1softwareprintable flash cards

Upload: lynnverb

Post on 03-Apr-2018

223 views

Category:

Documents


0 download

TRANSCRIPT

  • 7/28/2019 1softwarePrintable Flash Cards

    1/25

    Term 1

    How is software security addressed

    effectively?

    Definition 1

    By building it in

    Term 2

    What does secure software development

    require?

    Definition 2

    The applications themselves to be secure

    rather than relying on a secure transfer

    method

    Term 3

    What is often the largest factor negatively

    impacting security?

    Definition 3

    Push to Market

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    2/25

    Term 4

    What does the Physical portion of secure

    development state?

    Definition 4

    Access should be limited to project and

    development personnel only

    Term 5

    What is the first rule of testing?

    Definition 5

    Never test on a production system

    Term 6

    What is the difference between the SLC and

    the SDLC?

    Definition 6

    The Software Life Cycle includes post

    development operation and maintenance

    phases as well

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    3/25

    Term 7

    What is the Software Development Method

    that is characterized by each phase

    containing a list of activities that must becompleted before the next phase begins?

    Definition 7

    Waterfall

    Term 8

    What type of Software Development Method

    is akin to a Project Plan?

    Definition 8

    Waterfall

    Term 9

    What is the Software Development Method

    that is characterized by each phase

    requiring a risk assessment review?

    Definition 9

    Spiral

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    4/25

    Term 10

    What is the Software Development Method

    that is characterized by ensuring there are

    no defects and making sure code is writtencorrectly the first time?

    Definition 10

    Clean Room

    Term 11

    What is the Software Development Method

    that is characterized by requiring that

    processes be defined, development to be

    modular, and each phase to be subject to

    reviews and approvals?

    Definition 11

    Structured Programming Development

    Term 12

    What is the Software Development Method

    that is characterized by successive

    refinements of requirements, designing, and

    coding

    Definition 12

    Iterative Development

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    5/25

    Term 13

    What is the Software Development Method

    that is characterized by having the people

    who do the job heavily involved in thedesigning of the solution?

    Definition 13

    Joint Analysis Development

    Term 14

    What is the Software Development Method

    that is characterized by building a simplified

    version, gathering feedback, and then

    building a final product?

    Definition 14

    Prototyping

    Term 15

    What is the Software Development Method

    that is characterized by strict time limits on

    each phase?

    Definition 15

    Rapid Application Development

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    6/25

    Term 16

    What is the Software Development Method

    that is characterized by development with

    short development iterations to reducerisk?

    Definition 16

    Agile Development

    Term 17

    What is the Software Development Method

    that is characterized by large, complex

    projects that involve multiple software

    components and many people.

    Definition 17

    Computer Aided Software Engineering

    Term 18

    What is the Software Development Method

    that is characterized by using standardized,

    building-block components that can be

    used to assemble an application?

    Definition 18

    Component-Based Model

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    7/25

    Term 19

    What is the Software Development Method

    that is characterized by using existing

    components?

    Definition 19

    Reuse Model

    Term 20

    A ____________ is a program that translates

    an assembly-language program into

    machine language.

    Definition 20

    Assembler

    Term 21

    A __________ translates high level language

    into machine language

    Definition 21

    Compiler

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    8/25

    Term 22

    A ____________ translates code statement

    by statement rather than all at once.

    Definition 22

    Interpreter

    Term 23

    _____________ are used to interface a

    program with the system.

    Definition 23

    Drivers

    Term 24

    In Object Oriented Programming, a

    ________ is a template for object

    Definition 24

    Class

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    9/25

    Term 25

    In Object Oriented Programming, a

    ________ is an instance of a class

    Definition 25

    Object

    Term 26

    In Object Oriented Programming, a

    ________ is a request from an object

    Definition 26

    message

    Term 27

    In Object Oriented Programming, ________

    refers to programs deriving its data and

    functionality from the calling object

    Definition 27

    Inheritence

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    5 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    10/25

    Term 28

    In Object Oriented Programming, ________

    refers to different objects responding to the

    same command in different ways.

    Definition 28

    Polymorphism

    Term 29

    In Object Oriented Programming, ________

    refers to creating a new version of an object

    by changing its attributes.

    Definition 29

    Polyinstantiation

    Term 30

    _________________ entails programs

    located on different computers cooperating

    in the same application.

    Definition 30

    Distributed computing

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    11/25

    Term 31

    What does SOAP stand for?

    Definition 31

    Simple Object Access Protocol

    Term 32

    A ______________ is a weakness of both

    poor coding and programming language

    vulnerabilities

    Definition 32

    Buffer Overflow

    Term 33

    A ___________ is inserting a series of

    statements into a "query" by manipulating

    data input into an application

    Definition 33

    SQL Injection

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    12/25

    Term 34

    __________ flaws occur whenever an

    application takes user-supplied data and

    sends it to a web browser without firstvalidating that content.

    Definition 34

    Cross Site Scripting

    Term 35

    A __________ is an error in software code

    that points to an object that has been

    deleted

    Definition 35

    Dangling Pointer

    Term 36

    A _____________ is a contact between a

    caller and a call-ee.

    Definition 36

    Application Programming Interface (API)

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    13/25

    Term 37

    A _________ is when two or more

    processes using the same resource falsely

    depend on the state of that resourceremaining constant.

