maintain a repository of previous versions of the source code. When a developer commits new or changed code, the new source code is tagged with what?
Updated version number
Good programming practice dictates that input should be tested to ensure that it is _____.
Valid
In model verification the requirements model is tested using processes of V&V (Verification and Validation), of the two, which is the process of determining whether the application is fit-for-purpose, meaning that its design goals meet the user requirements?
Validation
In model verification the requirements model is tested using processes of V&V (Verification and Validation), of the two, which is a compliance testing process to ensure that the product or system meets its design goals?
Verification
A design flaw that can cause the application security system to be circumvented or that it will cause the application to crash.
Vulnerability
The SDLC (Software Development Lifecycle) devides the creation and maintenance of software into discrete phases. What are the two principal SDLC methodolgies?
Waterfall model and Agile development
What type of Fuzzer identifies input streams accepted by the application, such as input boxes, command line switches, or import/export functions?
Application UI
The purpose of the attacks against application or coding vulnerabilities, such as buffer overflows, is to allow the attacker to run their own code on the system. This is referred to as what?
Arbitrary code execution
What type of application auditing will analyze the system on which the application depends?
Architecture reivew
What type of buffer overflow attack loads an array with more a variables that an application expects, creating an exception that can be exploited?
Array Index Overflow
One of the design goals of a secure application should be to reduce the _____ ______.
Attack surface
What attack is where the attacker passes data that deliberately overfills the buffer that an application reserves to store the expected data?
Buffer Overflow Attack
Amongst other principles, Agile addresses the idea that resiliency is a better and more achievable goal than the elimination of faults. What is this principle referred to as?
Fail fast
What type of Fuzzer attempts to open files whose format has been manipulated perhaps manipulating specific features of the file?
File format
SDL (Security Development Lifecycle) is ran in parallel or is integrated with the focus on software _____ and _____.
Functionality, usability
A means of testing that an an application's input validation routines work well by generating a large amount of deliberatly invalid and/or random input, and then records the responses generated by the application.
Fuzzing
A technique designed to test software for bugs and vulnerabilities.
Fuzzing
Which DevOps approach is the principle that when deploying an application, the server instance supporting the application can be defined and provisioned through the software?
Infrastructure as Code
What type of Fuzzer transmits manipulated packets to the application, perhaps using unexpected values in the headers or payload?
Protocol
The process of deploying an application to the target environment.
Provisioning
A vulnerability that is typically found where multiple threads are attempting to write a variable or object at the same memory location.
Race Condition
In secure staging deployment, what code integrity validation concept requires that each development environment be segmented from the other, and no processes should be able to connect to anything outside the sandbox?
Sandboxing
What should be considered for an application to aid in preventing cross site style attacks?
Secure authentication and authorization
In secure staging deployment, what code integrity validation concept requires that each development environment should be built to the same specification, possibly using automated provisioning?
Secure baseline
What is it referred to when security considerations are accounted for at each phase?
Secure development
Which DevOps approach is the concept of scripted or programmed infrastructure that can also be applied to security infrastructure?
Security automation
The code library that intercepts and redirects calls to enable lacy mode functionality is called what?
Shim
An attack that target a vulnerability in OS or application software.
Software Exploitation
What is it referred to when the current procedure cannot continue?
Exception
Agile development principles can also be applied to system administration/operations tasks known as what?
Agile operations
The process of removing an application from packages or instances.
Deprovisioning
Each procedure can have multiple error handlers, and will be able to with anticipated errors and exceptions. What else should there be included in order to deal with the unexpected
Catch-all handler
What does software version control support for software development projects?
Change management process
An attack where what the user sees and trusts as a web application with some sort of login page or form that contains a malicious layer or invisible iFrame that allows an attacker to intercept or redirect user input.
Clickjacking
Which code developing process uses a block of code from elsewhere in the same application or from another application to perform a different function?
Code reuse
What type of application auditing is an in-depth examination of the way the application is written to ensure that it is well written and does not expose the application to known input validation or injection attacks?
