Application Security

Question 1

What is Application Security?

Answer 1

critical aspect of software development that focuses on building applications that are secure by design

Question 2

What is Input Validation?

Answer 2

Area of Application Security

fundamental aspect of application security that acts as a gatekeeper to ensure that applications only act on well-defined and uncontaminated data.

Question 3

What are Validation Rules?

Answer 3

These rules delineate acceptable and unacceptable inputs

Question 4

What are Secure Cookies?

Answer 4

Cookies transmitted over a secure HTTPS connection to prevent potential eavesdroppers from intercepting the cookie data.

Question 5

What is SAST?

Answer 5

Static Code Analysis

method of debugging and application by reviewing and examining its source code before the program is ever run.

Question 6

What is a Manual Code Review?

Answer 6

if you perform this code review using a human instead of a static software analysis tool, we refer to this as manual code review.

Question 7

What is Dynamic Code Analysis?

Answer 7

Testing method that analyzes an application while its running

Question 8

What is Fuzzing?

Answer 8

Type of Dynamic Code Analysis

Finds software flaws by bombarding it with random data to trigger crashes and security vulnerabilities

Question 9

What is Stress Testing?

Answer 9

type of software testing that evaluates the stability and reliability of a system under extreme conditions.

Question 10

What is Code Signing?

Answer 10

technique used to confirm the identity of the software author and guarantee that the code has not been altered or corrupted since it was signed.

Question 11

What is Sandboxing?

Answer 11

security mechanism that is used to isolate running programs by limiting the resources that they can access and the changes that they can make to a system