1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities

  • Attack types:

  • XML attack: WAF; disable external entities; input validation; sensitive data not serialised

  • SQL injection: WAF; input sanitisation; least privilege restrictions for databases

  • Overflow attack:

    • Buffer: ASLR/DEP; NX bit; use secure functions; higher-level languages; input validation

    • Integer: range checking; prefer unsigned integers; use safer code implementations

    • Heap: higher-level languages; input validation; safe compilers; patching

  • Remote code execution: avoid using user input inside evaluated code; strict file upload extensions etc.

  • Directory traversal: ensure user cannot supply entire file path; accept known-good input

  • Privilege escalation: avoid using administrative privileges; separate privilege areas

  • Password spraying: MFA; strong passwords; user training; logging/monitoring

  • Credential stuffing: MFA; CAPTCHA; unpredictable usernames; check against leaks

  • Impersonation: use of session identifiers; packet filtering; DAI; encrypted protocols

  • Man-in-the-middle attack: session encryption; ensure only valid certificates are used

  • Session hijacking: key/cookie/link encryption; Secure & HttpOnly flags for cookies

  • Rootkit: patching; layered security; heuristic analysis; antivirus

  • Cross-site scripting:

    • Reflected: WAF; use appropriate response headers; avoid suspicious links

    • Persistent: WAF; filter input & encode data on output; escape HTML data on arrival

    • DOM: don't treat untrusted data as code; delimit untrusted data as quoted strings

  • Vulnerabilities:

    • Improper error handling: info leak through over-detailed error messages => error handling policy; error logging; graceful handling of all possible errors

    • Dereferencing: get value (NULL) in memory pointed by pointer; process failure => higher-level programming languages; sanity-check pointers prior to use

    • Insecure object reference: (IDOR) exposure of reference to internal object => user authorisation; make objects harder to enumerate (e.g. random over increments)

    • Race condition: produces unexpected result when timing of actions impact other actions => careful programming; locking (at most one thread can modify database)

    • Broken authentication: brute-forcing credentials; unexpired session tokens => MFA; no default creds; password policy; delay failed attempts; session management

    • Sensitive data exposure: steal keys; MITM; steal plaintext data (server/transit/client) => data classification; secure encryption; key management; salted hashes

    • Insecure components: public exploits for known vulnerabilities => check product versions; monitor for unmaintained products (virtual patch/WAF)

    • Insufficient logging and monitoring: lack of timely response; late detection/monitoring => failure logging; centralised logs; tamper prevention; timely incident response

    • Weak or default configurations: unpatched flaws; default accounts; unprotected files => hardening; minimalistic platforms; segmentation; review & update configurations

    • Use of insecure functions:

      • strcpy: allows BOF => input validation; use secure functions

Previous1.6 Explain the threats and vulnerabilities associated with operating in the cloudNext2.2 Explain software assurance best practices

Last updated