Domain 8 - Software Development Security Flashcards

Question 1

Q

System Development Life Cycle (SDLC)

Answer

A

Project initiation
Functional analysis and planning
System design specifications
Acceptance testing and implementation

System Life Cycle (SLC) (extends beyond SDLC)

Operations and maintenance

Revisions/ Disposal

Question 2

Q

Project initiation

Answer

A

Feasibility, cost, risk analysis, Management approval, basic security objectives

Question 3

Q

Functional analysis and planning

Answer

A

Define need, requirements, review proposed security controls

Question 4

Q

System design specifications

Answer

A

Develop detailed design specs, Review support documentation, Examine security controls

Question 5

Q

Software development

Answer

A

Programmers develop code. Unit testing Check modules. Prototyping, Verification, Validation

Question 6

Q

Acceptance testing and implementation

Answer

A

Separation of duties, security testing, data validation, bounds checking, certification, accreditation , part of release control

Question 7

Q

Operations and maintenance

Answer

A

release into production. Certification/accreditation

Question 8

Q

Revisions/ Disposal

Answer

A

remove. Sanitation and destruction of unneeded data

Question 9

Q

Change Management Process

Answer

A

Together, change and configuration management techniques form an important part of the software engineer’s arsenal and protect the organization from development-related security issues. The change management process has three basic components:

Question 10

Q

Three basic components of the Change Management Process

Answer

A

Request Control
Change Control
Release Control

Question 11

Q

Request Control

Answer

A

provides an organized framework within which users can request modifications, managers can conduct cost/ benefit analysis, and developers can prioritize tasks.

Question 12

Q

Change Control

Answer

A

provides an organized framework within which multiple developers can create and test a solution prior to rolling it out into a production environment. Change control includes conforming to quality control restrictions, developing tools for update or change deployment, properly documenting any coded changes, and rest

Question 13

Q

Release Control

Answer

A

Once the changes are finalized, they must be approved for release through the release control procedure.

Question 14

Q

Configuration Management Process

Answer

A

This process is used to control the version( s) of software used throughout an organization and formally track and control changes

Question 15

Q

Configuration Identification

Answer

A

administrators document the configuration of covered software products throughout the organization.

Question 16

Q

Configuration Control

Answer

A

ensures that changes to software versions are made in accordance with the change control and configuration management policies. Updates can be made only from authorized distributions in accordance with those policies.

Question 17

Q

Configuration Status Accounting

Answer

A

Formalized procedures are used to keep track of all authorized changes that take place.

Question 18

Q

Configuration Audit

Answer

A

periodic configuration audit should be conducted to ensure that the actual production environment is consistent with the accounting records and that no unauthorized configuration changes have taken place.

Question 19

Q

SDLC

Answer

A

 Conceptual definition 
 Functional requirements definition 
 Control specifications development 
 Design review
 Code review 
 System test review 
 Maintenance and change management

Question 20

Q

Software Capability Maturity model (CMM)

Answer

A

Quality of software is a direct function of quality of development and maintenance

Defined by Carnegie Mellon University SEI (Software Engineering Institute)

Describes procedures, principles, and practices that underlie software development process maturity 1-2 REACTIVE, 3-5 PROACTIVE

Question 21

Q

List the 5 steps of the Software Capability Maturity model (CMM).

Answer

A

initiating – competent people, informal processes, adhoc, absence of formal process
repeatable – project management processes, basic lifecycle management processes
defined – engineering processes, presence of basic lifecycle management processes and reuse of code, use of requirements management, software project planning, quality assurance, configuration management practices
managed – product and process improvement, quantitatively controlled
Optimizing – continuous process improvement

Works with an IDEAL model.

Initiate begin effort, Diagnose perform assessment, Establish an action plan, Action implement improvements, Leverage reassesses and continuously improve

Question 22

Q

Project Management Tools

Answer

A

Gantt Chart

PERT

Question 23

Q

Gantt Chart

Answer

A

a type of bar chart that shows the interrelationships over time between projects and schedules. It provides a graphical illustration of a schedule that helps to plan, coordinate, and track specific tasks in a project. WBS a subpart

Question 24

Q

PERT

Answer

A

Program Evaluation Review Technique is a projectscheduling tool used to judge the size of a software product in development and calculate the standard deviation (SD) for risk assessment. PERT relates the estimated lowest possible size, the most likely size, and the highest possible size of each component. PERT is used to direct improvements to project management and software coding in order to produce more efficient software.

Question 25

Q

DevOps

Answer

A

The DevOps approach seeks to resolve issues by bringing the three functions together in a single operational model.

The word DevOps is a combination of Development and Operations, symbolizing that these functions must merge and cooperate to meet business requirements. Integrates:

Software Development,
Quality Assurance
IT Operations

NOT SECURITY
Software

Question 26

Q

Software Development Models

Answer

A

Simplistic model
Waterfall model 
Waterfall including Validation and Verification (V&amp;V) 
Spiral model 
Cleanroom 
Cleanroom design

Question 27

Q

Simplistic model

Answer

A

This model was simplistic in that it assumed that each step could be completed and finalized without any effect from the later stages that may require rework

Question 28

Q

Waterfall model

Answer

A

Can be managed if developers are limited going back only one step. If rework may be done at any stage it’s not manageable. Problem: it assumes that a phase or stage ends at a specific time. System Requirements-> Software Requirements -> Analysis -> Program Design -> Coding -> Testing -> Operations & Maintenance

Question 29

Q

Waterfall including Validation and Verification (V&V)

Answer

A

Reinterpretation of the waterfall model where verification evaluates the product during development against specification and validation refers to the work product satisfying the real-world requirements and concepts. Verification=doing the job right Validation:= doing the right job

Question 30

Q

Spiral model

Answer

A

Angular = progress made Radial = cost
Lower left = development plans
Upper left = objectives of the plans, alternatives checked

Upper right = assessing alternatives, risk analysis Lower right = final development
Left horizontal axis = includes the major review required to complete each full cycle

Question 31

Q

Agile Software Development

Answer

A

Developers increasingly embraced approaches that placed an emphasis on the needs of the customer and on quickly developing new functionality that meets those needs in an iterative fashion.

Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan

WORKING SOFTWARE PRIMARY MEASURE OF SUCCESS

Question 32

Q

Database

Answer

A

general mechanism for defining, storing and manipulating data without writing specific programs

Question 33

Q

DBMS

Answer

A

refers to a suite of software programs that maintains and provides controlled access to data components store in rows and columns of a table

Question 34

Q

Types of Database Systems

Answer

A

Hierarchical= tree (sons with only one parent), one to many relationship
Network = tree (all interconnected)
Mesh
Object-orientated
Relational – one-to-one relationships, has DDL and DML, has TUPLES and ATTRIBUTES (rows and columns)
Key-Value Store - key-value database, is a data storage paradigm designed for storing, retrieving, and managing associative arrays, a data structure more commonly known today as a dictionary or hash.

Question 35

Q

DDL

Answer

A

Data definition language defines structure and schema

Question 36

Q

DML

Answer

A

Data manipulation language view, manipulate and use the database via VIEW, ADD, MODIFY, SORT and DELETE commands.

Question 37

Q

Degree of Db

Answer

A

–number of attributes (columns) in table

Question 38

Q

Tuple

Answer

A

row or record

Question 39

Q

DDE

Answer

A

Dynamic data exchange enables applications to work in a client/server model by providing the inter-process communications mechanism (IPC)

Question 40

Q

DCL

Answer

A

Data control language subset of SQL used to control access to data in a database, using GRANT and REVOKE statements

Question 41

Q

Semantic integrity

Answer

A

make sure that the structural and semantic rules are enforced on all data types, logical values that could adversely affect the structure of the database

Question 42

Q

Referential integrity

Answer

A

all foreign keys reference existing primary keys

Question 43

Q

Candidate Key

Answer

A

an attribute that is a unique identifier within a given table, one of the candidate keys is chosen to be the primary key and the others are alternate keys, A candidate key is a subset of attributes that can be used to uniquely identify any record in a table. No two records in the same table will ever contain the same values for all attributes composing a candidate key. Each table may have one or more candidate keys, which are chosen from column headings.

