QUESTION 1
(a) What is the disparity between encryption and hashing?
(b) Why is it not always probable to use a white list-based approach to input validation?
(c) What are the most significant steps you would advise for securing a new web server and a new web application?
(d) A central safekeeping prerequisite that virtually any application needs to meet is controlling users' access to its data and functionality.
(i) Briefly outline the trio of interrelated safekeeping mechanisms that most web applications use to lever user access.
(ii) Why are an application's mechanisms for handling user access merely as brawny as the weakest of these components?
(e) The core safekeeping problem faced by web applications occurs in any situation where an application must agree to and process untrusted data that may be malicious. On the other hand, in the case of web applications, several issues have united to exacerbate the problem and give details why so many web applications on the Internet today do such a poor job of addressing it. Briefly sketch these key problem factors.
QUESTION 2
(a) Provide a potential safekeeping problem when using "$_REQUEST ['var']" in PHP in its place of the dedicated super global.
(b) Provide two ways to implement sessions in HTTP. State the benefits and disadvantages of each method.
(c) An application developer wants to stop an attacker from performing brute force attacks against the login function. For the reason that the attacker may target multiple usernames, the developer come to a decisions to store the number of failed efforts in an encrypted cookie, blocking any request if the number of unsuccessful efforts exceeds five. How can this defence be bypassed?
(d) Think about the following piece of PHP code:
session_regenerate_id();
$_SESSION['logged_in'] = TRUE;
?>
Give details for the purpose of the above code?
(e) Explicate the idea behind the CSRF attack? Give an instance of how such an attack can be performed.
(f) Someone designing an application for which safekeeping is remotely imperative must presuppose that it will be directly targeted by dedicated and skilled attackers. A key role of the application's safekeeping mechanisms is being able to handle and react to these attacks in a controlled way. Briefly outline the likely measures implemented to handle attackers.
QUESTION 3
(a) What is the differentiation between persistent cookies and session cookies?
(b) You have found SQL injection vulnerability but have been unable to carry out any useful assaults, as the application rejects any input containing whitespace. How can you work roughly this restriction?
(c) You have accepted a single quotation mark at numerous locations right through an application. From the resulting error communications you have diagnosed several potential SQL injection faults. Which one of the subsequent would be the safest location to test whether more crafted input has an effect on the application's processing, explaining your causatives?
(i) Registering a new user
(ii) Updating your personal details
(iii) Unsubscribing from the service
(d) Briefly draw round the different techniques and measures that can be employed to prevent SQL injection attacks
(e) What is the Cross Site Scripting (XSS) attack? Identify the two main categories of this type of attack and outline the outcomes of such an attack.
QUESTION 4
(a) Why can spot out all sources of user input for a moment be challenging when reviewing a PHP application?
(b) Briefly describe the session fixation attack and outline the mechanisms that can be employed to survive this attack.
(c) The architecture mechanism Linux, Apache, MySQL, and PHP are often bring into being installed on the same physical server. Why can this weaken the safekeeping posture of the application's architecture? (d) Chart the list of best practices that should be enforced when file uploads is allowed on websites and web applications (consider Apache/PHP platforms)
(e) Protected coding techniques are general guidelines that can be used to improve software safekeeping no matter what programming language is used for development. Briefly draw round some of the secure coding guidelines.