Answers will vary. in .NET

Paint QR Code 2d barcode in .NET Answers will vary.

1-57

Page 1-50

1. In Exercises 1 through 3, you explored an application that did not work correctly when the user was logged on as an administrator. Besides modifying the applica tion, how else could you have resolved the problem What drawbacks would that approach have

One alternative approach would be to modify the ACL on the Hosts file. This could be done directly, during the setup procedure for the application, or manually by the systems administra tor installing your application. This approach would allow the application to run correctly, but it permanently reduces the security of the computer. After modifying the ACL, any application (including a virus or Trojan horse) could modify the Hosts file. A second approach is to create a shortcut to your application, and instruct the user to select the Run With Different Credentials check box on the shortcut s properties. When the user runs the application, he is prompted to provide an alternative set of user credentials. The user can then provide administrator credentials, or can authenticate as a user specifically created to have the necessary privileges required to run your application. This approach does not follow the application development principle of least privilege, however, because the application still requires elevated privileges. Another approach would be to make the user running the application a member of the Admin istrators group. However, this approach does not follow the security principle of least privilege. Indeed, any application the user ran would have almost unlimited access to system resources.

2. Least privilege provides which of the following benefits (Choose the best answer.) a. Enables standard users to debug your application line by line b. Grants standard users access to the Security event log c. Allows your application to run with minimal privileges d. Provides standard users access to the .NET Framework

The answer is c. Least privilege reduces the damage an attacker can do after compromising your application by minimizing the rights required by your application.

Page 1-52

1. The discovery of the security vulnerability has shaken your manager s confidence in you. What changes to your current development process can you suggest to prevent vulnerabilities from appearing in the future

First, assure your manager that you will take extra time to use secure coding best practices. Additionally, you should suggest that your organization begin to use defense-in-depth. The multi layered approach to security will help prevent vulnerabilities from being exploited, even if you do make a mistake. All development projects should have time for code review. Additionally, database permissions should be restricted carefully. Employees should have permission to access only those parts of the database actually required to do their job.

1-58

1

Unfortunately, you can t guarantee this. Instead, you must manage the risk. Managers must acknowledge that some risk always exists because developers are human and make mistakes.

3. Which of the following infrastructure components could prevent similar SQL injec tion attacks in the future (Choose the best answer.) a. A firewall in front of the database server b. IPSec encryption enabled between all clients and the database server c. IDS monitoring authentication attempts for password-cracking attacks d. None of the above

The answer is d. None of these infrastructure components can prevent a SQL injection attack. The attack manipulates otherwise legitimate user queries, and as a result, cannot be filtered by a firewall.

4. How can you use least privilege to reduce the likelihood of a similar exploit hap pening in the future

You can carefully analyze and document the privilege requirements for different types of users, and then restrict database permission to not allow users access to more than they need.

5. Which of the following secure in deployment principles would limit damage from similar SQL injection attacks in the future (Choose all that apply.) a. An efficient process for deploying updates b. An effective monitoring system that detects attempted break-ins c. Error messages that reveal no private information to potential attackers d. None of the above

The answers are a and b. The attacker probably tried several different queries before succeeding. An effective monitoring system could have detected these attempted attacks and notified sys tem administrators before the attacker succeeded. Even if the administrators could not respond until after the attack was successful, they could have acted quickly to control damage. After the vulnerability was discovered, an efficient update process would allow you to patch and fix the application quickly.