Question 44

Q

Primary Key

Answer

A

provide the sole tuple-level addressing mechanism within the relational model. Cannot contain a null value and cannot change or become null during the life of each entity. When the primary key of one relation is used as an attribute in another relation, it is the foreign key in that relation. Uniquely identify a record in a database

Question 45

Q

Foreign Key

Answer

A

represents a reference to an entry in some other table that is a primary key there. Link between the foreign and primary keys represents the relationship between the tuples. Enforces referential integrity

Question 46

Q

Main Components of a Db using Db

Answer

A

Schemas; blueprints
tables
views

Question 47

Q

Incorrect Summaries

Answer

A

when one transaction is using an aggregate function to summarize data stored in a Db while a second transaction is making modifications to a Db, causing summary to include incorrect information

Question 48

Q

Dirty Reads

Answer

A

when one transaction reads a value from a Db that was written by another transaction that did not commit, Db concurrency issue

Question 49

Q

Lost Updates

Answer

A

when one transaction writes a value to the Db that overwrites a value needed by transactions that have earlier precedence

Question 50

Q

Dynamic Lifetime Objects

Answer

A

Objects created on the fly by software in an Object Oriented Programming environment. An object is preassembled code that is a self-contained module

Question 51

Q

ODBC

Answer

A

Open Database Connectivity is a database feature that allows applications to communicate with different types of databases without having to be directly programmed for interaction with each type. ODBC acts as a proxy

Question 52

Q

Multilevel security

Answer

A

it’s essential that admins and developers strive to keep data with different security requirements separate.

Question 53

Q

Database contamination

Answer

A

Mixing data with different classification levels and/ or need-to-know requirements and is a significant security challenge. Often, administrators will deploy a trusted front end to add multilevel security to a legacy or insecure DBMS.

Question 54

Q

Database partitioning

Answer

A

is the process of splitting a single database into multiple parts, each with a unique and distinct security level or type of content.

Question 55

Q

Polyinstantiation

Answer

A

occurs when two or more rows in the same relational database table appear to have identical primary key elements but contain different data for use at differing classification levels. It is often used as a defense against inference attacks

Question 56

Q

Database transactions

Answer

A

Four required characteristics: atomicity, consistency, isolation, and durability. Together, these attributes are known as the ACID model, which is a critical concept in the development of database management systems.

Question 57

Q

Atomicity

Answer

A

Database transactions must be atomic— that is, they must be an “all-or-nothing” affair. If any part of the transaction fails, the entire transaction must be rolled back as if it never occurred.

Question 58

Q

Consistency

Answer

A

All transactions must begin operating in an environment that is consistent with all of the database’s rules (for example, all records have a unique primary key). When the transaction is complete, the database must again be consistent with the rules, regardless of whether those rules were violated during the processing of the transaction itself. No other transaction should ever be able to use any inconsistent data that might be generated during the execution of another transaction.

Question 59

Q

Isolation

Answer

A

principle requires that transactions operate separately from each other. If a database receives two SQL transactions that modify the same data, one transaction must be completed in its entirety before the other transaction is allowed to modify the same data. This prevents one transaction from working with invalid data generated as an intermediate step by another transaction

Question 60

Q

Durability

Answer

A

Database transactions must be durable. That is, once they are committed to the database, they must be preserved. Databases ensure durability through the use of backup mechanisms, such as transaction logs.

Question 61

Q

Expert Systems

Answer

A

Expert systems seek to embody the accumulated knowledge of experts on a particular subject and apply it in a consistent fashion to future decisions. Every expert system has two main components: the knowledge base and the inference engine.

Based on human reasoning
Knowledge base of the domain in the form of rules
If-then statements=called forward chaining
Priority in rules are called salience
Interference system = decision program
Expert system = inference engine + knowledge base - Degree of uncertainty handled by approaches as Bayesian networks(probability of events), certainty factors(probability an event is true) or fuzzy logic(to develop conclusions)
Two modes:

o Forward chaining: acquires info and comes to a conclusion

o Backward chaining: backtracks to determine IF a hypothesis is correct

Question 62

Q

Neural Networks

Answer

A

Use complex computations to replace partial functions of the human mind
Based on function of biologic neurons
Works with weighted inputs
If a threshold is exceeded there will be output
Single-layer : only one level of summoning codes
Multi-level: more levels of summoning codes
Training period needed to determine input vectors
adaptability (learning process)

Question 63

Q

Programming Language Generations

Answer

A

First-generation 
Second-generation
Third-generation 
Fourth-generation
Fifth-generation

Question 64

Q

First-generation languages (1GL)

Answer

A

include all machine languages

Answer 65

A

include all assembly languages.

