Week 14 - Application Security Flashcards

1
Q

what is application security?

A

developing, adding and testing security feature in an app to prevent vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

why is application security important?

A

guarantee security of information
consumer trust and boosting reputation
mitigating potential attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is Saas?

A

security as a service - cloud based apps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

define web application firewall

A

differ from traditional firewall - analyse HTTP traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

application security techniques

A

authenticating - authorising - using encryption - auditing - security testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

DevSecOps - development, security & operations

A

automates the integration of security at every phase of life cycle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DevSecOps culture?

A

integrated security is the responsibility of every team - not just testers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

cross site scripting (XSS)

A

XSS is a type of injection - attacker inserts malicious code into web page, form or URL - takes advantage of the fact that a web browser is responsible for executing the web application script. - found in Javascript

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SQL

A

structured query language - programming language - storing and processing information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

SQL injection

A

attacker adds own parameter - compromise of database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CSRF is?

A

cross site request forgery - takes advantage of browser - trick the browser into executing malicious actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly