WGU D385 LOGGING AND SECURITY ISSUES QUESTIONS WITH CORRECT DETAILED ANSWERS 2024

WGU D385 LOGGING AND SECURITY ISSUES What are some common debugging techniques? - ANSWER- - printing out values of variables - changing the state ("path") of the program to make it do different things - stepping through the execution of a program line by line - breakpoints - trace points - stopping the program at certain events - viewing the output of a program in a debugger window What are some Python debugging tools? - ANSWER- - pdb: most commonly used - Web-PDB - wdb - Pyflame - objgraph XML External Entity Attacks - ANSWER- - XXE - when attackers exploit an XML parser to read arbitrary files on your server - attackers might also be able to read config files, retrieve user information Insecure Deserialization - ANSWER- - serialization is the conversion of an object in a programming language is saved into a format that can be saved to a database - DEserialization is when a serialized object is read from a file or the network and converted back into an object - INSECURE DESERIALIZATION occurs when an attacker can manipulate the serialized object and achieve authentication bypass, DOS, or arbitrary code execution Injection Attacks - ANSWER- - when an application cannot properly distinguish between untrusted user data and code - typically allows for arbitrary code execution SQL Injection Attack Mitigation - ANSWER- - use parameterized statements Log Injection Attack Mitigation - ANSWER- - prefixing log entries with meta-data (i.e. timestamp) - validate the entry before accessing or opening Sensitive Data Leaks - ANSWER- - occurs when an application fails to properly protect sensitive information - this typically occurs through descriptive response headers, descriptive error messages with stack traces or database error messages, or revealing comments in HTML files Cross-site Request Forgery - ANSWER- - client-side technique used to attack other users of a web application - attackers send HTTP requests that pretend to come from the victim - attackers then carry out unwanted actions such as changing a password or transferring money from a bank account CSRF Mitigation - ANSWER- - CSRF tokens - SameSite cookies - avoid using GET requests for state-changing actions SSRF - ANSWER- - Server-side Request Forgery - attacker us able to send requests on behalf of the server - allows attackers to forge the request signature and assume a privileged position on a network, bypassing firewall controls, and gaining access to internal services SSRF Mitigation - ANSWER- - never make outbound requests based on user input - validate external addresses before initiating any outbound requests PDB - ANSWER- - debugger built into the Python standard library Which three actions are supported by the Python Debugger (PDB)? (Choose 3 answers.) - ANSWER- - establishing breakpoints - code step throughs - stack tracing Which three debugging techniques require the use of a debugger? (Choose 3 answers.) - ANSWER- - trace points - breakpoints - code step through What do system monitoring and review of audit trails provide? - ANSWER- - Accountability What are the logging levels and values? - ANSWER- - DEBUG = 10 - INFO = 20 - WARNING = 30 - ERROR = 40 - CRITICAL = 50