csds exam 2

0.0(0)
studied byStudied by 2 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/75

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

76 Terms

1
New cards

Zed Attack Proxy (ZAP)

An open-source tool by OWASP for finding web app vulnerabilities. It scans, spiders, and intercepts traffic to help with security testing.

2
New cards

Burp Suite

A web vulnerability scanner and proxy tool used for testing and exploiting security flaws in web apps. Popular in penetration testing.

3
New cards

Automated Scanners

Use pre-defined rules to identify known vulnerabilities quickly (e.g., open ports, outdated libraries).

4
New cards

Manual Pen Testing

Human-driven testing focusing on logic flaws, business logic issues, and chained vulnerabilities.

5
New cards

Key Difference between Automated and Manual Pen Testing

Automation finds common issues fast; manual testing uncovers complex, logic-based flaws.

6
New cards

Focus of Vulnerability Assessment

Discovery only, not exploitation — ensures systems aren't harmed during the test.

7
New cards

Why Focus on Discovery Only?

Prevents system damage or disruption, ensures compliance with ethical/legal boundaries, prioritizes risk identification over causing harm.

8
New cards

Continuous Vulnerability Scanning

Recommendation: Yes, regularly scan systems to detect new vulnerabilities as systems, code, and threats evolve.

9
New cards

Authenticated Scans

Run with valid credentials; more thorough.

10
New cards

Unauthenticated Scans

External perspective; less coverage.

11
New cards

Cloud Security Challenges

Shared responsibility model, dynamic resources and ephemeral services, lack of visibility into cloud provider infrastructure.

12
New cards

National Vulnerability Database (NVD)

U.S. government repository of known software vulnerabilities.

13
New cards

National Vulnerability database Usage in Reports

Reference CVEs (Common Vulnerabilities and Exposures) to validate and support findings.

14
New cards

Penetration Testing Process

Phases include Scoping, Reconnaissance, Discovery, Exploitation, and Reporting.

15
New cards

Scoping

Define scope, rules, and goals of engagement.

16
New cards

Reconnaissance

Gather information about targets.

17
New cards

Discovery

Scan for vulnerabilities.

18
New cards

Exploitation

Attempt to manipulate discovered vulnerabilities (in real pen tests).

19
New cards

Reporting

Document findings, risks, and mitigation strategies.

20
New cards

Types of Penetration Testing

Includes Application Testing, Network Testing, and Physical Pen Testing.

21
New cards

Application Testing

Focus on web apps, mobile apps, APIs, and other software to find flaws like injection attacks, authentication/authorization issues, insecure storage, and misconfigurations.

22
New cards

Network Testing

Focus on internal and external network infrastructure (routers, firewalls, switches, servers) to identify vulnerabilities like open ports, weak protocols, insecure configurations, or privilege escalation paths.

23
New cards

Physical Pen Testing

Focus on physical security controls — facilities, data centers, office spaces to test access controls like locks, ID checks, cameras, and employee vigilance.

24
New cards

Social Engineering

Focus: Human vulnerabilities and behavior.

25
New cards

Example of Social Engineering

Phishing emails, pretexting phone calls, or impersonation to get login credentials or access to restricted areas.

26
New cards

Static Testing (SAST)

Analyze code without executing it.

27
New cards

Dynamic Testing (DAST)

Analyze application during runtime.

28
New cards

Black Box Testing

No prior knowledge of the system.

29
New cards

White Box Testing

Full access to source code and infrastructure.

30
New cards

Grey Box Testing

Limited internal knowledge (balanced).

31
New cards

Red Team

Offensive security experts simulating attackers.

32
New cards

Blue Team

Defensive security experts protecting the organization.

33
New cards

Buffer Overflow

A vulnerability where more data is written to a buffer than it can hold, potentially overwriting memory and enabling code execution.

34
New cards

Race Conditions

A flaw that occurs when a system’s outcome depends on the timing of uncontrolled events, leading to unexpected or unsafe behavior.

35
New cards

Input Validation

The process of checking user input to ensure it's safe and expected, preventing attacks like XSS, SQL injection, and more.

36
New cards

How to defend Authentication/Authorization Attacks

Use multi-factor auth and role-based access control.

37
New cards

How to fix Password Vulnerabilities

Enforce strong policies, hash + salt storage.

38
New cards

How to fix Authorization Bypass

Validate user permissions on server side.

39
New cards

Client-Side Attacks XSS

An attack where malicious scripts are injected into web pages, executed in the user’s browser to steal data or hijack sessions.

