Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ SY601 RC > 2: 4 Secure Coding Practices > Flashcards

2: 4 Secure Coding Practices Flashcards

1
Q

Input Validation

A

Filters user-supplied input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Whitelist

A

Specifies allowable input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Blacklist

A

Specifies disallowed input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Where should input validation be done

A

Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Parameterized Query

A

Client sends arguments to the server that enters arguments into a template

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Application Authentication

A

Verifies user identity and confirms authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Hashing

A

Turning a password into a pre-defined length hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Salting

A

Adds random value to passwords prior to hashing to protect against rainbow table attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TLS

A

Transport Layer Security - Uses HTTPS to secure entire session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Output Encoding

A

Replaces dangerous characters with string i.e. < into %3c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What should perform output encoding

A

Trusted libraries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Exception Handling

A

Handles unpredictable states that may jeopardize application security. Provides explicit instructions to handle unpredictable states

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What form of exception handling does Java use?

A

Try-Catch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Database Normal Forms

A

Rules for database columns and tables that improves design and provides security advantages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Database activity monitoring

A

Logs and analyzes database requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why should databases use stored procedures

A

To protect against SQL injections

17
Q

Deidentification

A

Removes obvious Identifiers

18
Q

Anonymization

A

Removes possibility of identification

19
Q

What are the two ways to pass HIPPA Standards

A

Have statisticians analyze and verify, or eliminate the 18 types of identifiers (safe harbor approach)

20
Q

Data Obfuscation

A

Transforms sensitive data to a form that cannot be retrieved

21
Q

Masking

A

Redacts sensitive information from a file

22
Q

Tokenization

A

Replaces sensitive fields with a random identifiers (using a secure lookup table)

Security+ SY601 RC (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions