3.6 Summarize secure application development and deployment concepts. Flashcards

1
Q

Change management =

A

documentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Advanced Persistent Threats (APTs)

A

Any sophisticated series of related attacks taking place over an extended period of time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Agile development

A

A method of software development meant to be rapid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Baselining

A

Creating a fundamental, or baseline, security level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Agile is ______ oriented

A

Agile is Customer Service oriented

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Immutable Systems

A

Nothing can be added to or changed on the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Stored Procedures

A

Once you have a secure database configuration, the next issue is how SQL queries are executed. This is normally accomplished with stored procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Code Signing

A

By digitally signing code, such as ActiveX components in web pages or device drivers, the end user who is installing the software can be confident as to the software’s origin.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

confidentiality is ensured through _____-

A

encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

______ means to hide.

A

Obfuscation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Stress Testing

A

This involves subjecting the target system to a workload far in excess of what it would normally encounter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which SDCL model is based around adaptive development where focusing on a working product and fulfilling customer needs is prioritized over rigid adherence to a process, use of specific tools, and details documentation?

A. Waterfall
B. Agile
C. Spiral
D. DevOps

A

B. Agile

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
When an organization wishes to automate many elements and functions of IT management, such as development, operations, security, and quality assurance, they are likely to be implementing which of the following?
A. SCADA
B. Code Signing
C. Version control.
D. DevOps.
A

D. DevOps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You are working for a business and they want to know if a newly deployed application server will handle the expected load. How can you test the application server?

A. Perform a static code review
B. Deploy the server in a sandbox and observer it.
C. Use a fuzzer on the server
D. Perform a stress test

A

D. Perform a stress test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly