Security+ Practice Tests 6-10 Flashcards by Angelina Hart

Which of the following does NOT refer to an email communication threat vector?

Skimming
Malicious attachment
Social engineering
Malicious URL
Phishing

Skimming

Skimming is collecting PII from a payment card.

How well did you know this?

Not at all

Perfectly

Which of the following mitigates the risk of supply chain attacks?

DRP (Disaster Recovery Plan)
Vendor/intermediary checks
BCP (Business Continuity Plan)
IRP (Incident Response Plan)

Vendor/intermediary checks

How well did you know this?

Not at all

Perfectly

A comprehensive security screening of a potential third-party vendor before forming a partnership.

VDD (Vendor Due Diligence)

How well did you know this?

Not at all

Perfectly

DRP stands for

Disaster Recovery Plan

How well did you know this?

Not at all

Perfectly

BCP stands for

Business Continuity Plan

How well did you know this?

Not at all

Perfectly

IRP stands for

Incident Response Plan

How well did you know this?

Not at all

Perfectly

A detailed strategy and set of systems for ensuring an organization’s ability to prevent or rapidly recover from a significant disruption to its operations.

BCP (Business Continuity Plan)

How well did you know this?

Not at all

Perfectly

A written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.

IRP (Incident Response Plan)

How well did you know this?

Not at all

Perfectly

A formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents such as natural disasters, power outages, cyber attacks and any other disruptive events.

DRP (Disaster Recovery Plan)

How well did you know this?

Not at all

Perfectly

Examples of social media threat vectors include:

PII harvesting
social engineering
identity/account theft
malicious URLs
all of the above

All of the above

How well did you know this?

Not at all

Perfectly

Threat intelligence gathered from publicly available sources

OSINT

How well did you know this?

Not at all

Perfectly

OSINT stands for

Open Source Intelligence

How well did you know this?

Not at all

Perfectly

Insight gained from processing and analyzing public data sources such as broadcast TV and radio, social media, and websites. These sources provide data in text, video, image, and audio formats.

OSINT (Open-Source Intelligence)

How well did you know this?

Not at all

Perfectly

RFC stands for

Request for Comments

How well did you know this?

Not at all

Perfectly

A formal standards-track document developed in working groups within the Internet Engineering Task Force (IETF). Contains specifications and organizational notes about topics related to the internet and computer networking, such as routing, addressing and transport technologies.

RFC (Request for Comments)

How well did you know this?

Not at all

Perfectly

The U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. Provides advanced searching features.

NVD (National Vulnerability Database)

How well did you know this?

Not at all

Perfectly

NVD stands for

National Vulnerability Database

How well did you know this?

Not at all

Perfectly

CVE stands for

Common Vulnerabilities and Exposures

How well did you know this?

Not at all

Perfectly

A publicly available catalog of cybersecurity vulnerabilities. Contains a list of records each containing an identification number, a description, and at least one public reference. Feeds NVD.

CVE (Common Vulnerabilities and Exposures)

How well did you know this?

Not at all

Perfectly

What is CVE/NVD?

Two different programs that publicly disclose known cybersecurity vulnerabilities. They are both set up for a user to search by OS, platform, etc.

The CVE was launched by the MITRE Corporation as a community effort.

The NVD was launched by the NIST (National Institute of Standards and Technology).

How well did you know this?

Not at all

Perfectly

NIST stands for

National Institute of Standards and Technology

How well did you know this?

Not at all

Perfectly

Which of the following refer to vulnerability databases? (Select 2)

DBA
CVE
DBaaS
NVD
AIS

CVE (Common Vulnerabilities and Exposures)

NVD (National Vulnerability Database)

How well did you know this?

Not at all

Perfectly

DBA stands for

Database Administrator

How well did you know this?

Not at all

Perfectly

DBaaS stands for

Database as a Service
AKA managed database service

How well did you know this?

Not at all

Perfectly

AIS stands for

Automated Indicator Sharing

A service the CISA provides to enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public, federal, and private-sector organizations.

