Ovido
Language
  • English
  • Spanish
  • French
  • Portuguese
  • German
  • Italian
  • Dutch
  • Swedish
Text
  • Uppercase

User

  • Log in
  • Create account
  • Upgrade to Premium
Ovido
  • Home
  • Log in
  • Create account

6076 Classification and Prioritization

Explain what STRIDE is in the threat classifactionnsystem

1. **STRIDE:**
is a threat modeling framework used to identify different types of security threats in a system.


- S - Spoofing of identity

- T - Tampering with data

- R - Repudiation (denying involvement in an action)

- I - Information disclosure

- D - Denial of service

- E - Elevation of privilege


It helps developers and security professionals analyze and address potential threats during the design phase of software development.




In summary, STRIDE is a threat modeling framework,

What is CWE Common Weakness Enumeration in the threat classification system

CWE (Common Weakness Enumeration):**
is a community-driven list of common software and hardware weaknesses.


A formal list of weaknesses


A generic flaw that can lead to a uniqe vulnerability or exposure


It provides a common language for identifying, mitigating, and preventing security vulnerabilities.


- **Purpose:** CWE helps developers, testers, and security professionals communicate about security issues and establish a baseline for improving software security.



In summary, CWE identifies weaknesses in software and hardware,

what is Common Vulnerability Scoring System (CVSS) in the threat classification system

CVSS (Common Vulnerability Scoring System)
-is a framework for rating the severity of security vulnerabilities.


It provides a standardized method to assess and communicate the characteristics of vulnerabilities.


- **Purpose:** CVSS scores help organizations prioritize and respond to security vulnerabilities based on factors such as exploitability, impact, and ease of remediation.



In summary, CVSS offers a scoring system for assessing the severity of vulnerabilities.

what is Common Vulnrability and Exposure(CVE) in the threat Classification System

CVE (Common Vulnerabilities and Exposures):
is a dictionary of publicly known information security vulnerabilities and exposures.


its a unique instance of weakness(flaw) that can be used to access a systenm or network


• Purpose: Each CVE entry includes a unique identifier, a description of the vulnerability, and references for further information.


It facilitates the sharing of data across separate vulnerability databases and security tools.




In summary,, CVE provides a standardized naming system for vulnerabilities,

In order to be considered a vulnurability what 4 things must be present

it must :
▪ Allow an attacker to execute a command as

another user

▪ Allow an attacker access to data that is contrary to the specified access restrictions

▪ Allow an attacker to pose as another entry

▪ Allow an attacker to conduct a DoS attack

What is expousure In terms of network security

An exposure is a configuration issue or mistake in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network

▪ it Doesn’t directly allow compromise, but could be an important component of an attack

▪ it can be considered violations of a reasonable security policy

▪ it Is a primary point of entry that an attacker may attempt to use to gain access to the system or data

▪ it Allows attacker to conduct information gathering activities

▪ it Allows an attacker to hide their activities

What is Common Platform Enumeration CPE

Common Platform Enumeration (CPE) is a standardized method for describing and identifying software, hardware, and operating systems in a consistent and structured way.


It provides a common language for specifying product names, versions, and other attributes, making it easier for security professionals, vendors, and systems administrators to communicate about specific IT entities.


CPE is typically used in the context of the Common Vulnerabilities and Exposures (CVE) system, where it helps to uniquely identify and categorize vulnerabilities across different platforms.

what is the relationship between CWE and CVE

A Common Weakness Enumeration CWE will have many CVEs
▪ Common Vulnerability and ExposqurevCVEs relate to a specific vulnerability under the

same CWE umbrella

▪A Common Platform Enumeration CPEs are there to ensure the correct platform is listed in the CVE information

STRIDE is a threat classification system developed by Microsoft, explain the accronym

Spoofing Vulnerabilities
▪ Allows an attacker to impersonate another user


Tampering Vulnerabilities

▪ Involves an attacker changing data they shouldn’t have access to


Repudiation Vulnerabilities

▪ Allows the attacker to deny they performed a given action ▪ Who did the damage?