Code review
A well-written application must be able to handle _____ and _____ "gracefully".
Errors, exceptions
Human analysis of software code is described as what?
Code review or manual peer review
The principal means of proving the authenticity and integrity of code, where the developer creates a cryptographic hash of the file then signs the hash using their private key.
Code signing
What attack attempts to run OS shell commands from the browser?
Command injection
A runtime environment will use one of two approaches to execution on a host system. What are the two approaches?
Compiled code is converted to machine language for target OS or packaged interpreted code that uses an interpreter on any OS
What If a target site assumes a browser is authenticated because there is a valid session cookie, and does not perform any additional authorization process on the attacker's input, it will accept the input as genuine. This is known as what?
Confused deputy attack
The principle stating that developers should commit updates often, which reduces the chances of two developers spending days of time on code changes that are then found to conflict with one another.
Continuous integration
A binary package that implements some sort of standard functionality, such as establishing a network connection or performing cryptography.
DLL (Dynamic Link Library)
What attack is not a vulnerability of an application, but of the way the OS allows on process to attack to another and then force it to load a malicious link library?
DLL Injection
A fault that allows privileged information to be read without being subjected to the appropriate access controls.
Data exposure
A part of application source code that can never be executed, and should be removed from the application to forestall the possibility that it could be miused in some way.
Dead code
What type of application auditing will ensure that security is one of the requirements for the application?
Design review
A model that bridges the collaboration between development and operations (developers and system administrators).
DevOps
Which secure staging deployment environment is where the code will be hosted on a secure server, each developer will check out a portion of the code for editing on their local machine, and the local machine is normally configured with a sandbox for local testing?
Development
Another common input validation attack where an attacker submits a request for a file outside the web server's root directory by using the command to navigate to the parent directory (../).
Directory traversal
What is it referred to when an application is tested under "real world" conditions, using a staging environment?
Dynamic analysis
The best known HTTP header manipulation attack is what?
HTTP Response Splitting or CRLF Injection
Ideally, the programmer will have written an error or exception _____ to dictate what the application should then do.
Handler
Some applications may use headers to encode some user data. An attackers could try to inject code to perform a malicious action on the target server or client if the web application does not process the header correctly. This is known as what?
Header Manipulation
What type of buffer overflow attack takes place in an area of memory that is allocated by the application during execution to store a variable of some sort, where the attacker can overwrite the stored variables with unexpected effects?
Heap Overflow
Which DevOps approach first strictly divides data from the components processing data?
Immutable infrastructure
The main goal must be for the application not to fail in a way that will allow an attacker to execute code or perform what?
Injection attack
What should be enough to defeat most cross site style attacks?
Input validation
What attack passes invalid data to the application and because the error handling on the routine is inadequate, it causes the application or even the OS to behave unusually, such as the application or OS crashing or the attacker is able to execute code on the system?
Input validation attack
What are some of the most important coding practices?
Input validation, error handling, and proper authentication and authorization of sessions
The OS and applications might be defined as a single _____ for deployment on a virtualized platform.
Instance
What type of attack causes the target software to calculate a value that exceeds the upper and lower bounds by the Integer data type?
Integer Overflow
In secure staging deployment, what code integrity validation concept is a process that determines whether the development environment has varied from a secure baseline?
Integrity measurement
The Agile development SDLC methodology flips the waterfall model by making each phase run concurrently on smaller modules of code or sub-projects. The piecemeal approach can react to change better but has disadvantages. What are the disadvantages?
Lacks overall focus and cam become open-ended
The main issue with client-side validation is that the client will always be more vulnerable to some sort of _____ interfering with the validation process.
Malware
If program code does not release a block memory once a process is done using it can cause the system to crash. What is this called?
Memory Leak
Many arbitrary code attacks depend on the target application having ____ _____ procedures
Memory managment
An attack where the web browser is compromised by installing malicious plug-in scripts or intercepting API calls between the browser process and DLLs.
MitB (Man in the Browser)
The process of stripping a sting of illegal characters or substrings, and is the converted to the accepted character set.
