2 cissp ® Official Study Guide Eighth Edition

346
Chapter 9 
■
Security Vulnerabilities, Threats, and Countermeasures
of the client. Thus, all of the IP communications will be sent to the wrong endpoint. This 
allows the hacker to set up a man-in-the-middle attack by operating that false endpoint and 
then forwarding traffic on to the correct destination.
A third area of concern in regard to local cache is that of the temporary internet files
or the internet files cache. This is the temporary storage of files downloaded from internet 
sites that are being held by the client’s utility for current and possibly future use. Mostly 
this cache contains website content, but other internet services can use a file cache as well. 
A variety of exploitations, such as the split-response attack, can cause the client to down-
load content and store it in the cache that was not an intended element of a requested web 
page. Mobile code scripting attacks could also be used to plant false content in the cache. 
Once files have been poisoned in the cache, then even when a legitimate web document 
calls on a cached item, the malicious item will be activated.
Mitigating or resolving these attacks is not always simple or straightforward. There is 
not an easy patch or update that will prevent these exploits from being waged against a 
client. This is due to the fact that these attacks take advantage of the normal and proper 
mechanisms built into various protocols, services, and applications. Thus, instead of a 
patch to fix a flaw, the defense is more of a detective and preventive concern. Generally as 
a start, keep operating systems and applications current with patches from their respective 
vendors. Next, install both host-IDS and network-IDS tools to watch for abuses of these 
types. Regularly review the logs of your DNS and DHCP systems, as well as local client 
system logs and potentially firewall, switch, and router logs for entries indicating abnormal 
or questionable occurrences.
Organizations should use a 
split-DNS
system (aka split-horizon DNS, split-view DNS, 
and split-brain DNS). A split-DNS is deploying a DNS server for public use and a separate 
DNS server for internal use. All data in the zone file on the public DNS server is accessible 
by the public via queries or probing. However, the internal DNS is for internal use only. 
Only internal systems are granted access to interact with the internal DNS server. Outsiders 
are prohibited from accessing the internal DNS server by blocking inbound port 53 for 
both Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). TCP 53 is 
used for zone transfers (which includes most DNS server to DNS server communications), 
and UDP 53 is used for queries (which is any non-DNS system sending a query to a DNS 
server). Internal systems can be configured to only interact with the internal DNS servers, 
or they may be allowed to send queries to external DNS servers (which does require the 
firewall to be a stateful inspection firewall configured to allow responses to return to the 
internal system from an approved outbound query).
Server-Based Systems
An important area of server-based concern, which may include clients as well, is the issue 
of 
data flow control
. Data flow is the movement of data between processes, between 
devices, across a network, or over communication channels. Management of data flow 
ensures not only efficient transmission with minimal delays or latency, but also reliable 
throughput using hashing and confidentiality protection with encryption. Data flow control 

Database Systems Security 
347
also ensures that receiving systems are not overloaded with traffic, especially to the point 
of dropping connections or being subject to a malicious or even self-inflicted denial of ser-
vice. When data overflow occurs, data may be lost or corrupted or may trigger a need for 
retransmission. These results are undesirable, and data flow control is often implemented 
to prevent these issues from occurring. Data flow control may be provided by networking 
devices, including routers and switches, as well as network applications and services.
A load balancer is used to spread or distribute network traffic load across several net-
work links or network devices. A load balancer may be able to provide more control over 
data flow. The purpose of load balancing is to obtain more optimal infrastructure utiliza-
tion, minimize response time, maximize throughput, reduce overloading, and eliminate 
bottlenecks. Although load balancing can be used in a variety of situations, a common 
implementation is spreading a load across multiple members of a server farm or cluster. A 
load balancer might use a variety of techniques to perform load distribution, including ran-
dom choice, round robin, load/utilization monitoring, and preferencing.
A denial-of-service attack can be a severe detriment to data flow control. It is important 
to monitor for DoS attacks and implement mitigations. Please see Chapters 12 and 17 for a 
discussion of these attacks and potential defenses.
Database Systems Security
Database security
is an important part of any organization that uses large sets of data as 
an essential asset. Without database security efforts, business tasks can be interrupted and 
confidential information disclosed. For the CISSP exam, it is important that you are aware 
of several topics in relation to database security. These include aggregation, inference, data 
mining, data warehousing, and data analytics.

Download 19,3 Mb.

Do'stlaringiz bilan baham: