Exam Revision

Topics to Revise
• CIA Triad
• Black hat vs white hat hacker
• 4 fundamental strategies in software design and coding to prevent
attacks
• Traditional vs Virtual Network
• Measures to counteract hackers in general
• SQL injection ( what is , example , how to prevent it)
• Web server and web application security
Topics to Revise
• ‘Eve in the middle’ attack and how Eve intercepts and decrypts the
message
• Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) with
examples
• Penetration Testing and importance
• Programming language security (C++, C, Java, and PHP)
• secure coding guidelines
The tools of the trade
– models to tackle
hackers
CIA Triad
The CIA developed a model
for security : Confidentiality,
Integrity, Availability
The tools of the trade – models to tackle hackers
Confidentiality Availability
• Means that the private and sensitive • Means the system’s ability to
data handled by the application remain operational even in the
cannot be read by anyone who has face of failure or attack
no authorization
Integrity
• Means the data processed by any
application is not modified by any
unauthorized channels or
unauthorized persons.
Compare and Contrast between Black Hat
Hacker and White hat hacker [ 8 marks]
Compare and Contrast between Black Hat
Hacker and White hat hacker [ 8 marks]
Black Hat Hacker ( Cracker) White Hat Hacker

Their intentions are selfish or harmful in nature. Their intentions are noble and often aim to benefit or
protect others.

Illegal Hacking Legal hacking

Search for the security vulnerabilities to exploit them. They search for security vulnerabilities and offer
suggestions and solutions to patch them.

Write malware to hack devices, servers, and Develop security software, tools, and techniques to
websites. detect and remove malware

Conclusion : on your own e.g I think cracker is the bad guy and white hat hacker is a good guys
4 fundamental strategies in software design and coding to
prevent attacks

1. Prevention - sandbox technique – mean you test to see what the

application will do , give user input before you allow it to actually
process
2. Avoidance - Adding a layer of indirection between the user and
your application is one way to do it ( use a parser  compiler
breaking data into smaller elements)
3. Detection - Handling exceptions and adding code checkpoints
4. Recovery - The focus is to recover after the fact , E.g. rolling back a
database to the state it was in before the attack or restarting an
application at the last safe state that was recorded in memory
Elaborate on the differences between
Traditional and Virtual Network [ 6 marks]
Traditional
functions are typically performed by dedicated devices
like as switches, routers, and application delivery
controllers
networking functions are mostly implemented in
dedicated hardware, such as application-specific
integrated circuits
Virtual
Streamlines the amount of network hardware
(cabling, switches, etc.)
Increases IT productivity through remote and
automated service activation and performance testing
use software management to connect computers and
servers over the Internet
SQL injection ( what is , example)
• SQL injection is a code injection technique that might destroy your database.
• SQL injection is one of the most common web hacking techniques.
• SQL injection is the placement of vicious code in SQL statements, via web page
input.
• SQL injection usually occurs when you ask a user for input, like their
username/userid, and instead of a name/id, the user gives you an SQL statement
that you will unknowingly run on your database.
SQL injection ( what is , example)
Example

SQL Injection Based on 1=1 is Always True

Look at the example above again. The original purpose of the code was to create an
SQL statement to select a user, with a given user id.
If there is nothing to prevent a user from entering "wrong" input, the user can enter
some "smart" input like this:
UserId: 
Then, the SQL statement will look like this:
SELECT * FROM Users WHERE UserId = 105 OR 1=1;
SQL injection (how to prevent it)

• Use SQL Parameters for Protection

• To protect a web site from SQL injection, you can use SQL parameters.
• SQL parameters are values that are added to an SQL query at execution time, in a controlled
manner.
• Note that parameters are represented in the SQL statement by a @ marker.
• The SQL engine checks each parameter to ensure that it is correct for its column and are treated
literally, and not as part of the SQL to be executed
• txtNam = getRequestString("CustomerName");
txtAdd = getRequestString("Address");
txtCit = getRequestString("City");
txtSQL = "INSERT INTO Customers (CustomerName,Address,City) Values(@0,@1,@2)";
db.Execute(txtSQL,txtNam,txtAdd,txtCit);
Explain the concept of Eve in the middle
[ 6marks]
 Explain the concept of Eve in the middle [ 6marks]

An eavesdropper, who is usually a passive

attacker. While they can listen in on messages
between Alice and Bob, they cannot modify
them. In quantum cryptography, Eve may also
represent the environment.

