Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
114 Cards in this Set
- Front
- Back
1. If a database is protected from modification using only symmetric encryption, someone may still
be able to mount an attack by: |
a Moving blocks of data such that a field belonging to one person is a. assigned to another
|
|
2. Why cannot outside programs determine the existence of malicious code with 100 percent
accuracy? |
c. The purpose of a string depends upon the context in which it is interpreted.
|
|
3. Format string vulnerabilities in programs can be found by
|
d. Including string specifiers in input data
|
|
4. Files temporarily created by applications can expose confidential data if:
|
c. File permissions are not set appropriately
|
|
5. The three structural parts of a virus are:
|
b. Infection, payload, and trigger
|
|
6. An application that uses dynamic link libraries can be forced to execute malicious code, even
without replacing the target .dll file, by exploiting: |
b. The library search order
|
|
7. In terms of databases, cryptography can:
|
Improve availability by allowing data to be easily placed where authorized users can
access it |
|
8. Proprietary protocols and data formats:
|
a. Are unsafe because they typically rely on security by obscurity
|
|
9. Integrating cryptography into applications may lead to:
|
d. Possible denial of service if the keys are corrupted
|
|
types of Database management systems (DBMS)
|
1) Hierarchical
2) Network 3) Relational 4) Object-Oriented 5) Object-Relational |
|
standardized access methods that provide an interface to the database
|
Database Interface Language
|
|
ACID lock control test
|
Atomicity (all or no changes)
Consistency (integrity of transactions) Isolation (results of transaction no visible until complete) Durability (a completed transaction is permanent) |
|
uses an knowledge base and aset of algorithms and/or rules that infer new facts from knowledge
|
Expert System Approach to Knowledge mgmt
|
|
Knowledge mgt that organizes data into nodes that are arranged in layers and links between the nodes have specific weighting classifications
|
Neural Networks
|
|
Time-of-Check/Time-of-Use describes a problem that may be found in
|
Kerberos, SESAME
|
|
what are lock controls
|
controls to read and write access to specific rows of data in relational system or objects in Object oriented system
|
|
manage large, structured sets of data, proveide access to multiple users and enforce integrity of data
|
DBMS
|
|
Project management-based methodology used to plan,execute and control software development
|
System Life Cycle
|
|
an object derives data and functionality from another object
|
Inheritance
|
|
different object respond to the same command in defferent ways
|
Polymorphism
|
|
creating a new version of an object by replacing variables with other values
AND allows different versions of the same information to exist at different classification levels |
Polyinstantiation
|
|
Allows application to be divided into pieces called component and each component can exist in a different location
|
Distributed Component Object Model (DCOM)
|
|
comprehensive analysis of the features of a system to make sure it addresses the security problem that you may have
|
Certification
|
|
the official management decision to actually operate a system
|
Accreditation
|
|
designed to record all of the business transactions of an organization as they occur
|
Online Transaction Processing (OLTP)
|
|
The key objective of application security is to ensure:
|
CIA of data
|
|
For an application security program to be effective within your organization, it is critical to
|
Develop the security policy that can be enforced
|
|
There is no inherent difference between the representation of data and programming in computer memory can lead to injection attacks , characterized by executing data as instructions. This is the fundamental aspect of which of the following computer architecture
|
Von Neumann
|
|
An important characteristic of bytecode is that it
|
is faster than interpreted lanuages
|
|
Two cooperating process that simultaneously compete for a shared resource in such a away that they violate the system's security policy is commonly known as
|
A covert channel
|
|
The art of influencing people to divulge sensitive info is
|
Social engineering
|
|
The most effective defense agaist a buffer overflow attack is
|
bounds checking
|
|
It is extremely important that as one follows a software development project, security activities are performed
|
c) in each stage of the life cycle
|
|
Audit logs are what type of control?
|
Detective
|
|
Who can ensure an enforce the separation of duties by ensuring that programmers do not have access to production code?
|
Software Librarian
|
|
Technical evaluation of assurance to ensure that security requiementas have been met is known as
|
certification
|
|
Defect prevention rather than defect removal is characteristisc of which of the following software delveopment methodology?
