CISSP (Domain 4 - Software Development Security) Flashcards

1
Q

Waterfall Method

A
  • Traditional model
  • Completion of one task goes to another
  • Long term projects
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Prototyping Method

A
  • Address time issues with waterfall
  • Evolves each round
  • Four Phases
    + initial concept, implement pt, refine, release
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Spiral Model

A
  • Combination of waterfall and prototyping

- Develop initial with PT then each with Waterfall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Software Development Life Cycle (SDLC) (7 things)

PI/FD/SD/SD/ITI/OM/D

A
  • Project initiation
  • Functional design analysis and planning
  • System design specifications
  • Software development
  • Installation/Test/Implementation
  • Operational/Maintenance
  • Disposal
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Project Initiation - SDLC

A

Identify security requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Functional Design - SDLC

A

Function to address the threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

System Design - SDLC

A

What security technology will be used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Software Development - SDLC

A

Write code to meet specifications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Testing and Installation - SDLC

A

Test system components, create manuals, UAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Operations/Maintenance - SDLC

A

Maintain system through SLA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Disposal - SDLC

A

Data moved to another system or discarded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Verification

A

Test features for functionality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Validation

A

Test system as a whole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Computer Aided Software Engineering (CASE)

A

Tools used to help programmers/PM/Analyst for automation, debugging, and rapid prototyping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Capability Maturity Model (5 levels)

IRDMO

A

Used to improve processes which improves output

  • Initiating
  • Repeatable
  • Defined
  • Managed
  • Optimizing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Initiating - CMM

A

Processes are disorganized, ad-hoc processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Repeatable - CMM

A

Processes made, established, defined, and documented

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Defined - CMM

A

Know the date it will be done

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Managed - CMM

A

% measurements of completion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Optimizing - CMM

A

Constant process improvement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Object Oriented Programming

A
  • Closely maps to real activities in the business world
  • Highly modular
  • Self contained
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Classes

A

Define attributes and characteristics of the possible objects within them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Objects

A

Software entities that are grouped into Classes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Polymorphism

A

Two objects sent the same message but react differently.

Same input different output with different object in same class.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Polyinstantiation

A

Creation of another version of an object using different values for its variables to ensure lower level subjects do not access data at higher classification.

Data masking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Cohesive - Module Interaction

A

Perform single task with little help from other modules

27
Q

Coupling - Module Interaction

A

Measurement of interaction between objects. Modules should not affect each other drastically.

28
Q

Meta-Data

A
  • Data about data

- Data used to describe the database and the data within it

29
Q

Open Database Connectivity (ODBC)

A

Manager between the application and the database’s.

30
Q

Data Warehousing

A

Combine data from multiple databases into a large database for information retrieval and data analysis

31
Q

Data Mining

A

Process of analyzing a database using tools that look for trends or anomalies without having the knowledge of the meaning of the data.

Massage data to be more meaningful

32
Q

Database ACID Test

A
  • Atomicity: Either all changes take effect or none do
  • Consistency: A transaction is allowed if it follows constraints
  • Isolation: The result of the transaction are not visible until the transaction is complete
  • Durability: Results of a completed transaction are permanent

*Maintain integrity of DB

33
Q

Aggregation - DB Security Attack

A

Act of combining information from separate sources to form new information for which attacker does not have access to

34
Q

Inference - DB Security Attack

A

Ability to derive additional information from learned facts about a particular system.

Lower security level indirectly portrays data at a higher level.

*Fought with Polyinstantiation

35
Q

Enterprise Java Bean (EJB) - Distributed Communication Standard

A

Intended to handle common concerns with persistence, transactional integrity, security in a standard way.

*Programmers can concentrate on object at hand

36
Q

Simple Object Access Protocol (SOAP) - Distributed Communication Standard

A

Replacement for DCOM and uses XML-based communication

37
Q

Distributed Component Object Model (DCOM)

A

Allows for objects on different systems to interact

38
Q

Common Object Model (COM)

A

Allow for simple inter-process communication between objects

39
Q

Object Linking and Embedding (OLE)

A

Provides a way for objects to be shared on a local workstation and uses COM as its foundation base

*Embedding an image in a document

40
Q

Cross Site Scripting (XSS)

A

Client makes request to web server. Web server is compromised to throw a popup with the contents of an attackers site

41
Q

5 Types of Malware

VMLTO

A
  • Virus
  • Worm
  • Logic Bomb
  • Trojan Horse
  • Other Attack Types
42
Q

Malicious Code Detection

A
  • *File integrity checker (checksum)
  • File size increases
  • Many unexpected disk access
43
Q

Virus

A
  • Needs a delivery vehicle

- Program that searches out other programs and infects them by embedding a copy of itself

44
Q

Macro Virus

A

Written in macro language that is platform independent.

Programs run automatically when document is opened

45
Q

Compression Virus

A

Appends itself to executable’s on the system and compresses them by using the users permissions

46
Q

Stealth Virus

A

Hides modifications it has made and tricks anti-virus software by intercepting its requests to the OS and provides bogus information

47
Q

Polymorphic Virus

A

*Digital signature changes

Produces varied by operational copies of itself. (nothing identical)

48
Q

Multi-Partite Virus

A

Infects computer in multiple ways

  • Boot sector
  • Hard Drive
49
Q

Self-Garbling Virus

A

Attempts to hide from anti-virus software by modifying its own code so it doesn’t match predefined signatures

50
Q

Meme Virus

A

E-mail messages that are continually forwarded around the internet. Not a virus

51
Q

Worms

A
  • Can reproduce on their own
  • Self contained code

*Own mind

52
Q

Logic Bomb

A

An event triggers on a certain date/time

53
Q

Trojan Horse

A

Program disguised as another program and does stuff in backgroun

54
Q

Smurf Attack

A

Uses IP spoofing and ICMP replies in order to saturate a host

  1. Spoofed IP (SRC Masked)
  2. ICMP echo to broadcast destination (DST)
  3. Bounced response (DST to SRC Masked IP)
55
Q

Fraggle Attack

A

Uses IP spoofing and UDP replies in order to saturate a host

  1. Spoofed IP (SRC Masked)
  2. UDP to broadcast destination (DST)
  3. Bounced response (DST to SRC Masked IP)
56
Q

Stop Smurf Attacks (Internal/Target/Bounce)

A

Internal:
- Only let traffic from our own network out (SRC was masked)

Target:
- Block no ICMP from outside

Bounce Site:
- Block ICMP and Broadcast

57
Q

Zombies

A

Computers that make up botnet community

58
Q

Ingress Filtering - DDoS Countermeasure

A

Do not allow packets in with internal source addresses

59
Q

Egress Filtering - DDoS Countermeasures

A

Do not allow packets to leave with external source addresses

60
Q

Expert Systems - AI

A
  • Computer users KB, algorithms, and rules
  • Infer new facts from existing knowledge and incoming data
  • Heuristic obtained through experiences and learning
  • App
61
Q

Inference Engine - AI

A
  • Rule based programming

- If/Then logic

62
Q

Artificial Neural Networks (ANN)

A
  • The ability to remember and learn from new experiences
  • Capacity to generalize
  • Only good for the experience they are given
63
Q

Online Transaction Processing (OLTP)

A

Mechanisms that watch for problems and deal with them appropriately when they occur.

*Ensure transactions go properly