Communication Between Alice and Bob

intercepted by Eve. Here channel is insecure
which means that information is not encrypted
by a cipher, thus vulnerable to attacks by Eve.
Penetration Testing and importance

• Penetration testing (which is also sometimes called pen testing or

ethical hacking) refers to the security process of evaluating your
computer system’s applications for vulnerabilities and susceptibility
to threats like hackers and cyberattacks
• Examples of vulnerabilities include software bugs, design flaws,
and also configuration errors.
• Pen tests can be carried out on IP address ranges, individual
applications, or even simply based on an organization’s name.
• Identifying weak points in a system’s defense via a simulated attack
Penetration Testing and importance
Preparation For An Attack
• The main reason penetration
tests are crucial to an
organization’s security is that
they help personnel learn how
to handle any type of break-in
from a malicious entity
Risk Identification
• Pen tests also offer insight into
which channels in your
organization or application are
most at risk and thus what
types of new security tools you
should invest in or protocols
you should follow. 
Programming language security (Java)

• Java is still vulnerable to different types of malware injection

• If this type of vulnerability is discovered and exploited by attackers, it can
enable them to execute malicious commands on the behalf of the victim or
gain access to sensitive information.
• Recent developments have also brought to life a critical security threat coming
from a vulnerability found in Log4J, a Java based logging utility.
• The newly discovered vulnerability allows attackers to install cryptocurrency-
mining malware on affected systems and currently has a risk factor of 10 out of
10
• Developers are scrambling to patch the issues and are urging the potential
users of affected platforms to install the latest version patches on their devices
Programming language security (C)

• Due to its lack of exception handling and reliance on string functions,

C is predisposed to multiple buffer overflow and string manipulation
security vulnerabilities.
• As a buffer overflow vulnerability can result in the corruption or
overwriting of the data found in an adjacent memory space, it gives
attackers a wide range of control over a program’s execution or a
system’s administrative permissions
• Buffer overflow was classified as the most dangerous vulnerability in
and it currently still poses a critical risk to a lot of systems.
Programming language security (C++)

• C++ has an increased use of pointers and global variables, which

makes it easier for memory corruption to occur.
• Other than buffer overflows, C++ is also prone to injection
vulnerabilities.
• As previously mentioned, injection vulnerabilities can be exploited by
attackers in multiple ways such as hijacking control over the victim’s
device or leaking sensitive information, bringing a severe security risk
to improper C++ implementations
Programming language security (PHP)

• Cross-site scripting (XSS) and SQL injection are some of the most
abundantly found security vulnerabilities in PHP. As cross-site scripting
is the most common type of web application security vulnerability it
can affect a wide variety of users. 
• Although it is seen as less harmful than SQL injection, it still poses a
great risk as attackers can use it to steal session cookies which can
contain login information, granting them access to the victim’s
account.
• SQL injection poses a critical threat as it targets servers and databases
Secure Coding Guidelines
1. Validate input. Validate input from all untrusted data sources. Proper input
validation can eliminate the vast majority of software vulnerabilities.
2. Keep it simple. Keep the design as simple and small as possible
3. Practice defense in depth. Manage risk with multiple defensive strategies, so
that if one layer of defense turns out to be inadequate, another layer of defense
can prevent a security flaw from becoming an exploitable vulnerability
4. Adopt a secure coding standard. Develop and/or apply a secure coding
standard for your target development language and platform