AIS (Automated Indicator Sharing)

CVSS stands for

Common Vulnerability Scoring System

A public framework for rating the severity of security vulnerabilities in software.

CVSS (Common Vulnerability Scoring System)

TTP stands for

Tactics, Techniques, and Procedures

This acronym describes the behavior of a threat actor in three levels – the “why,” the “what,” and the “how."

TTP (Tactics, Techniques, and Procedures)

A common language for describing cyber threat information

STIX

STIX stands for

Structured Threat Information eXpression

A standardized XML programming language for conveying data about cybersecurity threats in a common language that can be easily understood by humans and security technologies.

STIX (Structured Threat Information eXpression)

TAXII stands for

Trusted Automated eXchange of Indicator Information

A dedicated transport mechanism for cyber threat information

TAXII (Trusted Automated eXchange of Indicator Information)

A suite of communication protocols used to interconnect network devices on the internet or private networks (intranet or extranet).

TCP/IP

S/MIME stands for

Secure/Multipurpose Internet Mail Extensions

A widely accepted protocol for sending digitally signed and encrypted messages (including email).

S/MIME

A specification extending the format of email to support sending images, audio/video files, archives, etc. Expands upon SMTP.

MIME

GitHub is an example of: Digital media store Virtualization software File/code repository Social media site

File/code repository

A type of formal document that describes the specifications for a particular technology

RFC (Request for Comments)

PII stands for

Personally Identifiable Information

RFQ stands for

Request for Quote

RFI stands for

Request for Information

RFP stands for

Request for Proposal

A formal process for gathering information from potential suppliers of a good or service.

RFI (Request for information)

A business document that announces a project, describes it, and solicits bids from qualified contractors to complete it. Goals and objectives are defined to give vendors a good idea of the requirements.

RFP (Request for Proposal)

A solicitation for goods or services in which a company invites vendors to submit price quotes and bid on the job.

RFQ (Request for Quote)

IPS stands for

Intrusion Prevention System

SIEM stands for

Security Information and Event Management

A solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.

SIEM (Security Information and Event Management)

IDPS stands for

Intrusion Detection Prevention System

A network security tool that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur.

IPS (Intrusion Prevention System)

A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:

Zero-day attack

A type of attack in which an attacker crafts a TCP packet with the Urgent, Push, and Fin header flags set, and injects it into the network. This can cause receiving devices to slow down (DoS), reboot, or behave in inconvenient ways.

Xmas tree attack AKA Christmas tree attack

A word used to describe encryption protocols that contain weak implementations and cannot be considered secure anymore.

Deprecated

Which of the following is a deprecated encryption protocol? SSH TLS S/MIME SSL IPsec PGP

SSL

What do FTP, HTTP, IMAP, POP, and SMTP have in common?

They are all cleartext network protocols.

Vulnerability scanning: (select all that apply) Identifies lack of security controls Actively tests security controls Identifies common misconfigurations Exploits vulnerabilities Passively tests security controls

Identifies lack of security controls Identifies common misconfigurations Passively tests security controls

A special isolated folder on a machine's hard disk where the suspicious files detected by Antivirus and Antimalware protection are placed to prevent further spread of threats.

Quarantine

SOAR stands for

Security, Orchestration, Automation, and Response

A stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.

SOAR

Difference between SOAR and SIEM?

SIEM aggregates data from multiple security systems to generate alerts. SIEM uses pattern matching to generate alerts that the IT team can investigate. It does NOT take action itself when it identifies a threat. SOAR acts as the response engine to those alerts generated by the SIEM. SOAR can also collect data from external applications.

A server used for collecting diagnostic and monitoring data from networked devices.

Syslog server

A server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

Proxy server

UC stands for

Unified Communications

An umbrella term for the integration of multiple enterprise communication tools -- such as voice calling, video conferencing, instant messaging, presence, content sharing, etc. -- into a single, streamlined interface, with the goal of improving user experience and productivity.

