1softwareprintable flash cards
TRANSCRIPT
-
7/28/2019 1softwarePrintable Flash Cards
1/25
Term 1
How is software security addressed
effectively?
Definition 1
By building it in
Term 2
What does secure software development
require?
Definition 2
The applications themselves to be secure
rather than relying on a secure transfer
method
Term 3
What is often the largest factor negatively
impacting security?
Definition 3
Push to Market
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
2/25
Term 4
What does the Physical portion of secure
development state?
Definition 4
Access should be limited to project and
development personnel only
Term 5
What is the first rule of testing?
Definition 5
Never test on a production system
Term 6
What is the difference between the SLC and
the SDLC?
Definition 6
The Software Life Cycle includes post
development operation and maintenance
phases as well
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
3/25
Term 7
What is the Software Development Method
that is characterized by each phase
containing a list of activities that must becompleted before the next phase begins?
Definition 7
Waterfall
Term 8
What type of Software Development Method
is akin to a Project Plan?
Definition 8
Waterfall
Term 9
What is the Software Development Method
that is characterized by each phase
requiring a risk assessment review?
Definition 9
Spiral
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
4/25
Term 10
What is the Software Development Method
that is characterized by ensuring there are
no defects and making sure code is writtencorrectly the first time?
Definition 10
Clean Room
Term 11
What is the Software Development Method
that is characterized by requiring that
processes be defined, development to be
modular, and each phase to be subject to
reviews and approvals?
Definition 11
Structured Programming Development
Term 12
What is the Software Development Method
that is characterized by successive
refinements of requirements, designing, and
coding
Definition 12
Iterative Development
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
5/25
Term 13
What is the Software Development Method
that is characterized by having the people
who do the job heavily involved in thedesigning of the solution?
Definition 13
Joint Analysis Development
Term 14
What is the Software Development Method
that is characterized by building a simplified
version, gathering feedback, and then
building a final product?
Definition 14
Prototyping
Term 15
What is the Software Development Method
that is characterized by strict time limits on
each phase?
Definition 15
Rapid Application Development
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
6/25
Term 16
What is the Software Development Method
that is characterized by development with
short development iterations to reducerisk?
Definition 16
Agile Development
Term 17
What is the Software Development Method
that is characterized by large, complex
projects that involve multiple software
components and many people.
Definition 17
Computer Aided Software Engineering
Term 18
What is the Software Development Method
that is characterized by using standardized,
building-block components that can be
used to assemble an application?
Definition 18
Component-Based Model
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
7/25
Term 19
What is the Software Development Method
that is characterized by using existing
components?
Definition 19
Reuse Model
Term 20
A ____________ is a program that translates
an assembly-language program into
machine language.
Definition 20
Assembler
Term 21
A __________ translates high level language
into machine language
Definition 21
Compiler
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
8/25
Term 22
A ____________ translates code statement
by statement rather than all at once.
Definition 22
Interpreter
Term 23
_____________ are used to interface a
program with the system.
Definition 23
Drivers
Term 24
In Object Oriented Programming, a
________ is a template for object
Definition 24
Class
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
9/25
Term 25
In Object Oriented Programming, a
________ is an instance of a class
Definition 25
Object
Term 26
In Object Oriented Programming, a
________ is a request from an object
Definition 26
message
Term 27
In Object Oriented Programming, ________
refers to programs deriving its data and
functionality from the calling object
Definition 27
Inheritence
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
5 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
10/25
Term 28
In Object Oriented Programming, ________
refers to different objects responding to the
same command in different ways.
Definition 28
Polymorphism
Term 29
In Object Oriented Programming, ________
refers to creating a new version of an object
by changing its attributes.
Definition 29
Polyinstantiation
Term 30
_________________ entails programs
located on different computers cooperating
in the same application.
Definition 30
Distributed computing
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
11/25
Term 31
What does SOAP stand for?
Definition 31
Simple Object Access Protocol
Term 32
A ______________ is a weakness of both
poor coding and programming language
vulnerabilities
Definition 32
Buffer Overflow
Term 33
A ___________ is inserting a series of
statements into a "query" by manipulating
data input into an application
Definition 33
SQL Injection
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
12/25
Term 34
__________ flaws occur whenever an
application takes user-supplied data and
sends it to a web browser without firstvalidating that content.
Definition 34
Cross Site Scripting
Term 35
A __________ is an error in software code
that points to an object that has been
deleted
Definition 35
Dangling Pointer
Term 36
A _____________ is a contact between a
caller and a call-ee.
Definition 36
Application Programming Interface (API)
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
13/25
Term 37
A _________ is when two or more
processes using the same resource falsely
depend on the state of that resourceremaining constant.
