







Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
C706Secure Software Design Study Guide Rated A+.docx
Typology: Exams
1 / 13
This page cannot be seen from the preview
Don't miss anything!
Confidentiality - ✔Information is not made available or disclosed to unauthorized individuals, entities, or processes. Ensures unauthorized persons are not able to read private and sensitive data. It is achieved through cryptography. Integrity - ✔️Ensures unauthorized persons or channels are not able to modify the data. It is accomplished through the use of a message digest or digital signatures. Availability - ✔️The computing systems used to store and process information, the security controls used to protect information, and the communication channels used to access information must be functioning correctly. Ensures system remains operational even in the event of a failure or an attack. It is achieved by providing redundancy or fault tolerance for a failure of a system and its components. Ensure Confidentiality - ✔️Public Key Infrastructure (PKI) and Cryptography/Encryption Ensure Availability - ✔️Offsite back-up and Redundancy Ensure Integrity - ✔️Hashing, Message Digest (MD5), non repudiation and digital signatures Software Architect - ✔️Moves analysis to implementation and analyzes the requirements and use cases as activities to perform as part of the development process; can also develop class diagrams. Security Practitioner Roles - ✔️Release Manager, Architect, Developer, Business Analyst/Project Manager Release Manager - ✔️Deployment Architect - ✔️Design Developer - ✔️Coding Business Analyst/Project Manager - ✔️Requirements Gathering Red Team - ✔️Teams of people familiar with the infrastructure of the company and the languages of the software being developed. Their mission is to kill the system as the developers build it.
Static Analysis - ✔️A method of computer program debugging that is done by examining the code without executing the program. The process provides an understanding of the code structure, and can help to ensure that the code adheres to industry standards. It's also referred as code review. MD5 Hash - ✔️A widely used hash function producing a 128-bit hash value. Initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption. SHA-256 (Secure Hash Algorithm) - ✔️One of a number of cryptographic hash functions. A cryptographic hash is like a signature for a text or a data file. Generates an almost-unique, fixed size 32-byte (32 X 8) hash. Hash is a one-way function - it cannot be decrypted. Advanced Encryption Standard (AES) - ✔️A symmetric encryption algorithm. The algorithm was developed by two Belgian cryptographers Joan Daemen and Vincent Rijmen. Designed to be efficient in both hardware and software, and supports a block length of 128 bits and key lengths of 128, 192, and 256 bits. Algorithms used to verify integrity - ✔️MD5 Hash, SHA- Algorithm used to verify confidentiality - ✔️Advanced Encryption Standard (AES) Stochastic - ✔️unintentional or accidental safety-relevant faults - ✔️stochastic (i.e., unintentional or accidental) security-relevant faults - ✔️"Sponsored," i.e., intentionally created and activated through conscious and intentional human agency. Fuzz Testing - ✔️Used to see if the system has solid exception handling to the input it receives. Is the use of malformed or random input into a system in order to intentionally produce failure. This is a very easy process of feeding garbage to the system when it expects a formatted input, and it is always a good idea to feed as much garbage as possible to an input field. Three (3) Tier - ✔️Removes the business logic from the client end of the system. It generally places the business logic on a separate server from the client. The data access portion of the system resides separately from both the client and the business logic platform. T-MAP - ✔️Defines a set of threat-relevant attributes for each layer or node. These can be classified as probability-relevant, size-of-loss relevant, or descriptive. These are primarily derived from Common Vulnerability Scoring System (CVSS). USC's Threat Modeling based on Attacking Path analysis is a risk management approach that quantifies total severity weights of relevant attacking paths for COTS-based
