3.6 Summarize secure application development and deployment concepts. Flashcards
Change management =
documentation
Advanced Persistent Threats (APTs)
Any sophisticated series of related attacks taking place over an extended period of time.
Agile development
A method of software development meant to be rapid.
Baselining
Creating a fundamental, or baseline, security level.
Agile is ______ oriented
Agile is Customer Service oriented
Immutable Systems
Nothing can be added to or changed on the system.
Stored Procedures
Once you have a secure database configuration, the next issue is how SQL queries are executed. This is normally accomplished with stored procedures
Code Signing
By digitally signing code, such as ActiveX components in web pages or device drivers, the end user who is installing the software can be confident as to the software’s origin.
confidentiality is ensured through _____-
encryption
______ means to hide.
Obfuscation
Stress Testing
This involves subjecting the target system to a workload far in excess of what it would normally encounter.
Which SDCL model is based around adaptive development where focusing on a working product and fulfilling customer needs is prioritized over rigid adherence to a process, use of specific tools, and details documentation?
A. Waterfall
B. Agile
C. Spiral
D. DevOps
B. Agile
When an organization wishes to automate many elements and functions of IT management, such as development, operations, security, and quality assurance, they are likely to be implementing which of the following? A. SCADA B. Code Signing C. Version control. D. DevOps.
D. DevOps
You are working for a business and they want to know if a newly deployed application server will handle the expected load. How can you test the application server?
A. Perform a static code review
B. Deploy the server in a sandbox and observer it.
C. Use a fuzzer on the server
D. Perform a stress test
D. Perform a stress test