Chapter 3 - Programs and programming

Question 1

Error

Answer 1

a human makes a mistake in performing some

software activity

Question 2

Fault

Answer 2

an incorrect step, command, process, or data definition in a computer program, design, or documentation.

Question 3

Failure

Answer 3

a departure from the system’s required behavior

Question 4

Program counter

Answer 4

Computers use a pointer or register that indicates the

next instruction.

Question 5

Heap

Answer 5

storage for dynamically created data

Question 6

Stack

Answer 6

Storage for subtask call and return data

Question 7

Program fault

Answer 7

Trying to execute something that does not correspond to a valid instruction or trying to execute a privileged instruction when not in the proper mode

Question 8

Privilege escalation

Answer 8

By replacing a few instructions right after returning from his or her own procedure, the attacker regains control from the operating system, possibly with
raised privileges.

Question 9

Buffer (or array or string)

Answer 9

a space in which data can be held.

Question 10

local data

Answer 10

data used strictly within one procedure

Question 11

shared or common or global data

Answer 11

shared between two or more procedures

Question 12

Stack frame

Answer 12

This data group of parameters, return address, and stack pointer

Question 13

stack smashing

Answer 13

Arbitrary data in the wrong place causes strange behavior, but particular data in a predictable location causes a planned impact.

Question 14

data driven attack

Answer 14

the harm occurs by the data the attacker sends.

Question 15

static code analyzer

Answer 15

analyzes source code to detect unsafe conditions

Question 16

canary

Answer 16

to protect the stack, we can do that by wrapping each stack frame in a protective layer.

Question 17

mediation

Answer 17

Verifying that the subject is authorized to perform the operation on an object

Question 18

time-of-check to time-of-use (TOCTTOU)

Answer 18

concerns mediation that is performed with a
“bait and switch” in the middle. it exploits the delay between the two actions: check and use. That is, between the time the access was checked and the time the result of the check was used, a change occurred, invalidating the result of the check.

Question 19

backdoor or trapdoor

Answer 19

An undocumented access point

Question 20

integer overflow

Answer 20

occurs because a storage location is of fixed, finite size and therefore can contain only integers up to a certain limit.

Question 21

null terminated

Answer 21

meaning that the end of the string is denoted by a null byte

Question 22

race condition or serialization flaw

Answer 22

two processes execute concurrently, and the outcome of the computation depends on the order in which instructions of the processes execute.

Question 23

Malicious code or rogue programs or malware

Answer 23

the general name for programs or program parts planted by an agent with malicious intent to cause unanticipated or undesired effects.

Question 24

virus

Answer 24

a program that can replicate itself and pass on malicious code to other non-malicious programs by modifying them.

Question 25

transient virus

Answer 25

a life span that depends on the life of its host; the virus runs when the program to which it is attached executes, and it terminates when the attached program ends.

Question 26

resident virus

Answer 26

locates itself in memory; it can then remain active or be activated as a stand-alone program, even after its attached program ends.

Question 27

worm

Answer 27

a program that spreads copies of itself through a network.

Question 28

bot (short for robot)

Answer 28

a kind of worm used in vast numbers by search engine hosts like Bing and Google.

Question 29

Trojan horse

Answer 29

malicious code that, in addition to its primary effect, has a second, nonobvious, malicious effect. slips inside a program undetected and produces unwelcome effects later on.

Question 30

zero-day attack

Answer 30

use of malware that exploits a previously unknown vulnerability or a known vulnerability for which no countermeasure has yet been distributed.

Question 31

zero-day exploit

Answer 31

An attack before availability of the control

Question 32

virus hoaxes

Answer 32

messages falsely warning of a piece of malicious code, apparently to cause receivers to panic and forward the message to contacts, thus spreading the panic.

Question 33

multipartite form

Answer 33

they install themselves in several pieces in distinct locations, sometimes to carry out different objectives.

Question 34

interpretive data

Answer 34

Although such a file is not executable as a program itself, it can cause activity in the program that handles it.

Question 35

stealth

Answer 35

avoiding detection during installation, while

executing, or even at rest in storage.

Question 36

Steganography

Answer 36

permits data to be hidden in large, complex, redundant data sets.

Question 37

polymorphic virus

Answer 37

A virus that can change its appearance

Question 38

encrypting viruses.

Answer 38

A simple variety of polymorphic virus uses encryption under various keys to make the stored form of the virus different.

Question 39

modular

Answer 39

to create a design or code in small, self-contained units, called components or modules;

Question 40

encapsulation

Answer 40

If a component is isolated from the effects of other components, then the system is designed in a way that limits the damage any fault causes. developers can readily see where vulnerabilities may lie
if the component is isolated.

Question 41

Information hiding

Answer 41

each component hides its precise implementation or some other design decision from the others.

Question 42

Modularization

Answer 42

the process of dividing a task into subtasks

Question 43

cohesion

Answer 43

all the elements of a component have a logical and functional reason for being there; every aspect of the component is tied to the component’s single purpose.

Question 44

Coupling

Answer 44

the degree with which a component depends on other components in the system.

Question 45

mutual suspicion

Answer 45

operate as if other routines in the system were malicious or incorrect.

Question 46

confined program

Answer 46

strictly limited in what system resources it can access

Question 47

SSL

secure socket layer

Answer 47

a cryptographic technique by which browser web communications are secured, for example, to protect the privacy of a banking transaction.

Question 48

Address-space-layout randomization

Answer 48

a technique by which a module is loaded into different locations at different times (using a relocation device similar to base and bounds registers)

Question 49

module testing, component testing, or unit testing

Answer 49

verifies that the component functions properly with the types of input expected from a study of the component’s design.

Question 50

Integration testing

Answer 50

the process of verifying that the system components work together as described in the system and program design specifications.

Question 51

function test

Answer 51

evaluates the system to determine whether the functions described by the requirements specification are actually performed by the integrated system.

Question 52

performance test

Answer 52

compares the system with the remainder of these software and hardware requirements.

Question 53

acceptance test

Answer 53

the system is checked against the customer’s requirements description.

Question 54

installation test

Answer 54

run to make sure that the system still functions as it should

Question 55

regression testing

Answer 55

After a change is made to enhance the system or fix a problem ensures that all remaining functions are still working and that performance has not been degraded by the change.

Question 56

Black-box testing

Answer 56

testers cannot “see inside” the system, so they apply particular inputs and verify that they get the expected output.

Question 57

Clear-box testing

Answer 57

allows visibility. Here, testers can examine the design and code directly, generating test cases based on the code’s actual construction.

Question 58

program verification

Answer 58

involves making initial assertions about the program’s inputs and then checking to see if the desired output is generated.

Question 59

Validation

Answer 59

assuring that the system developers have implemented all requirements.

Question 60

design by contract™ (a trademark of Eiffel Software) or

programming by contract

Answer 60

a formal program development approach, but more widely, these terms refer to documenting for each program module its preconditions, postconditions, and invariants.

Question 61

assertions

Answer 61

explicit statements about modules.

Question 62

penetrate-and-patch

Answer 62

analysts searched for and repaired flaws.

Question 63

security by or through obscurity

Answer 63

ineffective countermeasure of assuming the attacker will not find a vulnerability. the belief that a system can be secure as long as nobody outside its implementation group is told anything about its internal mechanisms.

Question 64

work factor

Answer 64

the amount of effort necessary for an adversary to defeat a security control.

Question 65

halting problem

Answer 65

asks whether a computer program stops execution or

runs forever.