UC (Unified Communications)

AV stands for

Audio Visual

ICS stands for

Internet Connection Sharing

A feature that allows a device with internet access to act as a host or access point for other devices to connect to the web.

ICS (Internet Connection Sharing)

A security solution designed to detect anomalies in the log and event data collected from multiple network devices is called:

SIEM (Security Information and Event Management)

Which tool enables automated response to security incidents?

SOAR (Security, Orchestration, Automation, Response)

Penetration testing: (Select all that apply) Bypass security controls Only identifies lack of security controls Actively tests security controls Exploits vulnerabilities Passively tests security controls

Bypasses security controls Actively tests security controls Exploits vulnerabilities

NIDS stands for

Network Intrusion Detection System

HIDS stands for

Host-based Intrusion Detection System

Cybersecurity solution that monitors IT systems for signs of suspicious activity to detect unusual behaviors or patterns associated either with human users or applications that could be a sign of a security breach or attempted attack. This solution operates on an individual host system.

HIDS (Host-based Intrusion Detection System)

HIPS stands for

Host Intrusion Prevention System

An installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. In case of attempted major changes by a hacker or malware, this software blocks the action and alerts the user so an appropriate decision about what to do can be made.

HIPS (Host Intrusion Prevention System)

An internet standard protocol used to monitor and manage network devices via agents. This protocol collects, organizes, and sends data from various devices for network monitoring assisting with fault identification and isolation.

SNMP (Simple Network Management Protocol)

A penetration test performed by an authorized professional with the full prior knowledge on how the system that is to be tested works is called:

White-box testing

A penetration test of a computer system performed without the prior knowledge on how the system that is to be tested works is called:

Black-box testing

A penetration test in which the person conducting the test has a limited access to information on the internal workings of the targeted system is called:

Gray-box testing

In penetration testing, this type of reconnaissance relies on gathering information on the targeted system with the use of various non-invasive software tools and techniques, such as pinging, port scanning, or OS fingerprinting.

Active reconnaissance

In penetration testing, this type of reconnaissance involves gathering any type of publicly available information that can be used later for exploiting vulnerabilities found in the targeted system.

Passive reconnaissance

An optimal Wireless Access Point (WAP) antenna placement provides a countermeasure against: War chalking Spoofing War driving Insider threat

War driving

When people draw symbols in areas to indicate the presence of an open Wi-Fi network. The symbols used typically say something about the access point.

War chalking

Attackers searching for wireless networks with vulnerabilities while moving around an area in a moving vehicle.

War driving

Which statement applies to the concept of OSINT? Gaining advantage over competitors Passive reconnaissance Preparation before launching a cyberattack Active reconnaissance

Passive reconnaissance

In cybersecurity exercises, the attacking team

Red team

In cybersecurity exercises, the defending team

Blue team

In cybersecurity exercises, the event overseer (referee)

White team

In cybersecurity exercises, a collaborative approach that involves the blue and red teams working together to improve an organization's security

Purple team

T/F: A physical network diagram contains information on hardware devices and physical links between them.

True

T/F: A logical network diagram describes the actual traffic flow on a network and provides information related to IP addressing schemes, subnets, device roles, or protocols that are in use on the network.

True

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information? DRP DHE DLP DEP

DLP (Data Loss Prevention)

DLP stands for

Data Loss Prevention

EDR stands for

Endpoint Detection and Response

EDTR stands for

Endpoint Detection and Threat Response

An endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware.

EDR (Endpoint Detection and Response) AKA EDTR (Endpoint Detection and Threat Response)

Difference between EDR and HIPS

EDR offers more capabilities than HIPS. Unlike HIPS products which typically use an old-school standalone engine for detection/response, EDR products simultaneously run on the endpoint device (host), and are managed by either an on-premises server engine, or a cloud computing management back-end. EDR harnesses the threat detection/response capabilities of the vendor's global threat intelligence database, which is further enhanced with machine learning capabilities. Although HIPS products are good for detection/prevention of breaches, they generally don't have the variety of features of EDR, nor the server-side/cloud-based intelligence engines managing them from afar.