40
New cards

Server-Side Attacks :SQL & Path

SQL Injection manipulates DB queries to access or alter data. Path Traversal accesses files outside intended directories using sequences like ../.

41
New cards

Juice Shop Review

Practice identifying and exploiting common vulnerabilities like injection, access control, XSS, etc.

42
New cards

AI-Generated Code Caution

Always audit and test for vulnerabilities — code from AI may miss security best practices.

43
New cards

Broken Access Control

Example: Users accessing data they shouldn't. Prevention: Enforce server-side access control.

44
New cards

Injection

Example: SQL, command, or path injection. Prevention: Use parameterized queries, input sanitization.

45
New cards

Insecure Design

Example: Unauthenticated endpoints. Prevention: Threat modeling, secure design practices.

46
New cards

Security Misconfiguration

Example: Exposed stack traces. Prevention: Harden systems, review and validate configurations.

47
New cards

Identity and Access Management (IAM)

Authentication Methods: Something you know: Password, Something you have: Token, phone, Something you are: Biometrics.

48
New cards

Multi-Factor Authentication (MFA)

Combines two or more authentication factors for increased security.

49
New cards

Mutual Authentication

Both parties verify each other; prevents man-in-the-middle attacks.

50
New cards

Authentication vs Authorization

Authentication: Verifying identity. Authorization: Determining access rights.

51
New cards

Out-of-Band Authentication

Uses separate channel (e.g., SMS code) for verification.

52
New cards

Linux Password Policies

Options: Minimum length, complexity, expiration, reuse restrictions.

53
New cards

Access Control Models

RBAC (Role-Based Access Control): Access based on user roles.

54
New cards

RBAC

Allow access based on user

55
New cards

Tracking Techniques

Organizations and third parties use various methods to monitor user activity and gather behavioral data.

56
New cards

Mobile Apps Tracking

Often request access to location, contacts, camera, microphone, and storage.

57
New cards

Web Cookies

Small text files stored in your browser that track user sessions and preferences. Third-party (from advertisers) allow cross-site tracking.

58
New cards

DNS Queries

Every website visit involves a DNS request. These can be logged by ISPs or other intermediaries, revealing browsing behavior even if the user uses HTTPS.

59
New cards

Email Pixels

Invisible 1x1 images embedded in emails. When the email is opened, the pixel loads and notifies the sender, revealing when, where, and on what device the email was viewed.

60
New cards

Browser Fingerprints

A set of unique attributes about a user's browser and device that can be combined to identify and track users without cookies.

61
New cards

Collected Data Includes

Browser type and version, screen resolution, installed fonts and plugins, time zone, operating system, and language settings.

62
New cards

Private Browsing (Incognito Mode)

Prevents local storage of browsing history, cookies, and form data. Helpful on shared devices to prevent casual snooping.

63
New cards

Limitations of Private Browsing

Does not stop websites, advertisers, your employer, or your ISP from tracking your activity. Does not block fingerprinting, IP-based tracking, or DNS logging. Does not protect against malware or phishing.

64
New cards

Mobile Privacy

Mobile devices pose unique and significant privacy challenges.

65
New cards

Permissions Model

Apps may ask for permissions that exceed their functionality (e.g., a flashlight app requesting location).

66
New cards

Persistent Identifiers

Devices use unique IDs (IMEI, MAC address, advertising ID) that can be used to track across apps and services.

67
New cards

Background Data Collection

Apps may collect and transmit data even when not in use, such as location and user habits.

68
New cards

Location Tracking

GPS, Wi-Fi networks, and cell towers can be used to pinpoint a user's movements in real-time or over time.

69
New cards

Microphone & Camera Access

Apps with granted permissions can access these features without immediate user interaction.

70
New cards

Laws and Compliance

Legal obligations, protect users, avoid fines and lawsuits.

71
New cards

Consequences of Non-Compliance

Fines, legal action, reputation damage.

72
New cards

Information Security Policy

Components: Title, authorship, date, applicability, scope.

73
New cards

Purpose of Information Security Policy

Outline security requirements and responsibilities.

74
New cards

Control Types

Technical: OS hardening, firewall, access controls. Administrative: Documented policies and procedures. Physical: Badges, security cameras, locked doors.

75
New cards

Key Regulations

HIPAA: Health data protection. PCI-DSS: Payment card security. FERPA: Student education records. GDPR: EU data protection law.

76
New cards

Right to be Forgotten

Users can request erasure of their data.