Lessons 10-14 Flashcards

Question 1

Q

CENTRALIZED COMPUTING

Answer

A

All processing and data storage are managed and controlled by the central server or mainframe rather than on individual devices.

Question 2

Q

CLIENT-SERVER

Answer

A

is a network architecture where a server provides resources or services, and a client accesses and uses those resources or services.

Question 3

Q

INDUSTRIAL CONTROL SYSTEMS ICS

Answer

A

Are networked devices and software used to monitor and control industrial processes, such as manufacturing, power generation, and water treatment.

Question 4

Q

Supervisory control and data acquisition (SCADA)

Answer

A

is a specialized ICS system that is designed for monitoring and controlling large-scale industrial processes.

Question 5

Q

CLOUD COMPUTING

Answer

A

Is the delivery of computing services other than the internet (the cloud) that scale to business needs.

Question 6

Q

MICROSERVICES

Answer

A

Is composed of small independent services that communicate with each other over a network, enabling greater scalability and flexibility.

Question 7

Q

Resilience

Answer

A

if there are failures how well can we recover

Question 8

Q

Provisioning

Answer

A

the process of setting up and configuring resources, services, or devices so they are ready for use.

Question 9

Q

SOFTWARE AS A SERVICE SaaS

Answer

A

a cloud computing service where software applications are delivered over the internet on a subscription basis. Users can access these applications via a web browser without needing to install or maintain the software themselves. Examples include Gmail, Microsoft Office 365, and Salesforce.

Question 10

Q

PLATFORM AS A SERVICE PaaS

Answer

A

is a cloud computing service that provides a platform allowing customers to develop, run, and manage applications without dealing with the underlying infrastructure.

Question 11

Q

INFRASTRUCTURE AS A SERVICE IaaS

Answer

A

is a cloud computing service that provides virtualized computing resources over the internet. This includes virtual machines, storage, and networking, allowing users to rent and manage the infrastructure they need for their applications, without having to invest in and maintain physical hardware.

Question 12

Q

ANYTHING AS A SERVICE XaaS

Answer

A

Represents the growing type of services available over the internet via cloud computing as opposed to being provided locally, or on-premises.

Question 13

Q

CSP

Answer

A

cloud service provider
Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). These providers host and manage the infrastructure and platforms, allowing users to access and use them on a pay-as-you-go basis.

Question 14

Q

Public cloud

Answer

A

Provisioned for public use. Considerations include- location, multi-tenancy

Question 15

Q

Private cloud

Answer

A

Provisioned for the exclusive use of a single organization. Considerations-scalability

Question 16

Q

Community cloud

Answer

A

Provisioned for the exclusive use by a well-defined group. Considerations- multi-tenancy

Question 17

Q

CLOUD BURSTING

Answer

A

Is the on-demand and temporary use of the public cloud when demand exceeds resources available in the private cloud or on-premises infrastructure.

Question 18

Q

Physical layer

Answer

A

Consists of data centers with thousands of servers, storage devices, and networking equipment.

Question 19

Q

Abstract Layer

Answer

A

Includes the EC2 instances (virtual machines), S3 storage (abstracted storage service), and VPC (virtual private cloud for networking).

Question 20

Q

CLOUD SECURITY GROUPS

Answer

A

are a feature used in cloud computing environments to control inbound and outbound traffic to and from virtual machines (VMs) or other cloud resources.

Question 21

Q

CLOUD CONTAINER

Answer

A

Containers offer a logical packaging mechanism in which applications can be abstracted from the environment in which they run
Containers can virtualize CPU, memory, storage, network resources at the OS-level (lightweight)

Question 22

Q

region

Answer

A

set of connected data centers deployed within a defined perimeter

Question 23

Q

Availiability zone

Answer

A

zone is made up of one or more data centers equipped with independent power, cooling and networking

Question 24

Q

instance

Answer

A

is a virtual server created and managed on a cloud platform. Instances provide computing power and can run applications just like physical servers but with the flexibility and scalability of the cloud.

Question 25

Q

rapid elasticity

Answer

A

adapt to changing workload demands by auto-provisioning and de-provisioning pooled resources to match the current demand.

Question 26

Q

resource pooling

Answer

A

the practice of sharing physical or virtual resources (like servers, storage, and networks) among multiple users or applications.

Question 27

Q

measured service

Answer

A

metering capability

Question 28

Q

AUTOMATION

Answer

A

Is the application of technology, programs, robotics or processes to achieve outcomes with minimal human input.