The 3 states of digital data

At rest In transit/motion In processing

Which of the 3 states of digital data requires data to be processed in an unencrypted form?

In processing

The process of replacing sensitive data with nonsensitive information which holds a reference to the original data and enables its processing but has no value when breached.

Tokenization

DRP stands for

Disaster Recovery Plan

DHE stands for

Diffie-Hellman key exchange

This method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric-key cipher.

DHE (Diffie-Hellman key exchange)

DEP stands for

Data Execution Prevention

A technology built into Windows that helps protect you from executable code launching from places it's not supposed to. It does that by marking some areas of your PC's memory as being for data only, no executable code or apps will be allowed to run from those areas of memory.

DEP (Data Execution Prevention)

Any function that can be used to map data of arbitrary size to fixed-size values

Hash function

T/F: A hash function allows for mapping large amount of data content to a small string of characters. The result of hash function provides the exact "content in a nutshell" (in the form of a string of characters) derived from the original data content. In case there is any change to the data after the original hash was taken, the next time when hash function is applied, the resulting hash value calculated after content modification will be different from the original hash.

True

A duplicate of the original site, with fully operational computer systems as well as near-complete backups of user data. Used in disaster recovery.

Hot site

A disaster recovery facility that provides only the physical space for recovery operations is called

Cold site

Which alternate site allows for fastest disaster recovery? Cold site Hot site Warm site

Hot site

A disaster recovery site that features an equipped data center but no customer data. In other words, it is "ready to go," but still needs some data moved over. It might need some cables plugged in or some systems updated or configured.

Warm site

A website or set of files on a computer server that has been copied to another computer server so that the site or files are available from more than one place. It has its own URL, but is otherwise identical to the principal site. Used to make site access faster when the original site may be geographically distant from those accessing it.

Mirror site

A monitored host holding no valuable data specifically designed to detect unauthorized access attempts and divert attacker's attention from the actual network is known as:

Honeypot

A customized login page that users must address before connecting to a public (or free) Wi-Fi network. It presents the user with terms of service, which they must agree to before accessing the WiFi hotspot.

Captive portal

Hardware or software that tie together network security features into one simple-to-use, easy-to-manage appliance.

UTM appliance

UTM stands for

Unified Threat Management

Which of the following is an example of fake telemetry? OSINT Bluejacking DNS sinkhole Replay attack

DNS sinkhole

Data collected from a network environment that can be analyzed to monitor the health and performance, availability, and security of the network and its components, allowing network administrators to respond quickly and resolve network issues in real-time. Examples include: CPU power Utilization - peaks, averages, over-utilization, and under-utilization. Server memory utilization. Disk space utilization. User requests and user activity.

Telemetry

Files in a honeypot host. If accessed, they will send an alert.

Honeyfiles

Information that cybercriminals send to a machine engaging in Machine Learning to trick the antimalware software from recognizing actual malware code.

Fake telemetry

A DNS that hands out an incorrect/invalid IP address when given a FQDN

DNS sinkhole AKA DNS blackhole AKA IP blackhole

How to use a DNS sinkhole for good

Compromised hosts often access certain known malicious websites. So a DNS sinkhole can be configured to instead route to a site inside of the organization to send an alert instead of the malicious website. This way, network admins are alerted that the particular host is compromised.

Deliberately incorrect/invalid data is also known as

Fake telemetry

A cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software?

IaaS

Which cloud service model would provide the best solution for a web developer intending to create a web app? XaaS SaaS PaaS IaaS

PaaS

A cloud computing service model offering remote access to applications based on monthly or annual subscription fee is called:

SaaS

A cloud computing deployment model in which the cloud infrastructure is provisioned for open use by the general public

Public cloud

A cloud computing environment dedicated to a single organization.

Private cloud

A cloud infrastructure in which multiple organizations share resources and services based on common operational and regulatory requirements.

