CySA+ Study Notes 14 Flashcards
practice of automating the integration of code changes from multiple contributors into a single software project. It’s a primary DevOps best practice, allowing developers to frequently merge code changes into a central repository where builds and tests then run.
Continuous Integration
??? is a software engineering practice in which teams develop, build, test, and release software in short cycles. … ??? is the process by which qualified changes in software code or architecture are deployed to production as soon as they are ready and without human intervention.
Continuous Deployment / Delivery
when the malware communicates with a C2 server asking for instructions or to exfiltrate collected data on some predetermined asynchronous interval. The C2 server hosts instructions for the malware, which are then executed on the infected machine after the malware checks in.
Beaconing
??? limiting data collection to only what is required to fulfill a specific purpose.
??? data must be collected for specified, explicit and legitimate purposes only (purpose specification); and. data must not be further processed in a way that is incompatible with those purposes (compatible use).
??? the process used to prevent someone’s personal identity from being revealed.
Data Minimization / Purpose Limitation / Deidentification
is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers).
the connection between 2 or more types of data.
Scan, Sweep (on Network) / Data Correlation