Answer 66

A

include all compiled languages.

Answer 67

A

attempt to approximate natural languages and include SQL, which is used by databases.

Answer 68

A

allow programmers to create code using visual interfaces.

Answer 69

A

Translates higher level program into an executable file

Answer 70

A

reads higher level code, one line at the time to produce machine instructions

Answer 71

A

converts machine-code into binary machine instructions. Translate assembly language into machine language

Answer 72

A

Objects behave as a black box; they are encapsulated to perform an action. Can be substituted if they have compatible operations. It can store objects like video and pictures

Answer 73

A

only data it needs, no accidental access to data

Answer 74

A

communication to object to perform an action

Answer 75

A

code that defines an action an object performs in response to a message

Answer 76

A

results exhibited by an object in response to a msg.

Answer 77

A

collection of methods that defines the behavior of objects

Answer 78

A

objects are instances of classes that contain their methods

Answer 79

A

allows a subclass to access methods belonging to a superclass

Answer 80

A

class inherits characteristics from more than one parent class

Answer 81

A

forwarding a request to another object Polymorphism: objects of many different classes that are related by some common super class. When different subclasses may have different methods using the same interfaces that respond differently

Answer 82

A

defines classes of objects and their interactions

Answer 83

A

understanding and modeling a particular problem Domain Analysis (DA) seeks to identify classes and objects that are common to all applications in a domain

Answer 84

A

Objects are the basic units, and instances of classes

Answer 85

A

employment of objects and methods If class = airplane, objects like fighter plane, cargo plane, passenger plane can be created. Method would be what a plane would do with a message like: climb, dive, and roll.

Answer 86

A

middleware that acts as locators and distributors of the objects across networks.

Answer 87

A

broker architecture enables programs written in different languages and using different platforms and OS’s through IDL (Interface Definition Language)

Answer 88

A

support exchange of objects amongst programs. This used to be called OLE. DCOM is the network variant (distributed)

Answer 89

A

Object orientation (e.g. with C++ and Smalltalk) supports reuse of objects and reduces development risk, natural in its representation of real world entities.

Answer 90

A

ability to perform without use of other programs, strength of the relationship between the purposes of methods within the same class

Answer 91

A

without use of other modules

Answer 92

A

must interact with other modules

Answer 93

A

effect on other modules. Level of interaction between objects

Answer 94

A

module largely affects many more modules

Answer 95

A

it doesn’t affect many other modules

Technical

Answer 96

A

Abstraction
Separation of privilege 
Process isolation 
Layering processes
Hardware segmentation

Answer 97

A

one of the fundamental principles behind objectoriented programming. It is the “black-box” doctrine that says that users of an object (or operating system component) don’t necessarily need to know the details of how the object works; they need to know just the proper syntax for using the object and the type of data that will be returned as a result

Answer 98

A

builds on the principle of least privilege. It requires the use of granular access permissions; that is, different permissions for each type of privileged operation. This allows designers to assign some processes rights to perform certain supervisory functions without granting them unrestricted access to the system.

Answer 99

A

requires that the operating system provide separate memory spaces for each process’s instructions and data. It also requires that the operating system enforce those boundaries, preventing one process from reading or writing data that belongs to another process.

It prevents unauthorized data access. Process isolation is one of the fundamental requirements in a multilevel security mode system.
It protects the integrity of processes.

Answer 100

A

you implement a structure similar to the ring model used for operating modes and apply it to each operating system process

Answer 101

A

is similar to process isolation in purpose. Difference is that hardware segmentation enforces these requirements through the use of physical hardware controls rather than the logical process isolation controls imposed by an operating system.

Answer 102

A

Is a way to receive information in an unauthorized manner, information flood that is not protected by a security mechanism 2 types

Countermeasures: eal6 systems have less than eal3 systems because covert channels are normally a flaw in design.