|
d) Clean room
|
|
based on the waterfall mode, at each phase, 4 substages,..PDCA (Plan Do Check Act)
|
Spiral model
|
|
process for dev high quality software, where by prevention of errors is key...write the code correctly the first time
|
clean room
|
|
technique of using computer and computer ulitities to help with the systemaatic analysis, design, development, implementation, and maintenance of software.
|
CASE (Computer Aided Software Engineering)
|
|
A Security protection mechanism in which untrusted code, which is not signed, is restricted from accessing system resources is known as
|
Sandboxing
|
|
a Program that does not reproduced itself but pretends to be performing a legitimate action, while acting performing malicious operations in the background is the characteristic of what?
|
Trojan
|
|
A plot to take insignificant pennies from a a user's bank account and move them to the attacker's bank account is an example of
|
Salami scam
|
|
Role-based access control to protect confidentiality of data in databases can be achieved by which of the following?
a) views b) encryption c) hashing d) masking |
Views
|
|
The two most common forms of attacks against databases are
|
Aggregation and inference
|
|
A property that ensure only valid or legal transaction that do not violate any user-defined integrity constraints in DBMS technologies is known as
|
Consistency
|
|
Expert system are comprised of a knowledge base comprising modeled human experience and which of the following?
|
Inference engine
|
|
The best defense against session hijacking and MiTM attacks is to use the following in the development of your software
|
Unique and random identification
|
|
Who released the CCM in 1991
|
CMU's Software Engineering Institute
|
|
The Capabiltity Maturity Model focuses on___ and has _ levels that contain several key practices w/in each.
|
quality management processes, 5 maturity levels
|
|
describes the essential characteristics of an organization's security engineering process
|
SSE-CMMI System Security Engineering-Compatibility Maturity Model Integration
|
|
International group of experts, industry practitioners who produces open source and widely agreed upon best-practice security standard for the WWW
|
WASC (Web Application Security Consortium)
|
|
the process of controlling software by managing the version of all components and the realtion bwetween them
|
SCM Software Configuration Management
|
|
a _ reviews and approves all changes to system software
|
Configuration Control Board (CCB)
|
|
what are the 5 level of the CMMI
|
1) Initial (chaotic, immature)
2) Managed (disciplined, capable) 3) Defined (documented, consistent) 4) Quantitatively Managed (predictable) 5) Optimizing (constant improvement) |
|
what is the different between System lifecycle and "System development lifecycle"
|
system lifecycle is also concerned with post-development operation and maintenance
|
|
System lifecycle (SLC) is replaced by
|
SDLC (System Dev lifecycle)
|
|
what has the most extensive material on applicaiton and system development
|
Information Technology Infrastructure Library
|
|
SLC consists of:
|
1) Initiation and planning
2) Acquisition & development 3) Implementation 4) Operation & maintenance 5) Decommissioning |
|
Who performs unit testing
|
programmers
|
|
who performes acceptance testing
|
customer/users
|
|
What is regression testing
|
testing new code against old functions/processes ..retest old features incase new feature broke an old one
|
|
Deadlocking
|
when two elements in a process are waiting for each other to respond
|
|
Change management process
|
1) Request
2) analyze request for feasibility 3) develop implementaiton strategy 4) Approval of change 5) develop change 6) Test change 7) Implementation 8) Review & verify change 9) report to managment |
|
Databases are used to combing the data from many sources into one discrete source. What new risk does this introduce?
|
Databases may enable insider inference attacks
|
|
Datbase design models have change over the yuears. Which of the following model places the data in the tables
|
Relational database mgt system
|
|
RDMS are used to show associations between objects contained in the database. Which of the following best describes a foreign key
|
A foreign key is used to join one table to the primary key of another table
|
|
In an RDB, which of the following is true concerning a primary key?
|
The primary key must contain a non-null value in order to uniquely identify the tuple
|
|
which of the folloing database attacks describes an attack where the perpetrator uses information gained through authorized activity to reach conclusion relating to unauthorized data?
|
Inference attack
|
|
A databsase that uses pre-defined groupings of data that can only be accessed based upon user's authroization level, uses which of the following access control models?
|
view-based access control
|
|
AN AI system that gather information from SMEs and attempts to use programmed rules to analyze problems and suggest a recommended COA is called which of the following
|
Expert system approach
|
|
System Life Cycle (SLC) contain a step that Software Development Life Cycle (SDLC) doesn't..Whcih one is it?
