Chapter 7 - Host, Data and Application Security Flashcards
What is the most common language used to speak to databases?
page 216
Structured Query Language (SQL)
What kind of database and application exist on a single system?
page 216
One-Tier Model or Single-Tier Model
In what tiered system model, does the client workstation or system runs an application that communicates with the database that is running on a different server.
page 217
Two-Tier Model
In what tiered system model effectively isolates the end user from the database by introducing a middle-tier server.
page 217
Three-Tier Model
What is NoSQL?
page 217
Is not a relational database and does not use SQL.
What is a SAN?
page 218
Storage Area Network
Is a separate network set up to appear as a server to the main organizational network.
What is a technique of providing unexpected values as input to an application in order to make it crash?
page 218
Fuzzing
What is the best way to prevent Fuzzing is…
page 218
Is to validate all input to ensure that input is of expected type.
What is OWASP?
page 219
Is a voluntary group dedicated to forming secure coding practices for web-based applications as well as mobile and client applications along with back-end design issues.
What is CERT Secure coding Standards?
page 219
Computer Emergency Response Team
Cover many of the same issues as OWASP, but they also have complete language-specific standards for Java, Perl, C and C++.
What are the three types of operating system patches?
page 220
- Hotfix
- Patch
- Service Pack
What are the different permissions?
page 220
- Full Control
- Modify
- Read & Execute
- Read
- Write
What are some actions you should take to keep safe from Malware?
page 221 Install antivirus software Install antispam filters Install antispyware software Use pop-up blockers Use host-based firewalls Use host-based IDS
A _____ _______ defines the level of security that will implemented and maintained.
page 226
Security Baseline
What types of Backups are there?
page 233
- Full
- Differential
- Incremental