Information Disclosure Vulnerabilities

▪ Involves an attacker being able to read data they shouldn’t have access to


Denial of Service Attack Vulnerabilities

▪ Prevents valid users from accessing the application


Elevation of Privilege Vulnerabilities

▪ Allows attackers to perform actions they shouldn’t be able to perform

▪ Actions with higher privileges, such as those of an administrator

Explain the Severity ratings of the Common Vulnerability Scoring System

Severity Ratings:
▪ None (0)

▪ Low (01-3.9)

▪ Medium (4.0-6.9)

▪ High (7.0-8.9)

▪ Critical (9.0-10.0)

What is Open Web Application Security (OWASP)

It is a Non-for-profit charitable organization

The purpose of Open Web Application Security (OWASP) is to improve the security of software. It provides resources, tools, and guidelines to help organizations develop and maintain secure web applications, identifying and addressing common security risks and vulnerabilities.

Are Firewalls alone very effective defence against attackersc

Firewalls alone are an ineffective defense for attacks against web applications

most companies spend much more resources on network defense, than on building or configuring their web applications properly

According to OWASP, list the 10 most dangerous Risks

Injection
A1 Injection flaws, such as SQL, NoSQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query.


The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.


A2:Broken Authentication

Application functions related to authentication and session management are often implemented incorrectly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities temporarily or permanently.


A3:Sensitive Data Exposure

Many web applications and APIs do not properly protect sensitive data, such as financial, healthcare, and PII.


Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft, or other crimes. Sensitive data may be compromised without extra protection, such as encryption at rest or in transit, and requires special precautions when exchanged with the browser.


A4:XML External Entities (XXE)

Many older or poorly configured XML processors evaluate external entity references within XML documents. External entities can be used to disclose internal files using the file URI handler, internal file shares, internal port scanning, remote code execution, and denial of service attacks.



A5:Broken Access Control

Restrictions on what authenticated users are allowed to do are often not properly enforced. Attackers can exploit these flaws to access unauthorized functionality and/or data, such as access other users’ accounts, view sensitive files, modify other users’ data, change access rights, etc.


A6:Security Misconfiguration

Security misconfiguration is the most commonly seen issue. This is commonly a result of insecure default configurations, incomplete or ad hoc configurations, open cloud storage, misconfigured HTTP headers, and verbose error messages containing sensitive information.


Not only must all operating systems, frameworks, libraries, and applications be securely configured, but they must be patched/upgraded in a timely fashion.


A7:Cross-Site Scripting (XSS)

XSS flaws occur whenever an application includes untrusted data in a new web page without proper validation or escaping, or updates an existing web page with user-supplied data using a browser API that can create HTML or JavaScript. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.


A8: Insecure Deserialization

Insecure deserialization often leads to remote code execution. Even if deserialization flaws do not result in remote code execution, they can be used to perform attacks, including replay attacks, injection attacks, and privilege escalation attacks.


A9:Using Components with Known Vulnerabilities

Components, such as libraries, frameworks, and other software modules, run with the same privileges as the application. If a vulnerable component is exploited, such an attack can facilitate serious data loss or server takeover. Applications and APIs using components with known vulnerabilities may undermine application defenses and enable various attacks and impacts.


A10:Insufficient Logging & Monitoring

Insufficient logging and monitoring, coupled with missing or ineffective integration with incident response, allows attackers to further attack systems, maintain persistence, pivot to more systems, and tamper, extract, or destroy data. Most breach studies show time to detect a breach is over 200 days, typically detected by external parties rather than internal processes or monitoring.

List 4 Web Application Security Risks

Threat Agents
Where will these attacks originate?


Exploitability

How easy is it to perform the attack?


Weakness Prevalence

How Common is the weakness?


