Implementation of Security Applications with Security+ Certification
A corporate network without a connection to internet is an impossibility to find. Internet is the major necessity of any organization or an enterprise that runs its business, despite the level at which it’s running. The advancement of information technology and the wave of latest technologies are subjected for a connection and when everything gets attached to internet: you have to be prepared for allowing your network to welcome security threats.
A specific category of attacks is linked to Web browser security and this gets the IT administrators tasked for ensuring security of these complex networks which are increasing at a high pace. Multiple and complex operating systems, disparate technologies, and mobile workforce is involved in making the tasks more daunting. As far as the escalation system is concerned, the security battles along with hardware controls must be augmented for providing a secure environment along with various threat protection procedures.
Different forms of securities are applied for eradicating the threats, this includes security software which bridges the gap and provides tools for intrusion detection and eradication of viruses. These tools have become critical pieces for corporate security puzzles. For CompTIA Security+ certification it’s important that you develop an understanding of the application threats, application security techniques used for eradicating the threats, and how to implement application security.
For you to achieve success in CompTIA sy0-301 exam, we will discuss the Application Security threats and an implementation of the application security techniques against them. Where:
Application Security is an implementation of security controls both in software and hardware. When considering software, various settings and procedures are used for thwarting unauthorized access. An advance step of technology also involves considering and coding security during the development of software’s.
Application Security Threats:
Following are the application security threats covered in Sy0-301 exam:
- Active X: One of Microsoft Technologies used for adding functionality to web pages, altering the functions of browser, and for viewing various multimedia. This application has been hacked and has been exploited with vulnerabilities for installing malicious software on unsuspecting browser of users.
- Java: One of Sun Microsystems programming languages used for running developed applications under any kind of operating system. Java has been a top programming tool for web development but at the same time it has opened up the browser gates to attacks. The reason behind this was the lack of training in programmers for building security in their application.
- Scripting: Scripting is a program which is capable of being coded into various languages. As far as Web is concerned, scripting helps develop the various tools used for collecting user data such as login systems, and shopping carts. However, script has the capability of being exploited because of the code it has at the back and the exploit can be delivered to the client computer directly.
- Buffer Overflows: Processes and programs get stored in a temporary storage area which is known as Buffer. When programs try storing data more than it’s allowed, a buffer overflow takes place and the excess of the data goes to the buffers. This act is responsible for corrupting and overwriting the data where this excess data is capable of containing malicious code.
- Browser: Chrome, IE, Firefox, Opera and so forth are the most vividly used browsers to which threats grow every day. Every browser has its own security settings for addressing the security issues. The security can also be controlled by adding addons, ad and pop-up blockers etc.
- Cookie: The information you enter in website gets stored in a cookie on your hard drive which can be retrieved. There are no codes involved in cookies that can be malicious but the data which gets stored is personal information that can be sent as plain text allowing it to be packet sniffed.
- Instant Messaging: Might not seem risky but it’s not that innocent as well. An open port system is used for forwarding the message which provides potential open port point for attacks.
- SMT Open Relays: It’s a mail server configured for allowing everyone on internet to use it for sending emails. Majority of these have been shut down due to exploitation by hackers as these were initial technologies for exploiting.
- P2P: This program is same as IM program which opens up the port for allowing peers to share files. The open port point is one place for attacks where as the second is downloading of a file which is virus infected. The best practice for protecting the attacks on P2P involves restricting the sharing options and scanning everything before downloading it.
- Cross Site Scripting: In the XSS exploit, a malicious code gets inserted into a link which appears to be from a trusted site. When the victim clicks the link, the attacker gets to pilfer sensitive information once a program executes. Most commonly these sorts of attacks have appeared in email messages.
- Input Validation: A program which ensures that the entered data is correct takes place through Input Validation. Databases can get corrupted and security can have vulnerabilities due to incorrect data input.
Application security threats are particularly complex for managing because as their exploits are a result of the gaps left in software developments. The best defense mechanisms involve educating users on best sound security practices as well as maintenance of current software patch levels.
Now, we will discuss what Application Security techniques are and how to implement them which is one of the objectives of Security topics for CompTIA Security+ exam.
Application Security Techniques and their Implementations:
Following are the application security techniques which can be implemented for protecting against the application threats:
- Intrusion Detection Systems: These systems are designed for gathering and analyzing data from across networks, for identification of external and personal potential threats. They come as: NIDS (Network Intrusion Detection System) and HIDS (Host Base Intrusion Detection Systems). Under HIDS’s, various security applications such as antivirus, and firewalls are installed on computers or on hosts which are attached to networks. Under NIDS’s, the software gets installed on particular network access points such as servers. Both these systems have disadvantages as well as advantages and require to work as a team.
- Firewalls: Firewalls are a piece of software’s which sit in between a network or computer as well as the outside world. When considering the corporate networks, rich featured programs which are robust get employed whereas for individual perspective you can consider other alternatives. Yet there are firewalls which can cause a degradation of performance but not any network should work without them.
- Antivirus: The tools which eradicate and detect simple viruses gave birth to Antivirus Software. It works by searching for known malicious patterns which are executable codes. However, this software does not protect against the “zero day threats” which are the malware’s which come on board every day. Heuristic is a term used for intelligent guesswork which involves using previous virus data for formulating predictions for the future threats.
- Pop up Blockers: These are on every other site are seen while browsing, the minimum they do is annoy and distract, whereas the maximum they do is to redirect the traffic to unsavory sites. This intrusion can be managed by adding more addons as browser have the ability to only block a number of offenders.
- Anti Spam’s: They certainly are just for wasting time but they have capability of clogging bandwidth and also are capable of coming laden with malware’s. At the moment a single spam solution does not exist, but various email clients, user reliant, and server based tools can together help.