    Definition 37

    Race Condition

    Term 38

    _____________ is a means of surreptitiously

    transferring information from a higher

    classification to a lower classification.

    Definition 38

    Covert Channels

    Term 39

    ____________ communicate by modifying a

    stored object.

    Definition 39

    Storage Channels

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    14/25

    Term 40

    ________________ transmit information by

    affecting the relative timing of events.

    Definition 40

    Timing Channels

    Term 41

    A _______ is a mechanism embedded into a

    program that allows the normal security

    access procedures to be bypassed

    Definition 41

    Trap Door

    Term 42

    A ___________ is a hidden software or

    hardware mechanism intentionally placed in

    a system by a vendor that can be triggered

    to circumvent system protection

    mechanisms.

    Definition 42

    Maintenance Hook

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    15/25

    Term 43

    ______________ occurs when system

    resources are consumed by illegitimate

    processes so that legitimate processescannot run.

    Definition 43

    Denial Of Service

    Term 44

    ____________ are large groups of

    computers that can be activated to do the

    bidding of the person controlling them.

    Definition 44

    Botnets

    Term 45

    ___________ allow an attacker to gain

    administrator access to a compromised

    machine

    Definition 45

    Rootkits

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    16/25

    Term 46

    A ___________ is defined by its ability to

    reproduce and spread, but generally

    requires actions by users.

    Definition 46

    Virus

    Term 47

    A __________ is similar to a virus, but does

    not generally require user action to spread.

    Definition 47

    Worm

    Term 48

    A _____________ infects the master boot

    record, system boot record, or other boot

    record.

    Definition 48

    Boot Sector Infector

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    17/25

    Term 49

    A ___________ is a virus that can infect

    multiple types of objects.

    Definition 49

    Mltipartite

    Term 50

    ___________ are usually stand alone files

    that can be executed by an interpreter.

    Definition 50

    Script Virus

    Term 51

    A ____________ is a malicious piece of

    code that poses as a positive/desirable

    utility

    Definition 51

    Trojan Horse

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    18/25

    Term 52

    A ___________ waits for a condition or time

    to release its negative payload.

    Definition 52

    Logic Bomb

    Term 53

    A _____________ intentionally corrupts

    data, generally by small increments over

    time.

    Definition 53

    Data Diddler

    Term 54

    What is the best defense against malware of

    all kinds?

    Definition 54

    Effective and workable policies

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    19/25

    Term 55

    ____________ store records in a single

    table, have parent/child relationships, are

    limited to a single tree, and make it difficultto link branches.

    Definition 55

    Hierarchical Database Management

    Systems

    Term 56

    What is the most frequently used DBMS?

    Definition 56

    Relational

    Term 57

    Where is data stored in a relational

    databse?

    Definition 57

    Tables

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    20/25

    Term 58

    In a Relational Database, a ___________

    uniquely identifies each row and assists

    with indexing the table.

    Definition 58

    Primary Key

    Term 59

    In a Relational Database, a ___________ is a

    primary key value in a table in which it is

    not the primary key.

    Definition 59

    Foreign Key

    Term 60

    ___________ is the searching of the data in

    a data warehouse to extract valuable

    information from the data in the warehouse.

    Definition 60

    Data Mining

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    21/25

    Term 61

    In relation to the ACID test, what does

    Atomicity mean?

    Definition 61

    All changes take effect or none do

    Term 62

    In relation to the ACID test, what does

    Consistency mean?

    Definition 62

    When the database is translated from one

    valid state to another, it remains compliant

    with the rules of the database

    Term 63

    In relation to the ACID test, what is

    isolation?

    Definition 63

    The reults of the transaction are invisible to

    other transactions until the transaction is

    complete.

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    22/25

    Term 64

    In relation to the ACID test, what is

    durability?

    Definition 64

    Ensures completed transactions can

    survive future systems and media failures.

    Term 65

    What does ACID in an ACID test stand for?

    Definition 65

    Atomicity, Consistency, Isolation, and

    Durabilty

    Term 66

    Which database language is the ANSI

    standard?

    Definition 66

    SQL

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    23/25

    Term 67

    What does SQL stand for?

    Definition 67

    Structured Query Language

    Term 68

    In separation of duties, sensitive

    transactions must be designed to require a

    minimum of _____________.

    Definition 68

    Dual Control

    Term 69

    What is the easiest effective control against

    a SQL injection?

    Definition 69

    Validating Input

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    24/25

    Term 70

    Why is it important to build security into an

    application rather than adding it later?

    Definition 70

    To provide more layers of security and

    make it harder to circumvent

    Term 71

    What three things must cryptographic data

    protection controls include?

    Definition 71

    Key creation, storage, and management

    Term 72

    A ___________ lists agreed-upon objectives

    and deliverables, which helps prevent

    scope creep.

    Definition 72

    SOW

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=

    25 5/30/2013 1

  • 7/28/2019 1softwarePrintable Flash Cards

    25/25

    Term 73

    A database that uses pre-defined groupings

    of data that can only be accessed based

    upon a user's authorization level, useswhich which database access control?

    Definition 73

    View Control

    Term 74

    A ____________ describes an attack where

    the perpetrator uses information gained

    through authorized activity to reach

    conclusions about restricted data.

    Definition 74

    Inference Attack

    able Flash Cards http://www.flashcardmachine.com/print/?topic_id=