Domain 2 Flashcards
While installing a windows patch file on a test workstation, the file fails to install. The installation instructions are easy to follow and include a long set of numbers in the form of 35533ce129738fb447deb9003fd54c17. Why is this long set of numbers important to know?
A checksum is a set of digits as a result of a cryptographic formula. The integer in question is a result of an MD5 checksum. Capturing the same checksum result from the source file and the copied file (at its destination) proves the file was not changed in transit.
A systems administrator is developing the organization’s standard naming conventions. When considering naming user accounts, why is it important for the administrator to avoid using nicknames or common words?
Nicknames and common words anonymize users and should not be used in standard naming conventions. Usernames should identify a person by some combination of first and last name and/or initials.
Hardware Security Module (HSM)
A Hardware Security Module (HSM) is a device used to generate, maintain and store cryptographic keys. It can be an external device and can easily be added to a system. The HSM will maintain the integrity of the key.
Trusted Platform Module (TPM)
is a hardware-based encryption solution that is embedded in the system and provides secure key storage for full disk encryption.
hardware root of trust
is a known secure starting point by embedding a private key in the system. The key remains private until the public key is matched.
System on a chip (SoC)
system on a chip includes all the functionality of a system in a compact solution. Mobile computing devices typically have this.
Code obfuscation
is the method of disguising coding methods by way of renaming variables, replacing strings, and hiding code comments.
Private cloud
A private cloud is defined as computing services offered either over the Internet or within a private internal network. Only certain authorized users can access a private cloud infrastructure.
A company would like to steer away from the use of proprietary hardware to route traffic at the data plane level through virtualization. Which of the following is a good solution for the company?
A Software Defined Network (SDN) separates data and control planes in a network. It uses virtualization to route traffic to its intended destination, instead of using proprietary hardware.
Devices strategically placed where servers may deliver functionality to consumers quickly and where data is pulled to the center for processing is considered which of the following?
Edge computing is a distributed model that is accomplished at or near the source of the data where it is needed. These devices perform early processing of data to and from edge devices to enable prioritization.
what is fog computing?
Fog computing is the placement of a node or nodes for processing resources close to the physical location of Internet of things (IoT) sensors. The fog node prioritizes traffic, analyzes and remediates conditions, and backhauls remaining data to the data center for storage and analysis
Thin client
A thin client is a low power computer that runs from resources stored on a central server. A thin client works by connecting remotely to a server-based computing environment in which applications, data, and memory are stored.
Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) provides a secure means to remotely access a user interface on a system in a separate location.
VM Sprawl
Virtualization sprawl is a phenomenon that occurs when the number of virtual machines (VMs) on a network reaches a point where the administrator can no longer manage them effectively. This can happen by patch mismanagement or simply too many virtual machines.
VM Escape
Virtual machine escape is a vulnerability that enables a user to gain access to the primary hypervisor and associated virtual machines.
Continuous integration
allows for the merging of code changes into a central repository. The code is built and tested each time it is checked into the environment, providing a more efficient method to code production.
Agile
The Agile methodology of software development focuses on cross-functional teams working together throughout the life cycle of a project.
waterfall
The waterfall method of development maintains a top to bottom approach. When one stakeholder has finished his or her piece of work, then another can begin.
Which of the following secure coding techniques makes code more difficult to read for an attacker?
Code obfuscation is the method of disguising coding methods by way of renaming variables, replacing strings, and hiding comments. This a secure coding practice.
While developing an online service application for a grocery store, a programmer implements an open source application programming interface. This implementation reduces the testing effort and speeds up the programming effort. What technique did the programmer execute?
Code reuse is the practice of using existing code (code previously developed) for a new function in a system. Because the code was previously built and published, it has also been tested for vulnerabilities and errors.
Version control
Version control tracks the versions of software in real time. It will record who has accessed the code, and what was changed. Version Control also allows for rollback if necessary.
A developer uses a group of SQL statements to accept input data for validation. What technique did the developer use to protect from SQL injection attacks?
A stored procedure is a set of Structured Query Language (SQL) statements stored in a database as a group, so it can be reused and shared by multiple programs. Stored procedures can validate input.
state table
A state table contains information about sessions between network hosts. This type of data is gathered by a stateful firewall.
A capability delivery team (CDT) reduces software development risk and cost while increasing the speed of delivery to the customer with updated software. What is the CDT providing the customer?
Continuous delivery is an agile software engineering approach that streamlines the processes of building, testing, and releasing software. This leads directly to faster delivery of software updates to the customer, reduced development risk through frequent, smaller updates, and cost reductions through process efficiency.
Continuous deployment
automates the process of delivering software to a production environment, which can decrease the software development lifecycle. However, while this can indirectly lead to the benefits described in the question, it doesn’t directly answer the question’s focus on reducing risk, cutting cost, and faster delivery to the customer.
Continuous integration
is a method that frequently merges code changes into a main repository where it’s regularly built and tested. This practice reduces integration issues and bugs in the development phase, but it doesn’t directly address the reduction of risk, cost, and speed of delivery to the customer as described in the question.
DevSecOps
with its continual security focus and stakeholder interaction, is a critical process in software development, it doesn’t directly tackle the question’s emphasis on risk reduction, cost cutting, and accelerated delivery to the customer. It’s more focused on integrating security considerations into every phase of the development process.
During testing, an application demonstrates poor performance in the amount of time a function to the database retrieves results. What should developers ensure in the database, to improve performance?
Normalization is used to optimize database performance by removing duplicates, use of primary keys, and related data contained in separate tables.
Which input validation method in a client-server architecture can improve application performance by catching deformed input on the front-end and is not used as the only form of security?
Client side input validation verifies data is valid upon entry to the system. Proper input validation uses a set of rules to validate entries in fields for proper use. In the event an entry is invalid, the application will reject the entry.
Server side
validations occur on the web server or back-end and take more time to complete. Validation on the server side is more secure than client side validation.
A development team considers software quality and cybersecurity analysis both early and throughout the software lifecycle. It enables building, testing, and releasing of software faster and more frequently. Which of the following objectives does this most likely provide the customer?
Continuous delivery is an agile software engineering approach that allows for the building, testing, and releasing of software with greater speed and frequency, providing the customer a continuous product.
The software development lifecycle (SDLC)
of a project consists of the following attributes: defining requirements, design, implementation, verification, and maintenance.
Model verification
Is testing to ensure the software meets the customers functional and physical requirements.
Upon the company launching a new hiring campaign, a system administrator is tasked with increasing resources to meet the new demand but also ensuring that similar cost ratios are maintained. What strategy is the administrator using to meet these new requirements?
Scalability