Community cloud

A mixed cloud computing environment where applications are run using a combination of computing, storage, and services in different environments

Hybrid cloud

A cloud service model in which the third party manages the networking, storage, servers, and virtualization. The client manages the OS, middleware, runtime, data, and applications. Enables end users to scale and shrink resources on an as-needed basis. Offers essential compute, storage, and networking resources.

IaaS

A cloud service model in which the third party manages the networking, storage, servers, virtualization, OS, middleware, and runtime. The client manages the data and applications. Used for developing, running, and managing applications.

PaaS

A cloud service model in which the third party manages everything, and the client manages nothing. The consumer typically pays a subscription fee to use this.

SaaS

A transport protocol that supports transferring STIX insights over HTTPS

TAXII (Trusted Automated eXchange of Intelligence Information)

Difference between a race condition and TOCTOU?

The race condition is the malfunction itself TOCTOU is the vulnerability that arises from the malfunction

An attack in which the attacker sends many packets with fake MAC addresses to a switch to overflow the switch's address table, causing it to become full and unable to process traffic

MAC flooding

T/F: A cloud deployment model consisting of two or more interlinked cloud infrastructures (private, community, or public) is referred to as a hybrid cloud.

True

Which of the following would be the best solution for a company that needs IT services but lacks any IT personnel? MSA MaaS MSP MSSP

MSP (Managed Service Provider)

MSP stands for

Managed Service Provider

IT professionals that deliver IT services such as server management, network support cybersecurity, application implementation, and infrastructure management via regularly scheduled IT support.

MSP (Managed Service Provider)

MSSP stands for

Managed Security Service Provider

A third-party service provider that focuses exclusively on security services

MSSP (Managed Security Service Provier)

MSA stands for

Master Service Agreement

A contractual agreement between the service provider and the customer that outlines responsibilities and expectations between the MSSP and the client.

MSA (Master Service Agreement)

Difference between MSP and MSSP

MSP provides IT and security services. MSSP provides ONLY security services.

A service that integrates various forms of transport and transport-related services into a single, comprehensive, and on-demand mobility service.

MaaS (Mobility as a Service)

MaaS stands for

Mobility as a Service

Which of the following terms refers to a third-party vendor offering IT security management services? (Select best answer) MSP MaaS MSA MSSP

MSSP (Managed Security Service Provider)

T/F: The term "Fog computing" refers to a local network infrastructure between IoT devices and the cloud designed to speed up data transmission and processing.

True

A decentralized computing infrastructure in which data, compute, storage and applications are located somewhere between the data source and the cloud. It brings the advantages and power of the cloud closer to where data is created and acted upon.

Fog computing

A compute layer between the cloud and the edge. Where edge computing might send huge streams of data directly to the cloud, this type of computing can receive the data from the edge layer before it reaches the cloud and then decide what is relevant and what isn’t. The relevant data gets stored in the cloud, while the irrelevant data can be deleted or analyzed at this layer for remote access or to inform localized learning models.

Fog computing

What is the difference between edge computing and fog computing?

They are basically the same, except edge computing means that the storage and processing devices are either at the same place or extremely near to the devices that are connecting to them. Fog computing sits between the edge and the cloud. Some data may get saved into the cloud, while other data is either erased or processed in the fog network. Edge computing helps devices get FASTER results. Fog computing helps in FILTERING information before it gets saved into the cloud.

Which of the following solutions would be best suited for situations where response time in data processing is of critical importance?

Edge computing

Which is faster: fog computing or edge computing?

Edge computing Edge computing helps get FASTER results. Fog computing helps FILTER data before it gets saved into the cloud.

Which of the following devices best illustrates the concept of edge computing? Router Smartwatch Thin client Server

Smartwatch Remember that edge computing receives information from devices and quickly gives processing results back.

T/F: In client-server model, the term "Thin client" refers to a networked computer equipped with the minimum amount of hardware and software components. As opposed to thick client, which runs applications locally from its own hard drive, thin client relies on network resources provided by a remote server performing most of the data processing and storage functions.

