Chapter 8 - Application Security

Ace your homework & exams now with Quizwiz!

Why are security baselines needed for installing applications?

A complex series of actions is needed for any major application. This requires the checklist of a security baseline

On the testing server?

Developers get extensive permissions on the development server.

What permission does the developer have on the development server

Developers get extensive permissions on the development server.

On the production server?

Developers get no permissions on the production server

What may happen on a compromised computer if a user mistypes the host name in a URL?

Mistyping a URL may send a user to a malicious website, where hostile mobile code is waiting to attack your PC

What is a buffer?

a temporary storage area in memory

What three other web server protections were mentions in the text?

1) website vulnerbility assessment tools like Whisker 2) reading website error logs 3) using a webserver proxy in front of the webse

In staged development, what three severs do companies use?

A development server, a testing server, and a production server

What kinds of external access are needed for e-commerce?

An e-commerce server needs to have network access to a number of systems external to itself, including servers within firms (for order entry, accounting, shipping, and so forth) and servers outside the firm in merchant banks and companies that check credit card numbers for validity. The webmaster or e-commerce master often has no control over the security of other systems.

Why is it important minimize permission for application programs?

Application permissions must be minimized because if a hacker takes over an application, he or she can take over the entire host if the permissions are too great.

Why is application-level authentication superior to operating system authentication ?

Application-level authentication is superior because it requires the hacker to not only have an exploit, but also authenticated access to a server (versus just an exploit).

Why do attackers want to get domain name such as micosoft.com?

Common misspellings of legitimate websites will naturally draw users. Once at the site, the malicious websites can download mobile code to attack the PC.

Why are custom programs especially vulnerable?

Custom programs offer security through obscurity, but because they are often not programmed securely, hackers have automated tools that can find common exploits (such as buffer overflows) to allow them to attack the application.

Distinguish between WWW service and e-commerce service

E-commerce adds functionality to webservice

How can social engineering be used to trick a victim to go to a malicious website?

Hackers can send messages saying something bad (or good) has happened and directs you to a malicious website

Why must you know a server's role to know how to protect it?

Knowing what a server is meant to do allows you to determine what services must be kept on, and all others can be disallowed

Why may malware that allows an attackers to execute a single command on a user's computer not really be limited to executing a single command?

Malware that allows an attacker to execute a single command may be used to initiate another program that provides much greater PC access (such as a command shell)

Does the webmaster or e-commerce administrator have control over the security of other servers?

Neither the webmaster nor e-commerce administrator have control over the security of other systems outside their purview

What is PII ?

PII is Personally Identifiable Information (such as SSN, date of birth, address, etc.)

What can hackers gain by taking over application programs?

They get the privileges of the applications program they take over

Why is it important to minimize both main application and subsidiary application ?

The few applications you have, the fewer security risks there will be.

To where does the overwritten return address point?

The overwritten address will point to data in the buffer, which will actually be program/attack code that will be executed instead of legitimate code

On what server does the tester have access permission ?

The tester should only have access to the test servers.

What software must be patched on an e-commerce server?

The webserver, the e-commerce server, and subsidiary programs must all be up-to-date on their patches.

Why is patching applications more time consuming than patching operating systems?

There are many more applications compared to only one OS, and finding information about application vulnerabilities takes a lot of time

What is a buffer overflow attack?

an attack that writes data longer than the space allocated for it in the buffer

What is the most popular way for hackers to take over hosts?

by taking over an application with root privileges

What danger do cookies create?

can be used to track a user's activity, which could violate privacy. Cookies can also hold PII.

Why is the bad to go to a malicious website ?

can have attack scripts that automatically load an executable on a PC, which is bad.

What impacts can buffer overflows have ?

can rage from nothing to crashing of the server or the ability to execute any command on the server

What is extrusion prevention

certain information from leaving the company

Why is extrusion prevention needed for intellectual property?

it prevents the loss of trade secrets

why must PII prevented from leaving the firm

that must be prevented from leaving a firm in order to avoid lawsuits related to identify theft or credit card theft

In a stack overflow, what is overwritten by the overflow?

the return address in a stack is overwritten in a stack overflow

Why should cryptographic protection be used?

to prevent eavesdropping by unauthorized people

Where is an application proxy firewall placed relative to the webserver?

would be placed in front of the webserver, between the webserver and the border router.


Related study sets

Історія України (8 клас). Господарське життя

View Set