Answer 103

A

processes communicate via storage space on the system

Answer 104

A

one process relays to another by modulating its use of system resources. Typing rhythm of Morse Code is an example

Answer 105

A

Java

ActiveX

Answer 106

A

sandboxes, no warnings, programs are compiled to bytecode

Answer 107

A

Authenticode, relies on digital signatures, annoying dialogs people click away

Answer 108

A

reproduces using a host application. It inserts or attaches itself to the file, spread thru infected media

Answer 109

A

reproduces on its own without host application

Answer 110

A

executes when a certain event happens (like accessing a bank account or employee being fired) or a data/time occurs

Answer 111

A

program disguised as a useful program/tool

Answer 112

A

False warnings like: DON’T OPEN X SEND TO ALL YOUR COLLEGUES

Answer 113

A

remote control programs that have the malicious code and allow for unauthorized remote access Back orifice, sub seven, net bus )

Answer 114

A

Excessive information provided to a memory buffer without appropriate bounds checking which can result in an elevation of privilege. If executable code is loaded into the overflow, it will be run as if it were the program. Buffer overflows can be detected by disassembling programs and looking at their operations. Buffer overflows must be corrected by the programmer or by directly patching system memory.

Answer 115

A

An undocumented access path through a system. This typically bypasses the normal security mechanisms and is to plant any of the malicious code forms

Answer 116

A

program installed by an attacker to enable him to come back on a later date without going through the proper authorization channels , maintenance hook for developers sometimes

Answer 117

A

a way to receive information in an unauthorized manner. Information flood that is not protected by a security mechanism.

Answer 118

A

Writing to storage by one process and reading by another of lower security level.

Answer 119

A

One process relays to another by modulating its use of system resources.

Answer 120

A

a tool used for covert channel that writes data directly after the ICMP header

Answer 121

A

compromise thousands of systems with zombie codes can be used in DDOS attacks or spammers, send spam messages, conduct brute force attacks, scan for vulnerable systems

Answer 122

A

attacker attempts to force the web application to navigate up the file hierarchy and retrieve a file that should not normally be provided to a web user

Answer 123

A

Most common in office productivity documents .doc/.docx

Answer 124

A

a software solution to manage the myriad mobile devices that employees use to access company resources. The goals of MDM are to improve security, provide monitoring, enable remote management, and support troubleshooting.

Answer 125

A

two different files produce the same result from a hashing operation

Answer 126

A

moves or overwrites the boot sector with the virus code.

Answer 127

A

infects BIOS command other system files. It is often a memory resident virus

Answer 128

A

a malicious variation of official BIOS or firmware is installed that introduces remote control or other malicious features into a device. UEFI – replacement for BIOS

Answer 129

A

appended to executables

Answer 130

A

A specific type of virus where the infected code is stored not in the host program, but in a separate ‘companion’ files. For example, the virus might rename the standard NOTEPAD.EXE file to NOTEPAD.EXD and create a new NOTEPAD.EXE containing the virus code. When the user subsequently runs the Notepad application, the virus will run first and then pass control to the original program, so the user doesn’t see anything suspicious. Takes advantage of search order of an OS

Answer 131

A

hides modifications to files or boot records and itself

Answer 132

A

infects both the boot sector and executable files; becomes resident first in memory and then infects the boot sector and finally the entire system, uses two or more propagation mechanisms

Answer 133

A

attempts to hide by garbling its code; as it spreads, it changes the way its code is encoded

Answer 134

A

this is also a self-garbling virus where the virus changes the “garble” pattern each time is spreads. As a result, it is also difficult to detect.

Answer 135

A

usually written in Word Basic, Visual Basic or VBScript and used with MS Office

Answer 136

A

Virus that loads when a program loads in memory

Answer 137

A

(MBR) virus attack the MBR— the portion of bootable media (such as a hard disk, USB drive, or CD/ DVD) that the computer uses to load the operating system during the boot process. Because the MBR is extremely small (usually 512 bytes), it can’t contain all the code required to implement the virus’s propagation and destructive functions. To bypass this space limitation, MBR viruses store the majority of their code on another portion of the storage media. When the system reads the infected MBR, the virus instructs it to read and execute the code stored in this alternate location, thereby loading the entire virus into memory and potentially triggering the delivery of the virus’s payload

Answer 138

A

attached to .exe

Answer 139

A

cannot detect new malware

Answer 140

A

behavioral can detect new malware

Answer 141

A

Natural (Fires, explosions water, storm)

Man-made (bombing, strikes, toxin spills)

Answer 142

A

Execution and memory space assigned to each process

Answer 143

A

Combination of protection systems within a computer system, which include the hardware, software and firmware that are trusted to enforce the security policy.