True

Which of the following terms refers to the concept of virtualization on an application level? Serverless architecture Containerization SoC (System on a Chip) Infrastructure as code

Containerization

A way to build and run applications and services without having to manage infrastructure or configuration. It is very similar to PaaS, but it involves granular control, automatic scaling, and usage-based payment, rather than a flat-fee like PaaS.

Serverless architecture

The packaging of software code with just the OS libraries and dependencies required to run the code to create a single lightweight executable that runs consistently on any infrastructure. It is an OS-level virtualization method used to deploy and run distributed applications without launching an entire virtual machine.

Containerization

An IC that integrates most or all components of a computer or other electronic system on a single chip.

SoC (System on a Chip)

SoC stands for

System on a Chip

IC stands for

Integrated Circuit

An assembly of electronic components in which hundreds to millions of transistors, resistors, and capacitors are interconnected and built up on a thin substrate to form a small chip or wafer.

IC (Integrated Circuit)

T/F: In software engineering, the term "Microservice" describes independent and self-contained code components that can be put together to form an application.

True

Independent and self-contained code components (services) that can be put together to form an application.

Microservice

Which of the following answers refer to software technologies designed to simplify network infrastructure management? (Select 2 answers) SDP SSP SDV SEH SDN

SDV (Software-Defined Visibility) SDN (Software-Defined Networking)

Used to describe a hardware or service component that is improved or completely managed by software

Software-defined

The capability to clearly see all aspects of an organization's digital footprint as well as the risks and vulnerabilities within it. Also includes the ability to view security controls and the gaps created by inadequate controls.

Security visibility

A security solution that automates security visibility through a software framework.

SDV (Software-Defined Visibility)

SDP stands for

Software-Defined Perimeter

A security technique that controls access to resources based on identity and forms a virtual boundary around networked resources. It hides Internet-connected infrastructure so that external parties cannot see it, but internal authorized users can.

SDP (Software-Defined Perimeter)

SSP stands for

System Security Plan

A formal document that provides an overview of the security requirements for an information system and describes the security controls in place or planned for meeting those requirements.

SSP (System Security Plan)

SEH stands for

Structured Exception Handling

Code in a program that takes over when programs throw an exception due to a hardware or software issue.

SEH (Structured Exception Handling)

In cloud computing, users on an on-premises network take advantage of a transit gateway to connect to: WAN VPC SAN VLAN

VPC (Virtual Private Cloud)

VPC stands for

Virtual Private Cloud

A secure, isolated private cloud hosted within a public cloud.

VPC (Virtual Private Cloud)

SAN stands for

Storage Area Network

A network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space.

SAN (Storage Area Network)

WAN stands for

Wide Area Network

A large network of LANs that is not tied to a single location.

WAN (Wide Area Network)

VLAN stands for

Virtual Local Area Network

A type of network used to share the physical network while creating virtual/logical segmentations to divide specific groups

VLAN

A term used to describe a situation in which large number of deployed virtual machines lack proper administrative controls.

VM sprawl

The process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.

VM escape

The audit of use and consumption of network resources

Usage audit

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers) Patch management Usage audit Physical security controls Sandboxing Asset documentation

Usage audit Asset documentation

A cybersecurity practice where you run, analyze, and observe code in a safe, isolated environment that mimics end-user operating environments.

Sandboxing

What are the countermeasures against VM escape? (Select 2 answers) Group policy Sandboxing User training Patch management Asset documentation

Sandboxing Patch management

Which programming aspects are critical for secure application development process? (Select 2 answers) Patch management Input validation Password protection Error and exception handling Application whitelisting

Input validation Error and exception handling

The approach of restricting the usage of any tools or applications only to those that are already vetted and approved

Application whitelisting AKA application allowlisting

The approach used to prevent certain applications or executables from running in a network

Application blacklisting AKA application blocklisting

The process of removing redundant entries from a database is known as:

Normalization

What are the countermeasures against SQL injection attacks? (Select 2 answers) Code obfuscation Database normalization Stored procedures Code signing Input validation

Stored procedures Input validation

A prepared SQL code that you can save so the code can be reused over and over again.

Stored procedure

How do stored procedures prevent SQL injection?

They allow the users to only access your database by using the procedures that you have already defined. Users cannot write their own code.

T/F: Code obfuscation techniques rely on encryption to protect the source code against unauthorized access.

False While encryption is part of obfuscating source code, it is not a reliable way to protect the entire source code. Programmers use multiple ways simultaneously throughout the code to obfuscate it. These techniques include using alternate code forms (binary, replacing a function with a table lookup, etc), changing up data storage methods to hide the data, randomizing aggregation patterns, and encrypting small strings in order to make the code hard to read.

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:

Dead code

Code that can never be executed in a running program because the code surrounding it makes it impossible.

Dead code

Any lines of code that are added in the body of a program. Also refers to lines of code within the program in contrast to a routine that is external to the program, and called for as needed.

Inline code

Program code that is unnecessarily long, slow, or otherwise wasteful of resources

Code bloat

A repetition of a line or a block of code in the same file or sometimes in the same local environment.

Duplicate code

T/F: In web application programming, the term "Backend" typically refers to the part of a computer system or application that is not directly accessed by the user (for example a web server). On the opposite side, "Frontend" means software that can be accessed by the user locally (an example of this would be user's web browser). Code execution and input validation that take place in the backend are referred to as server-side operations, the frontend equivalent of this is known as client-side operations.

True

A collection of commonly used programming functions designed to speed up software development process is known as:

Library

A component that can be loaded into the MMC (Microsoft Management Console) to provide a specific management capability for a device.

Snap-in

A place where all of an organization's data is stored and can be analyzed.

Data repository

A lightweight software package containing an application's code, its libraries, and other dependencies.

Container

A heavy software package that provides complete emulation of low-level hardware devices like CPU, disk, and networking devices.

Virutal machine

Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform? GUI SDLC API SDK

SDK (Software Development Kit)

SDK stands for

Software Development Kit

GUI stands for

Graphical User Interface

SDLC stands for

Software Development Life Cycle

API stands for

Application Programming Interface

A set of definitions and protocols for building and integrating application software. It simplifies how developers integrate new application components into existing architecture and enables services/applications to communicate with each other.

API (Application Programming Interface)

Difference between SDK and API

SDK is a suite of software development tools and pieces of code to create applications. API is a set of definitions and protocols to allow programmers to integrate new applications with existing architecture.

A nonprofit organization focused on software security

OWASP (Open Worldwide Application Security Project)

OWASP stands for

Open Worldwide Application Security Project

CSIRT stands for

Computer Security Incident Response Team

A team charged with incident response, handling all security incidents affecting an organization within a timely manner.

CSIRT (Computer Security Incident Response Team) AKA CERT (Computer Emergency Response Team) AKA CIRT (Computer Incident Response Team)

IETF stands for

Internet Engineering Task Force

An SDO for the internet and is responsible for the technical standards that make up the TCP/IP suite.

IETF (Internet Engineering Task Force)

SDO stands for

Standards Development Organization

CERT stands for

Computer Emergency Response Team

CIRT stands for

Computer Incident Response Team

T/F: CSIRT, CERT, and CIRT are used interchangeably

True

A type of code that has already been translated from a high-level programming language into a low-level programming language and converted into a binary executable file is referred to as:

Compiled code

The process of transforming a computer program written in a given language (usually high-level programming language) into a set of instructions in another format or language (usually low-level programming language).

Compiling

An example of a low-level programming language

Binary code

Examples of high-level programming languages

Python, Ruby, C#, Java, etc.

What does it mean when code "doesn't compile"?

When the compiler was checking for correct syntax, it found errors and the translation into machine code wasn't successful.

The final phase of the program lifecycle in which the machine executes the program's code

Runtime

Code used to automated processes that would otherwise need to be executed step-by-step by a web developer.

Script

A network transit hub that you can use to interconnect your virtual private clouds (VPCs) and on-premises networks.

Transit gateway