SOC - Securing Online Components (Overview)

Securing Online Components

Introduction

In this module, you will embark on a vital journey through the digital landscape's core protective mechanisms. This module is meticulously designed to peel back the layers of online security, introducing you to the fundamental aspects of cybersecurity, ranging from understanding the intricacies of databases and the threat of SQL injection attacks to mastering the art of reconnaissance for identifying digital vulnerabilities. You will delve into the dynamics of user input threats, explore the foundational principles of web operations, and confront the ever-evolving realm of web vulnerabilities.

Each lesson in this module is a building block towards a comprehensive understanding of online security, combining theoretical knowledge with practical activities that challenge you to apply what you have learned in real-world scenarios. The module aims not just to inform but to transform you into vigilant guardians of the cyber world, equipped with the knowledge and skills to navigate and protect the online components that are integral to our digital lives. Engage in this module to unveil the mysteries of cybersecurity, where each lesson is a step closer to mastering the art of securing online components against the backdrop of an increasingly interconnected world.

Learning Questions

  1. What is the difference between HTTP and HTTPS, and why is HTTPS considered more secure for transmitting data over the Internet?
  2. What is the role of the Open Web Application Security Project (OWASP)?
  3. How do databases enhance the efficiency of data retrieval compared to storing data in unorganized files?
  4. How can SQL injection attacks be prevented?
  5. What are some common techniques threat actors use for reconnaissance, and how do they contribute to the success of a cyberattack?
  6. How can Google Dorking be used by cyber attackers for reconnaissance?
  7. Identify and explain at least three types of user input threats. How does defensive programming mitigate these threats?
  8. What is input validation, and why is it considered a crucial aspect of defensive programming?
  9. What are some potential security weak points in the client-server model?
  10. What are APIs, and how do they enhance the security and functionality of web applications?
  11. What is session hijacking, and what are some methods by which attackers can perform this type of attack?

Key Terms

  • API (Application Programming Interface): A set of rules, protocols, and tools for building software and applications that specifies how software components should interact.
  • Buffer Overflow: A situation where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory, which can lead to crashes, corrupted data, or a breach in security.
  • Client-Server Model: A distributed application structure that partitions tasks or workloads between providers of a resource or service, called servers, and service requesters, called clients.
  • Cookies: Small pieces of data stored on a user's computer by the web browser while browsing a website. They are designed to be a reliable mechanism for websites to remember stateful information or to record the user's browsing activity.
  • Cross-Site Scripting (XSS): A security vulnerability typically found in web applications that allows attackers to inject client-side scripts into web pages viewed by other users.
  • Cybersecurity: The practice of protecting systems, networks, and programs from digital attacks.
  • Database: Structured sets of data held in a computer, especially one that is accessible in various ways.
  • Defensive Programming: A way of writing software that ensures its continued functioning under unforeseen circumstances.
  • Directory Traversal: A type of HTTP exploit that allows attackers to access restricted directories and execute commands outside of the web server's root directory.
  • GDPR (General Data Protection Regulation): A regulation in EU law on data protection and privacy in the European Union and the European Economic Area, which also addresses the transfer of personal data outside these areas.
  • HTTP (HyperText Transfer Protocol): The foundational protocol used by the World Wide Web for transmitting data.
  • HTTPS (HyperText Transfer Protocol Secure): An extension of HTTP, it is used for secure communication over a computer network, with data encrypted for security.
  • Input Validation: The process of ensuring an application securely processes the input data by verifying that it is appropriate and safe before using it.
  • OWASP (Open Web Application Security Project): A nonprofit foundation that works to improve the security of software through its community-led open-source software projects, hundreds of chapters worldwide, tens of thousands of members, and by hosting local and global conferences.
  • Reconnaissance: In the context of cybersecurity, it refers to the preliminary phase where an attacker seeks to gather information about a target prior to launching an attack.
  • Session Hijacking: The exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
  • Session ID: A unique identifier that is generated and sent from a server to a client to identify the current interaction session.
  • SQL Injection: A code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.

[CC BY-NC-SA 4.0 Links to an external site.] UNLESS OTHERWISE NOTED | IMAGES: LICENSED AND USED ACCORDING TO TERMS OF SUBSCRIPTION - INTENDED ONLY FOR USE WITHIN LESSON.