Back to FlashcardsInformation Technology / Security+ (SY0-701): Lesson 11: Enhance Application Security Capabilities Part 3
Security+ (SY0-701): Lesson 11: Enhance Application Security Capabilities Part 3
This deck covers key concepts from Lesson 11, focusing on enhancing application security capabilities, including DNS filtering, input validation, cookies, and code signing.
Define 'DNS filtering'
Tap or swipe ↕ to flip
Swipe ←→Navigate
1/30
Key Terms
Term
Definition
Define 'DNS filtering'
Blocks or allows access to specific websites by controlling the resolution of domain names into IP addresses
How does DNS filtering operate?
When a request is made to resolve a website URL, the DNS filter checks the request against a database of domain names; If the domain is known as malic...
Define a 'DNS firewall'
Intercept DNS queries at the network level and applies filtering rules accordingly.
What is best practice for securing an internal DNS server?
DNS servers should only accept recursive queries from local hosts and not from the internet.
Define 'DNS footprinting'
Obtaining information about a private network by using its DNS server.
What are two ways to perform DNS footprinting?
Performing a zone transfer to a rouge DNS server of by querying the DNS server using nslookup/dig.
Related Flashcard Decks
| Term | Definition |
|---|---|
Define 'DNS filtering' | Blocks or allows access to specific websites by controlling the resolution of domain names into IP addresses |
How does DNS filtering operate? | When a request is made to resolve a website URL, the DNS filter checks the request against a database of domain names; If the domain is known as malicious, or is unapproved, the filter blocks the request, preventing access to the website. |
Define a 'DNS firewall' | Intercept DNS queries at the network level and applies filtering rules accordingly. |
What is best practice for securing an internal DNS server? | DNS servers should only accept recursive queries from local hosts and not from the internet. |
Define 'DNS footprinting' | Obtaining information about a private network by using its DNS server. |
What are two ways to perform DNS footprinting? | Performing a zone transfer to a rouge DNS server of by querying the DNS server using nslookup/dig. |
Define 'DNS Security Extensions (DNSSEC)' | Security protocol that provides authentication of DNS data and upholds DNS data integrity. |
What is the purpose of DNS Security Extensions (DNSSEC)? | To mitigate against spoofing and poisoning attacks by providing a validation process for DNS responses. |
How does DNS Security Extensions (DNSSEC) secure DNS records? | The authoritative server creates a 'package' of resource records (called an RRset) signed with a private key (the Zone Signing Key). |
With DNS Security Extensions (DNSSEC) enabled, how does a non-authoritative DNS server receive DNS records? | The authoritative server returns the package along with its public key, which can be used to verify the signature. |
When using S/MIME, which key is used to protect the confidentiality of a message? | The recipient's public key; The public key is used to encrypt a symmetric session key. |
What is the purpose of input validation? | Used in software and web development that addresses the issue of untrusted input to defeat injection attacks. |
Define 'untrusted input' | Specially crafted data supplied to an application to manipulate its behavior. |
What are different forms of input validation? | Allowlisting, Blocklisting, Data type and range checks, regular expressions, encoding. |
Define Allowlisting input validation | Permits inputs that match a predetermined and approved set of values or patterns. |
Define Blocklisting input validation | Explicitly blocks known harmful inputs, such as certain special characters or patterns commonly used in attacks. |
Define 'data type check' input validation | Checks to ensure the input data is of the expected type, such as a string, integer, or date. |
Define 'range check' input validation | Validates that numeric inputs fall within expected ranges. |
Define 'Regular expression/regex' input validation | Used to match input to expected patterns or signs of malicious activity. |
Define 'encoding' input validation | Prevent special characters from being interpreted as executable commands or scripts. |
Define a 'cookie' | A text file stored on a computer by a web browser while accessing a website. |
What is the purpose/function of a cookie? | Maintain session states, remember user preferences, and track user behavior and other settings. |
How can cookies be exploited if not properly secured? | Attacks such as session hijacking or cross-site scripting. |
What is the purpose of static code analysis? | Identify potential vulnerabilities, errors, and noncompliant coding practices before the program is finalized. |
Define 'Code signing' | The method of using a digital signature to ensure the source and integrity of software code. |
How does software become digitally signed? | The signer uses a private key to encrypt a hash or digest of the code to form the digital signature. |
How is the code verified once digitally signed? | Requires using a certificate issued by a trusted certificate authority (CA) and the client uses the cert to verify the signature of the code. |
Define 'data exposure' | A fault that allows privileged information (such as a token, password, or personal data) to be read without being subject to the appropriate access controls. |
Define an 'error/exception' in software development | An application vulnerability that is defined by how an application responds to unexpected events/processes that can lead to holes in the security of an app. |
What are errors/exceptions that could occur in software? | Invalid user input, a loss of network connectivity, another server or process failing, and so on. |