|
Decommissioning/disposal
|
|
Which of the following model shows both progress and costs in a visual manner?
|
Spiral Model
|
|
One of the major characteristics of a s/w complier is that it will
|
Convert high level programming language into machine code
|
|
The primary key is used to uniquely identifiy record in a database by adding additional variable to the primary key, two items with the same identifieer can be differentitated. This is often used to preent inferenc attacks
|
Polyinstantiation
|
|
CORBA is designed to
|
controll access to called object modules
|
|
Which of these attack abuses the trus and application server has in a client
|
Cross Site Request Forgery (CSRF)
|
|
Configuration magmt ensure tht approved changes are i;mplement as approved. Chang mgt ensure which of the following?
|
Changes are submitted, approved and recorded
|
|
Fail Secure means:
|
Fail in such a way as to maintain security
|
|
Which the of the following statement is true about certification and accreditation?
|
Certification is the technical analysis of a system to ensure that specific security requirements are met
|
|
Wher should full access control be granted
|
The application itself
|
|
The software development company suggests that a software escrow should be set up. What does this mean?
|
A third party will keep a copy of the s/w to protect the customer
|
|
Technique of using computers and computer utilities to help with the systematic analysis, design, development,implementation and maintenance of software
|
Computer-Aided Software Engineering (CASE)
|
|
form of rapid prototyping that required strict time limits on each phase and relies on tools that enable quick development.
|
Rapid Application Development (RAD)
|
|
Uncovering restricted information by using permissible data is refferred to as
|
Aggregation/inference
|
|
What is a polymorphic virus?
|
A Virus that self-garbles
|
|
a structural design for the development and implementation of distributed applications written in JAVA. Provides interfaces and methods to allow different applications to communicate across a networked environment
|
Enterprise JavaBeans
|
|
which of the following describes the Capability Maturity Model
|
It improves software quality, reduced the life cycle of development dnd provide better project managment capabilities
|
|
Expert System are build to provide human-type logic. One componenet of an expert sytem is its "if/then" logic what is this logic called?
|
Rule-based programming
|
|
Which of the following is a backdoor to an application or system created by the developer?
|
Trapdoor
|
|
what does EICAR test?
|
Anitvirus software
|
|
System functionality is broken down into a more detailed level at what phase of software development?
|
Design specifications
|
|
when one object is copied and the attributes of the second object ar modified
|
polyinstantiation
|
|
the different between datamarts and data warehouses is that datatmars
|
fulfill a specific, targeted need/objective
|
|
what type of security mechanism is used in ActiveX
|
Digital Signature
|
|
different between Smurf and Fraggle
|
FRagge used UDP, not ICMP
|
|
In the project initiation phase of software development, all of the following tasks should be performed expect
|
Review customer requirments
|
|
what is not a reeason that security has been excluded from tytpical softwer development?
|
Security is not a programmer's job; it's the job of a security professional
|
|
Stage of CMMI described as "chaotic, immature, unpredictable, reactive"
|
Initial
|
|
Stage of CMMI described as "disciplined, capable, reactive"
|
Managed or "repeatable"
|
|
Stage of CMMI described as "documented, consistent, proactive"
|
Defined
|
|
Stage of CMMI described as "predictable, measured and controlled"
|
Quantitatively Managed
|
|
Stage of CMMI described as "constant improvement, continuous process improvement"
|
Optimizing
|
|
model which creates a chain of traceability
|
SABSA
|
|
type of malware: 100% CPU, network traffic exceptionally high
|
worm
|
|
The totality of protection mechanisms including h/w, firmware and s/w
|
TCB
|
|
is the TCB part of the OS protection mechansim
|
no
|
|
Lowest level of EAL leves at which semi-formal testing is performed?
|
EAL 5
|
|
An important characteristic of bytecode is that it
|
is faster than interpreted languages
|
|
Granting rights to groups as opposed to individuals is an example of
|
abstraction
|
|
To sucessfully complete a vuln assesment, it is critical tthat protection system are well understood. THis objective includes:
|
Threat definition, target identification and faciliity characterization
|
|
The term disaster recovery commonly refers to
|
recovery of the technology enviornment
|
|
who should ahve full control over an App
|
no one
|
|
two methods of enrypting data
|
symmetric and symmetric
|