Kiviat Diagram - ✔️Provides a visual comparison of multiple attributes and can visualize and report the information on a single artifact based on monitored information. Identify the Assets - ✔️A threat model process that allows the company to identify the part that needs to be protected from unauthorized users. Agile Model - ✔️Describes a set of principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams. It promotes adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change. Supports the definition and continuing evolution of many software development methods, avoids life cycle activities, focuses on built-a- little, test-a-little and field-a-little. It also supports informal communication and Incremental design. Types of Vulnerability Mapping - ✔️Activity Diagram, Kiviat Diagram, Identify the Assets, Agile Model, V1, V2, V Agile attributes - ✔️Cyclical Process. Supports quick prototyping and limits the time spent thinking about the problem as a whole. Waterfall attributes - ✔️Similar to interactive model and main components are planning, development and deployment. Chrystal Clear attributes - ✔️Can be applied to teams of up to 6 or 8 co-located developers working on systems that are not life-critical. This family of methodologies focuses on efficiency and habitability as components of project safety. Focuses on people, not processes or artifacts. Roles may be filed by the same people, including a project manager and a business expert. Waterfall attributes - ✔️A sequential (non-iterative / Limited Interaction) design process, used in software development, in which progress is seen as flowing down through the phases of conception, initiation, analysis, design, construction, testing, production/implementation and maintenance. All the requirements will be specified in the first step, uses a document driven approach (large amount of documentation) and has specific and identifiable stages. It also provides a resource to entry level developers with limited exposure. Waterfall Methodology Security concerns - ✔️Requirement Analysis: Define Security Features Design: Misuse cases and vulnerability mapping Construction and Implementation: Secure Coding practices Testing: Penetration Assessment Installation: Final Security Review Operation or Maintenance: Periodic security review and updates
Digital Signature - ✔️A mathematical scheme for demonstrating the authenticity of a message or document. Gives a recipient reason to believe that the message was created by a known sender, that the sender cannot deny having sent the message (authentication and non-repudiation), and that the message was not altered in transit (integrity). It also can be used as proof of approval by an authorized user. Redundancy - ✔️The existence of data that is additional to the actual data and permits correction of errors in stored or transmitted data. The additional data can be simply a complete copy of the actual data, or only select pieces of data that allow detection of errors and reconstruction of lost or damaged data up to a certain level. This will make sure that all data will always be available, the data will not be lost and it will be stored at a another location for failover reasons. Hashing: - ✔️The process of using an algorithm for verifying the integrity or authenticity of a computer file. This can be done by comparing two files bit-by-bit, but requires two copies of the same file, and may miss systematic corruptions which might occur to both files. A more popular approach is to also store checksums (message digests) of files for later comparison. Software Assurance - ✔️Ensures that the processes, procedures, and products used to produce and sustain the software conform to all requirements and standards specified to govern those processes, procedures, and products. This can be also used to make sure that any web application meets the requirements of what it was designed to do and accessible to all that are authorized whether in the office or at a remote location. Sandboxing, isolating trusted processes, and proper handling of errors and exceptions - ✔️Help secure a system in a high risk environment where the system is prone to attack. DOS or DDOS - ✔️A common web server attack in which unsolicited TCP requests overwhelm the web servers' resources and make it unavailable. SQL SELECT query command - ✔️Can allow an attacker to access tables within that particular database without requiring elevated and/or administrator permissions and jeopardizing the structure and relevance of the data that the database contains. Scrub all input of malicious code - ✔️One method of disallowing a SQL injection attack when handling user fields in a web from that reads or write to a database. Characterize the system, view the system as an adversary - ✔️The two steps of the threat model that data flow approaches. accessing ports that are not secured and/or locked down, the exploitation of default passwords - ✔️The two attacks that can affect both the operating system and databases.
