Host, Data, and Application Security

Question 1

advanced persistent threats (APTs)

Answer 1

Any sophisticated series of related attacks taking place over an extended period of time

Question 2

APTs

Answer 2

advanced persistent threats

Question 3

Agile development

Answer 3

A method of software development where milestones and product release are more incremental

Question 4

baselining

Answer 4

creating a baseline security level

Question 5

Big Data

Answer 5

Data that is larger than what can be handled with traditional tools and algorithms

Question 6

database normalization

Answer 6

The process of removing duplication in a relational database

Question 7

embedded system

Answer 7

Operating system in a device, sometimes on a single chip

Question 8

fuzzing

Answer 8

A method of testing that intentionally enters invalid input to see if the application can handle it and look for vulnerabilities

Question 9

hardening

Answer 9

The process of making a server or an application resistant to an attack

Question 10

Infrastructure as Code (IaC)

Answer 10

The process of managing and provisioning computer data centers through machine-readable definition files

Question 11

IaC

Answer 11

Infrastructure as Code

Question 12

Internet of Things (IoT)

Answer 12

Devices that interact on the Internet, without human intervention

Question 13

IoT

Answer 13

Internet of Things

Question 14

NoSQL database

Answer 14

Datastores that do not use a relational structure

Question 15

Open Web Application Security Project (OWASP)

Answer 15

An online community that develops free articles, tools, etc on web application security

Question 16

OWASP

Answer 16

Open Web Application Security Project

Question 17

prototyping

Answer 17

Creating a version of an application that has only the bare minimum functionality so it can be evaluated before further development

Question 18

sandboxing

Answer 18

Operating in an isolated environment

Question 19

script kiddy

Answer 19

An attack with minimal technical knowledge; utilizes purchased, premade software

Question 20

secure coding

Answer 20

Programming in a manner that is secure

Question 21

stored procedures

Answer 21

SQL statements written and stored on the database that can be called by applications

Question 22

stress testing

Answer 22

Subjecting a system to workloads that are extreme

Question 23

Structured Query Language (SQL)

Answer 23

The language used by all relational databases

Question 24

SQL

Answer 24

Structured Query Language

Question 25

waterfall method

Answer 25

A software development method that uses very well-defined sequential phases; one big deliverable at the end of a long timeframe

Question 26

zero-day exploit

Answer 26

A vulnerability that is unknown to the product vendor, and thus there is no patch for it