Chapter 11 Flashcards

Question 1

Q

CSRF

Answer

A

Cross Site Request Forgery

Question 2

Q

DevOps

Answer

A

Development and Operations

Question 3

Q

OWASP

Answer

A

Open Web Application Security Project

Question 4

Q

SDK

Answer

A

Software Development Kit

Question 5

Q

SDL

Answer

A

Software Development Lifecycle

Question 6

Q

SQL

Answer

A

Structured Query Langauge

Question 7

Q

QA

Answer

A

Quality Assurance

Question 8

Q

XSRF

Answer

A

Cross site Request Forgery

Question 9

Q

XSS

Answer

A

Cross site scripting

Question 10

Q

4 environments Development, Test, Staging Production

Question 11

Q

Compiler

Answer

A

Compilers take computer programs written in one language and convert them to a set of codes that can run on a specific set of hardware.

Question 12

Q

Automation as it applies to DevOps

Answer

A

Automating routines and extensive processes allows fewer resources to cover more of the environment in a more effective and efficient manner.

Question 13

Q

Code Reuse

Question 14

Q

Continuous Delivery

Question 15

Q

Continuous Deployment

Question 16

Q

Continuous Integration

Question 17

Q

Continuous monitoring

Question 18

Q

Continuous validation

Question 19

Q

Data Exposure

Answer

A

Loss of control of data from a system during operations.

Question 20

Q

Dead Code

Answer

A

Code that may be executed but is never actually used in a program

Question 21

Q

Dead Code Elimination

Answer

A

Compilers that can take care of and remove dead code

Question 22

Q

Deprovisioning

Answer

A

The removal of permissions or authorities.

Question 23

Q

Elasticity

Answer

A

The characteristic that something is capable of change without breaking.

Question 24

Q

Fuzzing

Question 25

Q

Garbage Collection

Question 26

Q

Legacy Code

Question 27

Q

Memory leaks

Question 28

Q

Normalization

Question 29

Q

Patch Management

Question 30

Q

Provisioning

Question 31

Q

Scalability

Answer

A

the characteristic of a software system to process higher workloads on its current resources (scale up) or on additional resources (scale out) without interruption.

Question 32

Q

Scripting

Question 33

Q

Software Integrity

Question 34

Q

Third Party Libraries

Question 35

Q

Versioning

Question 36

Q

What environment does the test environment mimic?

Answer

A

Production

Question 37

Q

What are two advantages of using SDK’s and third party libraries?

Question 38

Q

What is an advantage of a stored procedure?

Question 39

Q

What is a disadvantage of a stored procedure?

Question 40

Q

What is DevOps?

Question 41

Q

Can encoded transmissions be used to bypass security mechanisms?

Question 42

Q

Maintaining control of codebase integrity means what two things are happening?

Question 43

Q

What is obfuscated/camoflaged code?

Question 44

Q

What do 0 and 1 mean in binary code?

Question 45

Q

Does all code possess weaknesses and vulnerabilities?

Question 46

Q

Why is the client not a suitable place to perform any critical value checks or security checks?

Question 47

Q

In terms of software scalability, what is the difference between scaling up and scaling out?

Question 48

Q

What is the monoculture avoidance as it applies to software diversity?

Question 49

Q

What are some programming languages used today?

Question 50

Q

What is legacy code? Should it be used in modern software development?

Question 51

Q

How is hashing used with codebase?