Tampering with Data - ✔️Users can potentially change data delivered to them, return it, and thereby potentially manipulate client-side validation, GET and POST results, cookies, HTTP headers, and so forth. The application should not send data to the user, such as interest rates or periods, which are obtainable only from within the application itself. The application should also carefully check data received from the user and validate that it is sane and applicable before storing or using it. Repudiation - ✔️Users may dispute transactions if there is insufficient auditing or record keeping of their activity. For example, if a user says, "But I didn't transfer any money to this external account!", and you cannot track his/her activities through the application, then it is extremely likely that the transaction will have to be written off as a loss. Therefore, consider if the application requires controls such as web access logs, audit trails at each tier, or the same user context from top to bottom. Preferably, the application should run with the user's privileges, not more, but this may not be possible with many off-the-shelf application frameworks. Information Disclosure - ✔️Users are wary of submitting private details to a system. If it is possible for an attacker to publicly reveal user data whether anonymously or as an authorized user, there will be an immediate loss of confidence and a substantial period of reputation loss. Applications must include strong controls to prevent user ID tampering and abuse, particularly if they use a single context to run the entire application. Consider if the web browser may leak information. Some web browsers may ignore the no caching directives in HTTP headers or handle them incorrectly. Every secure application has a responsibility to minimize the amount of information stored by the web browser, just in case it leaks or leaves information behind. In implementing persistent values, the use of hidden fields is insecure by nature. Such storage should not be relied on to secure sensitive information or to provide adequate personal privacy safeguards. Denial of Service - ✔️The use of expensive resources such as large files, complex calculations, heavy-duty searches, or long queries should be reserved for authenticated and authorized users. For applications that do not have this luxury, every facet of the application should be engineered to perform as little work as possible, to use fast and few database queries, to avoid exposing large files or unique links per user, in order to prevent simple attacks. Elevation of Privilege - ✔️If an application provides distinct user and administrative roles, then it is vital to ensure that the user cannot move to a higher role. Not displaying administrative role links is insufficient. All actions should be gated through an authorization matrix, to ensure that only the permitted roles can access administrative functionality. DREAD categories - ✔️Damage, Reproducibility, Exploitability/Vulnerability, Affected users, Discoverability
DREAD - ✔️Part of a system for risk-assessing computer security threats previously used at Microsoft and currently used by OpenStack and many other corporations. It provides a mnemonic for risk rating security threats using five categories. DREAD - Damage - ✔️How bad would an attack be? Ranks the extent of harm that occurs if a vulnerability is exploited. DREAD - Reproducibility - ✔️How easy is it to recreate the attack? Ranks how often an attempt at exploiting a vulnerability really works DREAD - Exploitability/Vulnerability - ✔️How much work is it to launch the attack? Measures the effort required to launch the attack. DREAD - Affected users - ✔️how many people will be impacted? Measures the number of installed instances of the system affected by an exploit. DREAD - Discoverability - ✔️How easy is it to uncover the threat? States the likelihood that a vulnerability will be found by security researchers or hackers. DREAD threat assessment - ✔️Each category is given a rating on probability and damage potential. For example, 3 for high, 2 for medium, 1 for low and 0 for none. (Rating scales running from 0 to 10 are common) The sum of all ratings for a given exploit can be used to prioritize among different exploits. Threat Model - ✔️A diagram and description that tells a story of how an attacker could exploit the vulnerability. This is not a step by step process, but a narrative approach to the attack that should help guide the mitigation techniques that need to be put in place to protect the system. It defines the security of an application and reduces the number of vulnerabilities. It has the 2 steps of identifying and prioritizing vulnerabilities. Sequence Diagram - ✔️A detailed breakdown of the communication that will occur between actors and system objects or components. Bridges the gap between the business analysis and the development analysis; this can be considered a business or development description of system functionality. SDLC Management Control Domains - ✔️Planning / Organization, Acquisition / Implementation, Delivery and Support, Monitoring Planning / Organization - ✔️Project Definition, User Requirements Definition and Systems Requirement Definition Acquisition / Implementation - ✔️User Requirements Definition, System Requirement Definition, Analysis and Design and System Build / Prototype / Pilot
Earned Value Management: SV - ✔️Scheduled Variance Earned Value Management: CV - ✔️Cost Variance SV equation - ✔️BCWP - BCWS CV equation - ✔️BCWP - ACWP Earned Value Management: ACWP - ✔️Actual Cost of Work Performed Steps in the Work Breakdown Structure (WBS): - ✔️1) Examine the set of required external deliverables.
Organizational environment for integration Capability Maturity Model Integration (CMMI) levels: ML2 - ✔️Requirements management, Project planning, Project monitoring and control, Supplier agreement management, Measurement and analysis, Process and product quality assurance, Configuration management NONE - ✔️Capability Maturity Model Integration (CMMI) levels: ML The Processes areas of CMMI: Project Management - ✔️1) Project Planning
Quality Assurance - ✔️Refers to all activities designed to measure and improve a product , including the whole process, training, preparation of the team, and activities associated with customer feedback.