Question 29

Q

Orchestration

Answer

A

is the integration of disparate tools and platforms for an automated response.

Question 30

Q

Scalability

Answer

A

is the ability of the system to automatically accommodate larger loads by adding resources- either making hardware stronger(scale up) or adding additional nodes (scale out)

Question 31

Q

Elasticity

Answer

A

is the ability to fit the resources needed to cope with loads dynamically. When the load increases, more resources are added and when demand decreases, resources are removed.

Question 32

Q

Infrastructure-as-code

Answer

A

using code to manage configurations and automate provisioning

Question 33

Q

Serverless computing

Answer

A

dynamic allocation of resources to execute a specific piece of code.

Question 34

Q

Containerization

Answer

A

is a technology that allows applications to be packaged and run in isolated environments called containers

Question 35

Q

Software-defined-networking

Answer

A

using software to manage and configure the network infrastructure

Question 36

Q

VIRTUALIZATION

Answer

A

Is technology that creates multiple environments from a single, physical hardware system

Question 37

Q

Virtualization sprawl-

Answer

A

occurs when the number of virtual systems is out of control-potentially unmanaged, unnecessary, and not in compliance with licensing agreements. Virtual devices should be treated the same as physical systems

Question 38

Q

Virtual machine escape

Answer

A

occurs when a VM and the host OS interact. This should NEVER happen.

Question 39

Q

Virtual desktop infrastructure VDI

Answer

A

is Virtualization technology that hosts a desktop OS on a centralized server in a data center.

Question 40

Q

HYPERVISORS

Answer

A

Are software or firmware components used to virtualize system resources
Type 1- bare metal/native hypervisors run directly on the system hardware. Direct access to hardware. No OS to load as the hypervisor is the OS
Type 2- hosted hypervisors run on a host OS that provides Virtualization services. Type 1 is faster and more efficient but with greater hardware requirements and expense.

Question 41

Q

EMBEDDED SYSTEMS

Answer

A

Is an electronic product that contains a microprocessor and software designed to perform a specific task.

Question 42

Q

Industrial control systems ICS-

Answer

A

are embedded systems that monitor and control industrial processes that exist in the physical world. They are either data driven or operated remotely

Question 43

Q

Supervisory control and data acquisition SCADA

Answer

A

monitor complex systems spread out over large areas (gasoline, natural gas, electricity, water, waste)

Question 44

Q

System on a chip SoC

Answer

A

The chips are inexpensive and profit margins slim
There is little incentive to maintain/update chip firmware

Question 45

Q

Real-time OS RTOS

Answer

A

Strong incentive to use open-source OS
The RTOS may be outdated
Often patches are not available, if available expertise to install is rare.

Question 46

Q

active side channel- embedded system attack

Answer

A

uses a voltage glitch on the power supply to cause a program malfunction

Question 47

Q

steppingstone- embedded system attack

Answer

A

is a type of cyber attack where an attacker compromises a less secure system (the “stepping stone”) to gain access to a more secure target.

Question 48

Q

Rasberry Pi

Answer

A

a small, affordable single-board computer developed by the Raspberry Pi Foundation. It’s designed to promote computer science education and can be used for various projects and applications, including programming, electronics, and DIY projects.

Question 49

Q

INTERNET OF THINGS IoT

Answer

A

Refers to a network of physical objects or “things” embedded with sensors, software and connectivity that enable the, to exchange data with other connected devices and interacts with users of the internet (smart devices)

Question 50

Q

Industrial internet of things IIoT

Answer

A

the applications of Iot in industrial settings to improve efficiency, productivity and safety. The use of connected sensors, devices, and machines in manufacturing, logistics and other industrial settings to collect, analize, and share data in real time

Question 51

Q

EDGE COMPUTING

Answer

A

a technology that processes data close to where it is generated, rather than sending it to a central data center or cloud. This reduces latency, saves bandwidth, and allows for faster decision-making and real-time applications.

Question 52

Q

Sensor-

Answer

A

a component that detects and responds to changes in an environment

Question 53

Q

Actuator

Answer

A

takes the electrical input and turns it into a physical action

Question 54

Q

Wireless Transceiver

Answer

A

sends and receive RF signals over the air- NFC,WLAN,RFID,GSM

Question 55

Q

True positive

Answer

A

Normal or expected activity is correctly identified- GOOD

Question 56

Q

False positive

Answer

A

Normal or expected activity is incorrectly identified as abnormal or unexpected- PROBLEMATIC

Question 57

Q

True negative

Answer

A

Abnormal or unexpected activity is correctly identified- GOOD

Question 58

Q

False negative

Answer

A

Abnormal or unexpected activity is incorrectly identified as normal or expected- DANGEROUS

Question 59

Q

Fail-open

Answer

A

means that the network device allows network traffic to continue to flow even if the device fails.

