SY0-501 Section 4.1-Explain the importance of application security controls and techniques.

Fuzzing Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion. Let’s consider an integer in a program, which stores the result of a user’s choice between 3 questions. When the user picks one, the choice will be 0, 1 or 2. Which makes three practical cases. But what if we transmit 3, or 255? We can, because integers are stored a static size variable. If the default switch case hasn’t been implemented securely, the…

SY0-501 Section 3.8 Explain the proper use of penetration testing versus vulnerability scanning.

Penetration testing It is becoming more common for companies to hire penetration testers to test their system’s defenses. Essentially, a penetration tester will use the same techniques a hacker would use to find any flaws in your system’s security. Hacking and penetration testing are areas that seem quite exciting to many people. Unfortunately, this has led to a number of unqualified (or at least underqualified) people calling themselves penetration testers. It is imperative when hiring a penetration tester that you ensure the person in question has the requisite skill set….

SY0-501 Section 3.7- Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.

Interpret results of security assessment tools Similar to packet sniffing, port scanning and other “security tools”, vulnerability scanning can help you to secure your own network or it can be used by the bad guys to identify weaknesses in your system to mount an attack against. The idea is for you to use these tools to identify and fix these weaknesses before the bad guys use them against you. The goal of running a vulnerability scanner is to identify devices on your network that are open to known vulnerabilities. Different…

SY0-501 Section 3.6- Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.

Monitoring system logs The general goal of monitoring is to detect suspicious behavior by external users or employees, or malfunctions. An organization can do this directly, such as by monitoring for specific events, or indirectly, such as by watching the state of a server over time and investigating anomalous behavior. Your security organization will have to determine its specific monitoring policy. Within this policy, you will have to determine your organization’s specific monitoring goals. Some questions you will have to answer are: – Are you going to baseline your server’s…

SY0-501 Section 3.5- Explain types of application attacks.

Applications such as Content Management Systems (CMS), Wikis, Portals, Bulletin Boards, and discussion forums are being used by small and large organizations. Every week hundreds of vulnerabilities are being reported in these web applications, and are being actively exploited. The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions. All web frameworks (PHP, .NET, J2EE, Ruby on Rails, ColdFusion, Perl, etc) and all types of web applications are at risk from web application security defects, ranging from…

SY0-501 Section 3.4-Explain types of wireless attacks.

Wireless networking, more commonly termed as Wi-Fi, is the technology that opens your PDA or laptop computer to the world. However this technology is quite vulnerable to many exploits. A malicious intruder can use the most basic software to detect and capture the signal of your wireless device, along with usernames, passwords, emails and other data you would prefer to keep confidential. An intruder doesn’t have to be inside of your home or office building to manipulate a wireless signal. For example, they could be sitting outside in their car…

SY0-501 Section 3.3- Summarize social engineering attacks and the associated effectiveness with each attack.

A social engineering attack is one in which the intended victim is somehow tricked into doing the attacker’s bidding. An example would be responding to a phishing email, following the link and entering your banking credentials on a fraudulent website. The stolen credentials are then used for everything from finance fraud to outright identity theft. An old adage comes to mind here, “it pays to be suspicious”. With socially engineered attacks, the opposite is also true – if you aren’t suspicious, you likely will end up paying. In addition to…

SY0-501 Section 3.2- Summarize various types of attacks.

A computer connected to a computing network is potentially vulnerable to an attack. An “attack” is the exploitation of a flaw in a computing system (operating system, software program or user system) for purposes that are not known by the system operator and that are generally harmful. Attacks are always taking place on the Internet, at a rate of several attacks per minute on each connected machine. These attacks are mostly launched automatically from infected machines (by viruses, Trojan horses, worms, etc.) without their owner’s knowledge. In rarer cases, they…

SY0-501 Section 3.1 Explain types of malware.

Malware (for “malicious software”) is any program or file that is harmful to a computer user. Thus, malware includes computer viruses, worms, Trojan horses, and also spyware, programming that gathers information about a computer user without permission. Adware Generically, adware (spelled all lower case) is any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen. The justification…

SY0-501 Section 2.9 given a scenario; select the appropriate control to meet the goals of security.

Confidentiality One of the major reasons to implement a cryptographic system is to ensure the confidentiality of the information being used. Confidentiality may be intended to prevent the unauthorized dis- closure of information in a local network or to prevent the unauthorized disclosure of information across a network. A cryptographic system must do this effectively in order to be of value. The need to keep records secure from internal disclosure may be just as great as the need to keep records secure from outside attacks. The effectiveness of a cryptographic…