Definition 37
Race Condition
Term 38
_____________ is a means of surreptitiously
transferring information from a higher
classification to a lower classification.
Definition 38
Covert Channels
Term 39
____________ communicate by modifying a
stored object.
Definition 39
Storage Channels
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
14/25
Term 40
________________ transmit information by
affecting the relative timing of events.
Definition 40
Timing Channels
Term 41
A _______ is a mechanism embedded into a
program that allows the normal security
access procedures to be bypassed
Definition 41
Trap Door
Term 42
A ___________ is a hidden software or
hardware mechanism intentionally placed in
a system by a vendor that can be triggered
to circumvent system protection
mechanisms.
Definition 42
Maintenance Hook
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
15/25
Term 43
______________ occurs when system
resources are consumed by illegitimate
processes so that legitimate processescannot run.
Definition 43
Denial Of Service
Term 44
____________ are large groups of
computers that can be activated to do the
bidding of the person controlling them.
Definition 44
Botnets
Term 45
___________ allow an attacker to gain
administrator access to a compromised
machine
Definition 45
Rootkits
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
16/25
Term 46
A ___________ is defined by its ability to
reproduce and spread, but generally
requires actions by users.
Definition 46
Virus
Term 47
A __________ is similar to a virus, but does
not generally require user action to spread.
Definition 47
Worm
Term 48
A _____________ infects the master boot
record, system boot record, or other boot
record.
Definition 48
Boot Sector Infector
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
17/25
Term 49
A ___________ is a virus that can infect
multiple types of objects.
Definition 49
Mltipartite
Term 50
___________ are usually stand alone files
that can be executed by an interpreter.
Definition 50
Script Virus
Term 51
A ____________ is a malicious piece of
code that poses as a positive/desirable
utility
Definition 51
Trojan Horse
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
18/25
Term 52
A ___________ waits for a condition or time
to release its negative payload.
Definition 52
Logic Bomb
Term 53
A _____________ intentionally corrupts
data, generally by small increments over
time.
Definition 53
Data Diddler
Term 54
What is the best defense against malware of
all kinds?
Definition 54
Effective and workable policies
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
19/25
Term 55
____________ store records in a single
table, have parent/child relationships, are
limited to a single tree, and make it difficultto link branches.
Definition 55
Hierarchical Database Management
Systems
Term 56
What is the most frequently used DBMS?
Definition 56
Relational
Term 57
Where is data stored in a relational
databse?
Definition 57
Tables
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
20/25
Term 58
In a Relational Database, a ___________
uniquely identifies each row and assists
with indexing the table.
Definition 58
Primary Key
Term 59
In a Relational Database, a ___________ is a
primary key value in a table in which it is
not the primary key.
Definition 59
Foreign Key
Term 60
___________ is the searching of the data in
a data warehouse to extract valuable
information from the data in the warehouse.
Definition 60
Data Mining
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
21/25
Term 61
In relation to the ACID test, what does
Atomicity mean?
Definition 61
All changes take effect or none do
Term 62
In relation to the ACID test, what does
Consistency mean?
Definition 62
When the database is translated from one
valid state to another, it remains compliant
with the rules of the database
Term 63
In relation to the ACID test, what is
isolation?
Definition 63
The reults of the transaction are invisible to
other transactions until the transaction is
complete.
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
22/25
Term 64
In relation to the ACID test, what is
durability?
Definition 64
Ensures completed transactions can
survive future systems and media failures.
Term 65
What does ACID in an ACID test stand for?
Definition 65
Atomicity, Consistency, Isolation, and
Durabilty
Term 66
Which database language is the ANSI
standard?
Definition 66
SQL
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
23/25
Term 67
What does SQL stand for?
Definition 67
Structured Query Language
Term 68
In separation of duties, sensitive
transactions must be designed to require a
minimum of _____________.
Definition 68
Dual Control
Term 69
What is the easiest effective control against
a SQL injection?
Definition 69
Validating Input
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
24/25
Term 70
Why is it important to build security into an
application rather than adding it later?
Definition 70
To provide more layers of security and
make it harder to circumvent
Term 71
What three things must cryptographic data
protection controls include?
Definition 71
Key creation, storage, and management
Term 72
A ___________ lists agreed-upon objectives
and deliverables, which helps prevent
scope creep.
Definition 72
SOW
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=
25 5/30/2013 1
-
7/28/2019 1softwarePrintable Flash Cards
25/25
Term 73
A database that uses pre-defined groupings
of data that can only be accessed based
upon a user's authorization level, useswhich which database access control?
Definition 73
View Control
Term 74
A ____________ describes an attack where
the perpetrator uses information gained
through authorized activity to reach
conclusions about restricted data.
Definition 74
Inference Attack
able Flash Cards http://www.flashcardmachine.com/print/?topic_id=