2.3 Summarize secure application development, deployment, and automation concepts. Flashcards
Elasticity
the ability to resize an environment based on the load. Elasticity is a part of virtualization and can reduce costs. A user can increase or decrease resources as necessary. It is commonly used with cloud technologies.
Scalability
the capacity to resize current resources based on workload resources. It is commonly used on cloud technologies.
Containers
use the kernel as a host, but do not host an operating system. A container isolates and protects applications from other parts of the system.
Redundancy
the process of duplicating critical components to provide fault tolerance.
An administrator reconfigured a system back to its baseline settings after a vulnerability scanner detected deviation from the baseline configuration to improve the overall security posture of the system. What did the admin exercise in the Group Policy?
Integrity measurements
What is done to identify baseline deviations. Automated tools continuously monitor the system for any baseline changes. If changes are found, Group Policy will force the system back to its original state.
Integrity measurements
Least functionality
employs the principle of deploying systems with only the services and protocols required to perform the job. This is a component of system hardening but is not forced upon finding a vulnerability.
Blacklisting
Group Policy that blocks certain applications to be installed but allows all else.
Sandboxing
an isolated area for testing and developing.
Code obfuscation
the method of disguising coding methods by way of renaming variables, replacing strings, and hiding comments.
Continuous delivery
an agile software engineering approach that streamlines the processes of building, testing, and releasing software. This leads directly to faster delivery of software updates to the customer, reduced development risk through frequent, smaller updates, and cost reductions through process efficiency.
Continuous deployment
automates the process of delivering software to a production environment, which can decrease the software development lifecycle. However, while this can indirectly lead to the benefits described in the question, it doesn’t directly answer the question’s focus on reducing risk, cutting cost, and faster delivery to the customer.
Continuous integration
a method that frequently merges code changes into a main repository where it’s regularly built and tested. This practice reduces integration issues and bugs in the development phase, but it doesn’t directly address the reduction of risk, cost, and speed of delivery to the customer as described in the question.
DevSecOps
more focused on integrating security considerations into every phase of the development process.
change management
process that follows a change to a system from identification to implementation. It is used for controlled identification and implementation of required changes within a computer system.