Question 60

Q

Fail-closed

Answer

A

the network device blocks network traffic even if the device fails-

Question 61

Q

inline device

Answer

A

sits directly in the path of network traffic and activity and actively processes data packets as they pass through , IPS firewalls and load balancers

Question 62

Q

A collector

Answer

A

is a device that performs targeted collection which feeds into an aggregation or correlation engine

Question 63

Q

NAC

Answer

A

NETWORK ACCESS CONTROL
Is the process of controlling access, identifying suspicious behavior, and preventing data exfiltration

Question 64

Q

Intrusion detection system IDS

Answer

A

can analyze and monitor network traffic

Answer 65

A

can analyze and monitor, and proactively deny network traffic

Answer 66

A

based on established known patterns and signatures. Signatures must be updated frequently

Answer 67

A

analyze behavior for violations or preconfigured set of rules.

Answer 68

A

focus on deviations from normal patterns of behavior rather than specific attack signatures or rules.

Answer 69

A

use a set of predefined rules and algorithms to identify anomalous behavior and patterns which can be adapted and updated over time

Answer 70

A

Also known as a jump host or bastion host, is a hardened computer system or server that provides secure access to other computers or systems within a network
*Usually deployed in a screened subnet to provide an additional layer of security. Users can access the jump server through a secure connection, such as SSH or a VPN, then use the jump server as a gateway to access other systems within the network

Answer 71

A

Is an intermediary machine between a client and a server. Which is used to filter or fetch and cache requests made by the client

Answer 72

A

Forward- client (browsers) are configured to send requests to the proxy server, the proxy server receives the request, fetches content and stores a copy for future use (static)
Transparent- same as forward proxy except that the client (browser) does not need to be configured. The proxy server resides on the gateway and intercepts requests.
Reverse- appears to the client just like a regular web server. The proxy caches all the static answers from the web server and replies to the clients from its cache to reduce the load on the web server

Answer 73

A

Policies that determine whether a device can access the network before it is granted access.

Answer 74

A

Policies that monitor and control the behavior of devices after they have been granted access to the network.

Answer 75

A

Isolate network segments and traffic by controlling ingress and egress access. Various types of firewalls incorporate additional and or specialized features and functionality
Firewalls are a deterrent control because a hardened appearance can discourage attackers
Firewalls are a preventative control because they can be configured to restrict ingress and egress network traffic

Answer 76

A

is a conceptual framework used to understand and standardize how different networking protocols interact. It divides the communication process into seven distinct layers:
1. Physical Layer:
Function: Transmits raw bit streams over a physical medium.
Examples: Cables, switches, and network interface cards (NICs).

Data Link Layer:
Function: Provides node-to-node data transfer and handles error correction from the physical layer.
Examples: Ethernet, MAC addresses.
Network Layer:
Function: Manages data routing, forwarding, and addressing between devices on different networks.
Examples: IP addresses, routers.
Transport Layer:
Function: Ensures complete data transfer with error checking and data flow control.
Examples: TCP (Transmission Control Protocol), UDP (User Datagram Protocol).
Session Layer:
Function: Manages and controls the connections (sessions) between computers.
Examples: Session establishment, maintenance, and termination.
Presentation Layer:
Function: Translates data between the application layer and the network format, and handles data encryption and decryption.
Examples: SSL/TLS, data compression formats.
Application Layer:
Function: Provides network services directly to applications.
Examples: HTTP, FTP, SMTP.

Answer 77

A

inspects headers and packet payload and keeps track of the state of the entire connection from start to finish.
Stateful firewalls operate at the transport layer of the OSI model (L4) . Use case: more granular control

Answer 78

A

inspect each packet individually and decide whether a packet is allowed or denied based on the header information (protocol, source, destination, port). Packet-filtering firewalls operate at the Network layer of the OSI model (L3). Use case: fast, efficient, low resource utilization, low cost.

Answer 79

A

inspect the entire transaction; do surface-level and deep packet inspection; and incorporate additional security features and application controls. Next-gen firewalls operate at the application layer of the OSI model (L7).

