Software & Systems Security Flashcards

1
Q

CNAME

A

Canonical Name Record or Alias Record. Specifies that one domain name is an alias of another canonical domain name.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Pair programming

A

a real-time process that utilizes two developers working on one workstation, where one developer reviews the code being written in real-time by the other developer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Input validation

A

Performed to ensure only properly formed data is entering the workflow in an information system, preventing malformed data from persisting in the database and triggering a malfunction of various downstream components.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Fuzzing

A

An automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program through the use of a fuzzer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Dynamic Code Analysis

A

studying how the code behaves during execution. An example is fuzzing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Static code analysis

A

a method of debugging by examining source code before a program is run.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Known bad data injection

A

a technique where data known to cause an exception or fault is entered as part of the testing/assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Security regression testing

A

ensures that changes made to a system do not harm its security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Stress testing

A

verifies the system’s stability and reliability by measuring its robustness and error handling capabilities under heavy load conditions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Dual control

A

a personnel security process that requires more than one employee available to perform a specific task.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Measured boot

A

a feature where a log of all boot actions is taken and stored in a trusted platform module for later retrieval and analysis by anti-malware software on a remote server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Master boot record analysis

A

used to capture the hard disk’s required information to support a forensic investigation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Relying parties (RPs)

A

provide services to members of a federation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

identity provider (IdP)

A

provides identities, makes assertions about those identities, and releases information about the identity holders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Security Assertion Markup Language (SAML)

A

open standard for exchanging authentication and authorization data between parties between an identity provider and a service provider (SP) or a relying party (RP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly