Computer / Software Security - Quiz

Answer: a) Steganography

Explanation: Steganography is the process of hiding information within another piece of information, such as a text message or image.

STRIDE is a software security threat model that helps identify and mitigate security risks during the software development process. It stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. This model categorizes potential threats and provides a structured approach for developers to address them. Unlike Agile, Spiral, and Waterfall models, which focus on software development processes, STRIDE is specifically designed for assessing and mitigating security threats, making it a valuable tool in the creation of secure software systems.

A comprehensive security requirements checklist is a viable alternative to hiring a human software security expert to prevent requirements-level threats. This checklist provides a structured approach to identifying and addressing security concerns at the requirements stage, ensuring that security considerations are incorporated early in the software development lifecycle. It can help ensure that the software meets security standards and mitigates common risks without needing a dedicated security expert for each project. Improved documentation, additional checkpoints, and spending more time on requirements elicitation may also contribute to better security practices but may not be as effective at specifically addressing requirements-level threats.

A UPS (Uninterruptible Power Supply) is an example of a hardware threat countermeasure. It provides backup power during a power outage, preventing system downtime or potential damage to hardware. UPS units are critical for maintaining the continuous operation of essential equipment and ensuring data integrity in case of sudden power loss. Natural disasters and power outages are external threats, and single points of failure are vulnerabilities in system design. A UPS is specifically designed to mitigate the impact of power-related threats, making it a key hardware countermeasure.

The OWASP Top Ten is a widely recognized list that identifies the top ten most critical web application security risks. It is compiled by the Open Web Application Security Project (OWASP) to help organizations prioritize and mitigate common security vulnerabilities found in web applications. This list serves as a guideline for developers and security professionals to understand the most pressing security issues, such as injection attacks, broken authentication, and cross-site scripting (XSS). CERT, SANS, and CWE also focus on cybersecurity but do not specifically focus on web application security in the way that OWASP does.

Open redirects are an example of a software security anti-pattern. This vulnerability occurs when a web application allows an attacker to redirect users to malicious sites through URL manipulation. Open redirects are a serious security risk because they can be used in phishing attacks, tricking users into visiting malicious websites. Regular security audits, input validation, and intercepting validators are best practices for maintaining security, ensuring the system is secure against vulnerabilities like open redirects. Anti-patterns are common practices that seem reasonable but lead to security weaknesses, so it’s essential to avoid them during development.

Minimizing software security risks involves applying the principle of least privilege (POLP), which restricts users’ access rights to only what is necessary for their job functions. This minimizes the potential for malicious or accidental misuse of system resources. Allowing full administrative privileges or storing sensitive data in plain text introduces vulnerabilities that attackers can exploit, while relying solely on user passwords neglects the need for layered security measures like multi-factor authentication. POLP is a cornerstone of cybersecurity best practices, ensuring that access to critical systems and data is carefully controlled.

Penetration testing is most effective in the black-box testing mode. In black-box testing, the tester has no prior knowledge of the internal workings of the system and tests it from an external perspective, simulating an attack by an external threat actor. This mode is crucial because it mimics real-world hacking scenarios where attackers typically don't have inside information. While gray-box and white-box testing modes may also uncover vulnerabilities, black-box testing is often the most effective for identifying external vulnerabilities and assessing how a system can be breached without internal access. Hybrid testing, combining aspects of both black-box and white-box, can also be useful but does not focus entirely on external attack vectors.

Nmap (Network Mapper) is a tool commonly used for vulnerability analysis as it helps in discovering hosts and services on a computer network, thereby identifying open ports, services, and potential security vulnerabilities in a system. Nmap's ability to scan networks and identify devices allows security professionals to assess the network's security posture and identify vulnerabilities. On the other hand, John the Ripper is a password cracking tool, Wireshark is primarily a network protocol analyzer, and Kali is a Linux distribution that includes various penetration testing tools, but it is not a tool itself for vulnerability analysis. While these tools can assist in penetration testing, Nmap is specifically designed for vulnerability analysis.

The first step in implementing access control is identification. Identification involves recognizing the user or entity attempting to access the system by gathering unique identifiers, such as a username or ID number. This step is crucial because it establishes who is requesting access, before any further verification or authorization occurs. After identification, the next step is authentication, where the system verifies the claimed identity, typically through credentials like passwords, biometric data, or other factors. Only after successful authentication can the system proceed to authorization, which determines what resources or actions the authenticated user is allowed to access or perform. Encryption, while important for securing data, is not the first step in access control.