Answer 80

A

is the evolution of a firewall into an all-inclusive device performing multiple security functions (firewall, gateway, anti-malware) UTMs typically operate at multiple layers of the OSI model- L3, L4 and L7

Answer 81

A

designed to protect virtualized environments such as cloud infrastructure and VMs. virtual firewalls operate within the virtualized environment and provide security at the application layer of the OSI model (L7) to protect against attacks targeting the virtualized environment

Answer 82

A

if not explicitly denied, then access is denied

Answer 83

A

Rules are processed in order from top to bottom. The last rule of an ACL is to block any traffic not previously allowed.
1. Permission- allow (permit) or deny
2. Protocol- UDP, TCP, IP
3. Port- listening port (port 80 is HTTP)
4. Source IP- where the traffic is coming from (host, range, wildcard, any)
5. Destination IP- where the traffic is going to (host, range, wildcard, any)

Answer 84

A

A set of rules and procedures designed to ensure secure communication between two or more parties over a network or the internet. The objective is confidentiality, integrity, authentication, non-repudiation, or any combination thereof.

Answer 85

A

*. History- introduced in 1999 TLS is used to establish a secure communication channel by using a cryptographic key exchange. Communicates on port 443
* Current state- replacement for SSL. provides integrity. TLS uses block encryption cipher and includes advanced security features and improved algorithms. The current version is TLS 1.3. IETF has officially declared both TLS 1.0 and 1.1 weak and should not be used.

Answer 86

A

History- developed in 1995 by Netscape, SSL is used to establish a secure communication channel by negotiation using a stream cipher. SSL communicates on port 443
Current state- SSL is outdated so in 2015 SSl 3.0 was deprecated to the internet engineering task force (IETF) due to numerous security vulnerabilities discovered over the years. SSL 2.0 &3.0 should be disabled. When they are enabled they make your system vulnerable to a downgrade attack. Most browsers no longer support SSL

Answer 87

A

Is a protocol suite used to secure IP communication by providing authentication, integrity, and confidentiality services.
* Operates at the network layer (L3) and can be used to encrypt data being sent between any systems that can be identified by an IP address

Answer 88

A

the entire original IP packet is encapsulated to become the payload of a new IP packet. A new IP header is added on top of the original Ip packet

Answer 89

A

The payload is encrypted but not the IP header. Has less overhead but can be less secure.

Answer 90

A

Designed to facilitate secure remote access communication over a public network

Answer 91

A

requires all traffic to be routed over the VPN

Answer 92

A

allows the routing of some traffic over the VPN while letting other traffic directly access the internet

Answer 93

A

A technology that enables the creation of a software-defined network overlay over an existing wide area network WAN
* SD-WAN focuses on providing software defined application routing to the wide area network

Answer 94

A

Regulated- data that is protected by law, or industry standards
Personally identifiable- data that can be used to identify a specific person
Intellectual property- intangible creations
Contractually protected- data that is specified in a contract or agreement
Organizationally classified- data meets classification criteria

Answer 95

A

Data that is subject to certain laws, regulations, or industry standard that govern its collection, use, storage, and disclosure

Answer 96

A

the power or right of a legal or political agency to exercise its authority over a person, subject matter or territory

Answer 97

A

Acting in accordance with applicable rules, laws, policies, and obligations

Answer 98

A

Data that can be used to identify a specific person. Compromise of PI can result in identity theft, fraud, or other malicious uses.
Persons name, address, date of birth, SSN, passports number, driver license, phone number, email, biometric data.

Answer 99

A

protects people in the EU and EEA from unlawful data collection or processing and works to increase consent requirements and to provide enhanced user rights.

Answer 100

A

A branch of law that deals with the protection of intangible creations (books, powerpoints, art)

Answer 101

A

Patent- gives the owner the legal right to exclude others from making, using, or selling an invention for a period of time, in exchange for publishing a public disclosure of the invention.
Trademark- intended to protect recognizable names, icons, shapes, colors, and sounds used to represent a brand or company.
Copyright- intended to allow the creator of certain types on original works to benefit from being created and compensated for thor work
Trade secret- proprietary business and technical information , processes, designs, or practices that are confidential to a business.

Answer 102

A

copyrighted software that is available at no cost for unlimited usage. Developer retains all rights and controls distribution

Answer 103

A

copyrighted software that is available at no cost for unlimited usage. Users are encouraged to share the software to promote larger distribution and sales.

Answer 104

A

the copyright holder grants users the rights to use, study, change, and distribute the software to anyone and for any purpose

Answer 105

A

copyrighted software that a company designs and develops to sell or license. The company retains all rights to the program and controls distribution

Answer 106

A

On March 15, 2023 the US copyright office announced that works created with the assistance of AI may be copyrightable, provided the work involves sufficient human authorship
* According to the policy statement, works created by AI without human intervention cannot be copyrighted.

Answer 107

A

Is the process of organizing assets by criticality and sensitivity

Answer 108

A

based on the impact of asset exposure
is based on the impact of asset loss used for disaster recovery and business continuity planning

Answer 109

A

Is the vehicle for communicating the assigned classification to custodians, users, and applications.
* Labels can be electronic, print, audio, or visual

Answer 110

A

Inform custodians and users how to protect information they use and systems they interact with

Answer 111

A

Is a determination made by the government that an individual is eligible to access classified information up to a certain level of classification

Answer 112

A

Planning and execution of policies and practices that protect data confidentiality, integrity and availability throughout its lifecycle.

Answer 113

A

are responsible for oversight and decisions related to classification, access control, and protection

Answer 114

A

responsible for advising, implementing, and monitoring data protection controls.

Answer 115

A

transforms plaintext into encrypted text that only the intended person can decrypt (confidentiality)

Answer 116

A

creating a one-way-fixed-length representation used for comparative purposes (ensure integrity)

Answer 117

A

A technique used to protect sensitive data by replacing it with fictional or de-inclined data
* Techniques include: replacing identifiable data with symbols, shuffling the data, or applying data substitution methods that maintain the format of the original data while hiding its conten

Answer 118

A

Is a techniques to secure and desensitize data by replacing the original data with an unrelated value of the same length and format

Answer 119

A

Is the act of making a data set difficult to understand or find by unauthorized users.

Answer 120

A

is the programming process of creating a data type that hides the details of data representation. Separating the interface from the implementation.

Answer 121

A

These processes ensure that accurate and reliable copies of data and system configurations are created, maintained, and tested.

Answer 122

A

a file dedicated storage device that connects over the ethernet. Relatively inexpensive to add additional NAS devices

Answer 123

A

provides network access to storage devices. It creates an image by mirroring a production disk to another disk inside the storage array.

Answer 124

A

data is written to and read from two or more independent disks. The process is transparent to the user.

Answer 125

A

copies files as the change and periodically transmits them to a secure backup location

Answer 126

A

copies and periodically transmits transaction logs to a backup location

Answer 127

A

an automated process that streams copies of data to the 2nd location. Write is considered complete as soon as local storage commits remote storage updated with a light time lag.

Answer 128

A

an automated process that streams copies of data to the 2nd location. Both write operations(local and remote) must successfully completed before the system can proceed. Guaranteed zero data loss.

Answer 129

A

is the duplication of critical components or functions with the intention of increasing reliability and mitigating the risks associated with single point of failure (SPOF)

Answer 130

A

The Redundant Array of Independent Disks (RAID) is a data storage virtualization
technology. RAID combines multiple disk drive components into one or more logical units for the purpose of fault tolerance (data redundancy) or performance improvement.

Answer 131

A

groups multiple systems together to form a single logical unit or cluster

Answer 132

A

the process of writing data on two partitions on separate disks

Answer 133

A

the process of dividing data into blocks and spreading the data blocks across multiple storage devices.

Answer 134

A

uninterruptible power supply, provides backup power when a regular power source fails, or voltage drops to an unacceptable level. Battery is finite

Answer 135

A

multiple paths for data to travel between two points. The network can automatically reroute traffic to an alternate path if the primary path becomes unavailable or congested.

Answer 136

A

data is transmitted over multiple geographically diverse paths or routes

Answer 137

A

that has basic HVAC . no server related or communications equipment

Answer 138

A

has HVAC,servers and communication infrastructure and equipment. Systems need to be configured (updataed) and data needs to be restored.

Answer 139

A

Had HVAC, servers, and communication infrastructure and equipment. Fully configured and ready to operate, data has been replicated.

Answer 140

A

identical or nearly identical site that is operational in concert with the primary site on a load-balancing basis.

Answer 141

A

disaster recovery as a service offers full recovery in a cloud-based environment

Answer 142

A

The capability of a business to continue to operate in adverse (disaster) conditions

Answer 143

A

focuses on the recovery and restoration of technology, physical plant, and personnel

Answer 144

A

focuses on the overall strategy for sustaining business activities during a disaster and subsequent recovery period.

Answer 145

A

a hypothetical group workshop that focuses on the application of plans and procedures as well as identifying gaps in their preparedness.