Normalization
Where an application accepts string input, the input should be subjected to _____ procedures before being accepted.
Normalization
Code can be made difficult to analyze by using an _____ that randomizes the names of variables, constants, functions, and procedures, as well as removing comments and white space, and the performs other operations to make the complied code physically and mentally difficult to read and follow.
Obfuscator
An enterprise provisioning manager might assemble multiple applications in a ______.
Package
The waterfall method identifies phases, and each phase must be completed and signed off before the next phase can begin, which makes it hard to go back and make changes to the original specification. What are the different phases this SDLC methodology identify?
Planning, requirements analysis, design, implementation, testing, deployment and maintenance
A pointer is a reference to an object at a particular memory location - attempting to access the memory address for a pointer is called dereferencing. If a pointer is set to a NULL value it will cause the application to crash. What type of attack is this?
Pointer Dereferencing
If a software exploit works, the attacker may be able to execute their own processes with the same privilege level as the exploited process. What is this known as?
Privilege escalation
Which secure staging deployment environment is where the application is released to the end user?
Production
______ means that the code performs the same function but using different methods, which can also mean that the Anti-Virus software may no longer identify malware by its signature.
Refactoring
When code is transmitted from on machine to another, it is sometimes referred to as what?
Remote code execution
Cookies are used to establish sessions in an application or for user authentication, which are often generated using predictable patterns. This makes them vulnerable to what type of attack?
Replay
For functional testing, code must be executed in what type of environment in order to be fully tested?
Runtime environment
Which code developing element is a programming environment that is used to create the software and may provide sample code or libraries, or pre-built functions?
SDK (Software Development Kit)
An attack that attempts to insert an SQL query as part of user input that can either exploit poor input validation or unpatched vulnerabilities in a database application.
SQL Injection
An ID system that is used for each iteration of a software product.
Software version control
What type of buffer overflow attack takes place in an area of memory used by a program subroutine that includes a return address for the program that called it, where the attacker can change the return address allowing them to run arbitrary code on the system?
Stack Overflow
Which secure staging deployment environment is a mirror of the production environment but may use only test or sample data and will have additional access controls so that it is only accessible to test users?
Staging
What type of code analysis is performed against application before it is packaged as an executable process?
Static code analysis
A XSS attack that attempts to implement a malicious link in a trusted site is known as a reflected or non-persistent XSS attack. An XSS attack that aims to insert code into a back-end database used by a trusted site is known as what?
Stored or persistent XSS attack
A part of a database that executes a custom query.
Stored procedure
What is associated with fuzzing where an application is tested to see how it performs under extreme performance or usage scenarios?
Stress testing
When an application is complied, what does the compiler test?
The code is well-formed
Which code developing element is a binary package that implements some sort of standard functionality, such as establishing a network connection or performing cryptography?
Third-party library
The main issue with server-side validation is that it can be more _____, as it may involve multiple transactions between the server and client.
Time-comsuming
The problem of authorizing a request for a service that depends on an intermediate service.
Transitive access
An attack that is fundamentally the same as an SQL injection attack, except it is targeted against web servers using XML applications rather than SQL.
XML Injection
What attack can exploit applications that use cookies to authenticate users and track sessions?
XSRF (Cross-Site Request Forgery)
On of the most powerful input validation exploits that involves a trusted site, a client browsing the trusted site and the attacker's site, where the attacker identifies an input validation vulnerability in a trusted site, then crafts a URL to perform a code injection against the trusted site, when the user clicks on the link the trusted site returns a page containing the malicious code, which could be used to deface the trusted site, steal data from the user's cookies, try to intercept information entered into a form, or try to install malware.
XSS (Cross-Site Scripting)
A vulnerability that is exploited before the developer knows about it or can release a patch.
Zero Day Attack
Input could include user data entered into a form or URLs passed by another application or link. To reduce the attack surface all input methods should be documented and any input must be ______ and anything that does not conform to what is required must be _____.
checked, rejected