D385: Logging and Security Issues
UPDATED ACTUAL Questions and
CORRECT Answers
What are some common debugging techniques? - CORRECT ANSWER - - printing out
values of variables
- changing the state ("path") of the program to make it do different things
- stepping through the execution of a program line by line
- breakpoints
- trace points
- stopping the program at certain events
- viewing the output of a program in a debugger window
What are some Python debugging tools? - CORRECT ANSWER - - pdb: most commonly
used
- Web-PDB
- wdb
- Pyflame
- objgraph
XML External Entity Attacks - CORRECT ANSWER - - XXE
- when attackers exploit an XML parser to read arbitrary files on your server
- attackers might also be able to read config files, retrieve user information
Insecure Deserialization - CORRECT ANSWER - - serialization is the conversion of an
object in a programming language is saved into a format that can be saved to a database
- DEserialization is when a serialized object is read from a file or the network and converted
back into an object
,- INSECURE DESERIALIZATION occurs when an attacker can manipulate the serialized
object and achieve authentication bypass, DOS, or arbitrary code execution
Injection Attacks - CORRECT ANSWER - - when an application cannot properly
distinguish between untrusted user data and code
- typically allows for arbitrary code execution
SQL Injection Attack Mitigation - CORRECT ANSWER - - use parameterized statements
Log Injection Attack Mitigation - CORRECT ANSWER - - prefixing log entries with
meta-data (i.e. timestamp)
- validate the entry before accessing or opening
Sensitive Data Leaks - CORRECT ANSWER - - occurs when an application fails to
properly protect sensitive information
- this typically occurs through descriptive response headers, descriptive error messages with
stack traces or database error messages, or revealing comments in HTML files
Cross-site Request Forgery - CORRECT ANSWER - - client-side technique used to attack
other users of a web application
- attackers send HTTP requests that pretend to come from the victim
- attackers then carry out unwanted actions such as changing a password or transferring money
from a bank account
CSRF Mitigation - CORRECT ANSWER - - CSRF tokens
- SameSite cookies
- avoid using GET requests for state-changing actions
SSRF - CORRECT ANSWER - - Server-side Request Forgery
- attacker us able to send requests on behalf of the server
, - allows attackers to forge the request signature and assume a privileged position on a network,
bypassing firewall controls, and gaining access to internal services
SSRF Mitigation - CORRECT ANSWER - - never make outbound requests based on user
input
- validate external addresses before initiating any outbound requests
PDB - CORRECT ANSWER - - debugger built into the Python standard library
Which three actions are supported by the Python Debugger (PDB)? (Choose 3 answers.) -
CORRECT ANSWER - - establishing breakpoints
- code step throughs
- stack tracing
Which three debugging techniques require the use of a debugger? (Choose 3 answers.) -
CORRECT ANSWER - - trace points
- breakpoints
- code step through
What do system monitoring and review of audit trails provide? - CORRECT ANSWER --
Accountability
What are the logging levels and values? - CORRECT ANSWER - - DEBUG = 10
- INFO = 20
- WARNING = 30
- ERROR = 40
- CRITICAL = 50
Which logging function may indicate an impending full disk? - CORRECT ANSWER --
WARNING
UPDATED ACTUAL Questions and
CORRECT Answers
What are some common debugging techniques? - CORRECT ANSWER - - printing out
values of variables
- changing the state ("path") of the program to make it do different things
- stepping through the execution of a program line by line
- breakpoints
- trace points
- stopping the program at certain events
- viewing the output of a program in a debugger window
What are some Python debugging tools? - CORRECT ANSWER - - pdb: most commonly
used
- Web-PDB
- wdb
- Pyflame
- objgraph
XML External Entity Attacks - CORRECT ANSWER - - XXE
- when attackers exploit an XML parser to read arbitrary files on your server
- attackers might also be able to read config files, retrieve user information
Insecure Deserialization - CORRECT ANSWER - - serialization is the conversion of an
object in a programming language is saved into a format that can be saved to a database
- DEserialization is when a serialized object is read from a file or the network and converted
back into an object
,- INSECURE DESERIALIZATION occurs when an attacker can manipulate the serialized
object and achieve authentication bypass, DOS, or arbitrary code execution
Injection Attacks - CORRECT ANSWER - - when an application cannot properly
distinguish between untrusted user data and code
- typically allows for arbitrary code execution
SQL Injection Attack Mitigation - CORRECT ANSWER - - use parameterized statements
Log Injection Attack Mitigation - CORRECT ANSWER - - prefixing log entries with
meta-data (i.e. timestamp)
- validate the entry before accessing or opening
Sensitive Data Leaks - CORRECT ANSWER - - occurs when an application fails to
properly protect sensitive information
- this typically occurs through descriptive response headers, descriptive error messages with
stack traces or database error messages, or revealing comments in HTML files
Cross-site Request Forgery - CORRECT ANSWER - - client-side technique used to attack
other users of a web application
- attackers send HTTP requests that pretend to come from the victim
- attackers then carry out unwanted actions such as changing a password or transferring money
from a bank account
CSRF Mitigation - CORRECT ANSWER - - CSRF tokens
- SameSite cookies
- avoid using GET requests for state-changing actions
SSRF - CORRECT ANSWER - - Server-side Request Forgery
- attacker us able to send requests on behalf of the server
, - allows attackers to forge the request signature and assume a privileged position on a network,
bypassing firewall controls, and gaining access to internal services
SSRF Mitigation - CORRECT ANSWER - - never make outbound requests based on user
input
- validate external addresses before initiating any outbound requests
PDB - CORRECT ANSWER - - debugger built into the Python standard library
Which three actions are supported by the Python Debugger (PDB)? (Choose 3 answers.) -
CORRECT ANSWER - - establishing breakpoints
- code step throughs
- stack tracing
Which three debugging techniques require the use of a debugger? (Choose 3 answers.) -
CORRECT ANSWER - - trace points
- breakpoints
- code step through
What do system monitoring and review of audit trails provide? - CORRECT ANSWER --
Accountability
What are the logging levels and values? - CORRECT ANSWER - - DEBUG = 10
- INFO = 20
- WARNING = 30
- ERROR = 40
- CRITICAL = 50
Which logging function may indicate an impending full disk? - CORRECT ANSWER --
WARNING
