Mitigate Software Vulnerabilities and Attacks

Question 1

The processes of planning, analysis, design, implementation, and maintenance
that governs software and systems development

Answer 1

Software Development Life Cycle (SDLC)

Question 2

A software development model where the phases of the SDLC cascade so that
each phase will start only when all tasks identified in the previous phase are
complete

Answer 2

Waterfall Method

Question 3

A software development model that focuses on iterative and incremental
development to account for evolving requirements and expectations

Answer 3

Agile Method

Question 4

Microsoft’s security framework for application
development that supports dynamic development processes

Answer 4

Security Development Life (SDL)

Question 5

A security analyst receives no privileged information about the software

Answer 5

Black Box Testing (or Blind Testing)

Question 6

A security analyst receives privileged information about the software, such as the
source code and credentials

Answer 6

A security analyst receives no privileged information about the software

Question 7

A security analyst receives partial disclosure of information about the software

Answer 7

Gray Box Testing

Question 8

A charity and community that publishes a number of secure
application development resources

Answer 8

Open Web Application Security Project (OWASP)

Question 9

A company specializing in cybersecurity and secure web
application development training and sponsors the Global
Information Assurance Certification (GIAC)

Answer 9

SysAdmin, Network, and Security (SANS) Institute

Question 10

Attacks against software code attempt to allow the execution of the attacker’s code

Answer 10

Execution and Escalation

Question 11

A vulnerability that allows an attacker to run their own code or a
module that exploits such a vulnerability

Answer 11

Arbitrary Code Execution

Question 12

A vulnerability that allows an attacker to transmit code from a remote
host for execution on a target host or a module that exploits such a
vulnerability

Answer 12

Remote Code Execution

Question 13

Occurs when a user accesses or modifies specific resources that they
are not entitled to normally access

Answer 13

Privilege Escalation

Question 14

A class of malware that modifies system files (often at the kernel level) to conceal
its presence

Answer 14

Rootkit

Question 15

A kernel mode rootkit is able to gain complete control over the
system

Answer 15

Kernel mode

Question 16

A user mode rootkit might have administrator-level privileges
but uses OS features for persistence

Answer 16

User mode

Question 17

An attack in which data goes past the boundary of the destination buffer and
begins to corrupt adjacent memory

Answer 17

Buffer Overflow

Question 18

Occurs when an attacker fills up the buffer with NOP so that the return
address may hit a NOP and continue on until it finds the attacker’s code
to run

Answer 18

“Smash the Stack”

Question 19

A software vulnerability where input is allowed to overwrite memory locations
within the area of a process’ memory allocation used to store dynamically-sized
variable

Answer 19

Heap Overflow

Question 20

An attack in which a computed result is too large to fit in its assigned storage
space, which may lead to crashing or data corruption, and may trigger a buffer
overflow

Answer 20

Integer Overflow

Question 21

A software vulnerability when the resulting outcome from execution processes is
directly dependent on the order and timing of certain events, and those events
fail to execute in the order and timing intended by the developer

Answer 21

Race Conditions

Question 22

A software vulnerability that occurs when the code attempts to remove the
relationship between a pointer and the thing it points to

Answer 22

Dereferencing

Question 23

Errors could be caused by invalid user input, a loss of network connectivity, or another
server/process failing

Answer 23

Improper Error Handling

Question 24

Coding methods to anticipate and deal with exceptions thrown during execution
of a process

Answer 24

Error Handler

Question 25

Vulnerabilities often arise from the general design of the software code

Answer 25

Design Vulnerabilities

Question 26

Any code that is used or invoked outside the main program development process
▪ Code Reuse
▪ Third-party Library
▪ Software Development Kit (SDK)

Answer 26

Insecure Components

Question 27

Any program that does not properly record or log detailed enough information for
an analyst to perform their job

Answer 27

Insufficient Logging and Monitoring

Question 28

Any program that uses ineffective credentials or configurations, or one in which
the defaults have not be changed for security

Answer 28

Weak or Default Configurations

Question 29

An application where part of the application is a client software program that is
installed and run on separate hardware to the server application code and
interacts with the server over a network

Answer 29

Client/Server Applications

Question 30

An application which uses a generic web browser as a client and standard
network protocols (HTTP/HTTPS) to communicate with the server

Answer 30

Web Applications

Question 31

An application which is deployed and run on a smartphone, tablet, or other
mobile operating system

Answer 31

Mobile Applications

Question 32

An application which is designed to run on a dedicated hardware platform

Answer 32

Embedded Applications

Question 33

Generally considered a type of embedded application that contains the block of
embedded code that runs first at startup, performing “low-level” input/output
device functions, plus bootstrapping of an OS or application

Answer 33

Firmware

Question 34

A type of embedded application commonly used in mobile devices which contains
integrated CPU, memory, graphics, audio, network, storage controllers, and
software on one chip

Answer 34

System-on-Chip (SoC)