Answer 144

A

hardware, software, firmware, elements of TCB that implement the reference monitor concept — must be isolated from reference monitor (reference monitor: isolation, completeness and verifiability, that compares the security labels of subjects and objects)

Answer 145

A

capable of implementing a much higher level of security. These systems are certified to handle multiple security levels simultaneously by using specialized mechanisms

Answer 146

A

(MIT’s MULTICS design) Ring 0 - Operating system kernel. The OS’ core. The kernel manages the HW (for example, processor cycles and memory) and supplies fundamental services that the HW does not provide.

Ring 1 - Remaining parts of the operating system Ring 2 - I/O drivers and utilities

Ring 3 - Applications and programs

Layers 1 and 2 contain device drivers but are not normally implemented in practice.

Layer 3 contains user applications.

Layer 4 does not exist.

Answer 147

A

Cross site request forgery, attacks exploit the trust that sites have in a user’s browser by attempting to force the submission of authenticated request to third-party sites.

Answer 148

A

uses reflected input to trick a user’s browser into executing untrusted code from a trusted site

Answer 149

A

attempt to steal previously authenticated sessions but do not force the browser to submit request.

Answer 150

A

directly attacks a database through a web app,, CARROT’1=1;– quotation mark to escape out of input field

Answer 151

A

when a Windows system experiences a dangerous failure and enters a full secure state (reboot)

Answer 152

A

– single patch, patches provide updates to operating systems and applications

Answer 153

A

collection of unrelated patches released in a large collection

Answer 154

A

prevents outages from known attacks by ensuring systems are patched. Patches aren’t available for new attacks. However, the patch management system doesn’t provide the updates. Ensuring systems are patched reduces vulnerabilities but it does not eliminate them

Answer 155

A

peer-driven process that includes multiple developers, may be automated, may review several hundred lines of code an hour, done after code developed

Answer 156

A

social engineering best attack method to beat

Answer 157

A

reduce the number of security-related design and coding flaws, reduce severity of non-security related files, not to reduce number of threat vectors

Answer 158

A

summarize large amounts of data and provide only summary information as a result

Answer 159

A

attacking system sends connection attempts to the targets system against a series of commonly used ports

Answer 160

A

an interpreted language that does not make use of a complier to transform code into an executable state. Java, C, and C++ are all compiled languages

Answer 161

A

one with published APIs that allow third parties to develop products to interact with it

Answer 162

A

one that is proprietary with no third-party product support, does not define if it’s code can be viewed

Answer 163

A

a coding stance that allows others to view the source code of a program, distributed free or for a fee

Answer 164

A

an opposing coding stance that keeps source code confidential. can be reverse engineered or decompiled

Answer 165

A

like passwords and should be treated as very sensitive information. They should always be stored in secure locations and transmitted only over encrypted communications channels. If someone gains access to your API key, they can interact with a web service as if they were you! Limit access to API

Answer 166

A

a popular vulnerability scanner managed by Tenable Network Security, and it combines multiple techniques to detect a wide range of vulnerabilities. It uses port scans to detect open ports and identify the services and protocols that are likely running on these systems. Once Nessus discovers basic details about systems, it can then follow up with queries to test the systems for known vulnerabilities, such as if the system is up-to-date with current patches. Attacker can use to best identify vulnerabilities in a targeted syste

Answer 167

A

tool for development, if concerned about security

Answer 168

A

Open Web Application Security Project, most authoritative source on web application security issues

Answer 169

A

, /etc./ shadow. This file contains the true encrypted PWs of each user, but it is not accessible to anyone but the administrator. The publicly accessible /etc./ passwd file then simply contains a list of usernames without the data necessary to mount a dictionary attack. “x”

Answer 170

A

processor mode used to run the system tools used by admins to make configuration changes to a machine

Answer 171

A

used by processor to execute instructions from OS

Brainscape's Knowledge GenomeTM

Domain 8 - Software Development Security Flashcards

Brainscape's Knowledge Genome^TM