Weakness Detectability

How easy is it to detect the weakness?

list 5 Technical skills which threat agents posses

▪ Security penetration skills
▪ Network and programming skills

▪ Advanced computer user

▪ Some technical skills

▪ No technical skills

list 3 things which motivate threat agents

Low or no reward
Possible reward

High reward

what resources and opportunities are required fot threat agents to find and exploit vulnerabilites

Full access or expensive resources required
Special access or resources required

Some access or resources required

No access or resources required

list 4 category of people who are a part of the the threat agent group

▪ Developers
▪ System administrators

▪ Intranet users

▪ Partners

▪ Authenticated users

▪ Anonymous Internet users

list 4 technical impacts of web application security risks

Technical Impacts looks at How severe will the attack be on the infrastructure

Loss of confidentiality

▪ How much data could be disclosed and how sensitive is it


Loss of integrity

▪ How much data could be corrupted and how damaged is it


Loss of availability

▪ How much service could be lost and how vital is it


Loss of accountability

▪ Are the threat agents' actions traceable to an individual

list 4 business impact of web application security risks

Financial damage
▪ How much financial damage will result from an exploit


Reputation damage

▪ Would an exploit result in reputation damage that would harm the business


Non-compliance

▪ How much exposure does non-compliance introduce


Privacy violation


▪ How much personally identifiable information could be disclosed

list and explain the 3 primary defense approaches in respect to Web Application security issues

Input Validation
-- Never trust the user


Access / Attack Surface Reduction

----Don’t give users access to functionality they don’t need,

---- don’t enable functionality that isn’t needed


Classification and Prioritization of Threats

----Know which risks are most relevant to your organization and focus your attention on them

explain the 2 primary types of Input Validation

Blacklist Validation
---- Involves listing out all the input that should not come from a user, then blocking it


Whitelist Validation

--- Involves listing out the input that should come from a user, then allowing it

list the Chalenges which are associated with blacklisting

It is extremely difficult to anticipate everything that should be blocked, especially when you take character encoding into account

All the following inputs reference the same page:

▪ my page.html

▪ My Page.html

▪ MY PAGE.html

▪ my%20PAGE.html

What are the challenges associated with blacklising

It is extremely difficult to anticipate everything that should be blocked, especially when you take character encoding into account

All the following inputs reference the same page:

▪ my page.html

▪ My Page.html

▪ MY PAGE.html

▪ my%20PAGE.html

what are some of tne difficulties associatedwith white list validation

You need to make sure you have whitelisted every potentially valid inputs

Not all valid inputs are easy to define

Usernames, email addresses, etc.


Regular expressions can be used to handle more complicated input validation

-Can be difficult to write

- You can use tools such as Regex Buddy or Regex Magic

Explain the term Attack surface Reduction

Attack Surface Reduction, Involves controlling the code and functionality users can access
▪ If a user doesn’t need access to a feature don’t give it to them

▪ You can allow users to opt into additional functionality as they need it


A non web application example of this would be current versions of Windows Server

- You add roles and features as needed

Explain the purpose of logging and Detection

Ithere shoould be central log server in place

The logs of the following must be reviewed for suspicious activity

--Network Intrusion Detection Systems

-- Firewall / Network Security Appliance

-- Host-Based Intrusion Detection Systems

--OSSEC- this an open-source host-based intrusion detection system which uses “networking stings” to detect suspicious or malicious activity on a network.


logs must be kept for a minimum of 90 days

Quiz
words
12 eisen requirements
Frans blokje B
antibiotici
Ten Principles of Economics
elements
Civil Aviation Regulations
PSYC 105 midterm 1
HHA II Midterm
hkk
Theory test
Bioenergetics, Glycolysis, Krebs cycle+ Electron Transport chain- Biochemistry Semester 2
Social Studies
Spiritualiteit les 5
6076 Document object model
La découverte du nouveau monde
Koine Greek Participle of ειμι
Frans blokje A
Synonyms
Gen Info
mark up languages
Advanced accounts
Populära barnspel
Semaine 5 (options)
Pathologie neuro
8
j ljudet 6
french test #1
Atomic Structure Flashcards - Part 1
Organisms
Spiritualiteit les 4
week 6
f
AQA geography birmigham case study
Spiritualiteit lesdag 3
Jake
Taktik
santé motricité physio respiratoire
Begrepp
ALLEMAND2
TNTT
Spiritualiteit les 2
Knowledge Test NJ - Primary
Semaine 5 (type)
Spanish Vocab Test 4
General Equilibrium Teory - DeSerpa
2.2 Mes passions à moi
espagnolo facil
america latina
....1