Answer 146

A

performed to evaluate the ability of a system or application to recover from a failure and switch to a backup or secondary system or component seamlessly

Answer 147

A

DRP & BCP plans are executed in a controlled environment to simulate a real-world disaster or outage. The simulation can be done at different levels of granularity.

Answer 148

A

Is a complex and costly strategy to ensure uninterrupted business operations during unexpected events or disruptions

Answer 149

A

Provides management with an independent assessment of the effectiveness of the plans, procedures, training, and testing, as well as a strategic alignment assurance.

Answer 150

A

A predefined set of security configurations ad practices that are considered the minimum level of protection for a system or network

Answer 151

A

The ongoing process of configuring security settings, applying security patches, and implementing the least functionality to reduce the system footprint, minimize vulnerabilities and exposure to threats, and enhance resilience.

Answer 152

A

wireless personal area network (bluetooth)
802.15 IEEE standard

Answer 153

A

wireless local area network
802.11 IEEE standard

Answer 154

A

wireless metro area network
802.16 IEEE standard

Answer 155

A

Is a protocol property that effectively protects past sessions against future compromises

Answer 156

A

the process of planning and designing a wireless network to ensure optimal coverage and performance.

Answer 157

A

WAP or AP acts as a central transmitter and receiver or wireless signals

Answer 158

A

radiates transmissions out and receives transmissions in from all directions (360 degrees) generally inside a building

Answer 159

A

focuses the signal in a specific direction. Generally used to connect buildings

Answer 160

A

a visual representation of the wireless signal coverage and strength

Answer 161

A

Uses software to model the environment
* Building and floor plans are loaded into predictive site survey software to develop wireless network designs

Answer 162

A

A set service identifier- is a code that identifies a wireless access point
* All wireless devices that want to communicate on a network must have their SSID set to the same value as the WAP SSID to connect.

Answer 163

A

using a drone and a Wi-Fi equipped device to detect Wi-Fi networks

Answer 164

A

drawing of symbols in public places to advertise a Wi-Fi network

Answer 165

A

encompasses deploying, securing, monitoring, and managing mobile devices in the workplace

Answer 166

A

extends the functionality of MDM to IoT devices and wearables

Answer 167

A

focuses on the management of mobile applications

Answer 168

A

BYOD- bring your own device- users use their personally owned devices for both professional and personal use.
COPE- company issues personal enables- users get issued a company wonder device for both professional and personal use.
COBO- company issued business only- users get issued a company owned device for professional use only.

Answer 169

A

process of determining the devices location based on GPS, cell triangulation, or Wi-Fi proximity. Active device tracking, locate a lost device

Answer 170

A

use of a secure virtual container used to segregate high risk applications (email, browser). Also used to segregate and encrypt confidential data

Answer 171

A

segment personal and corporate data. Enforces access and encryption policies by storage location and folders.

Answer 172

A

requires the entire device to be encrypted including removable media.

Answer 173

A

a set of strategies and tools used to prevent sensitive information from being lost, misused, or accessed by unauthorized users.

Answer 174

A

Is the process of developing, adding and testing security features within applications to minimize the risk of unauthorized access (confidentiality), modification (integrity), and downtime(unavailability)

Answer 175

A

The process of planning, scheduling, and controlling the movement of developed or acquired code.

Answer 176

A

Dev- the development environment is used for code development, proof of concept, experimentation, customization and early-stage testing
Test- the testing environment is used to merge code, ensure quality, isolate bugs, and measure performance and functionality.
Stage- the staging environment is used to ensure that the application behaves as expected and confirms that it does not adversely impact existing applications.
Prod- the production environment is the “live” environment that hosts the application. It is the endpoint in the release management process.

Answer 177

A

SecDevOps (security, development, and operations) promotes collaboration between development, operations, and security teams

Answer 178

A

an automated testing technique used to discover coding errors and security loopholes by inputting invalid, unexpected, or semi-random data, called fuzz, and monitoring the application response.

Answer 179

A

automating attacks against pre-production code and continuous vulnerability testing against production code

Answer 180

A

continuous merging of source code. If a failure is seen, the team is expected to refocus and fix the build before making any additional code changes.

Answer 181

A

The practice of writing code in a way that prioritizes security minimizes vulnerabilities, and reduces the risk of exploitation by attackers.

Brainscape's Knowledge GenomeTM

Lessons 10-14 Flashcards

Brainscape's Knowledge Genome^TM