Chapter 1 Flashcards

1
Q

improper input handling

A

A programming error that does not filter or validate user input to prevent a malicious action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

injections

A

Attacks that introduce new input to exploit a vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

integer overflow attack

A

An attack that changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

keylogger

A

Hardware or software that silently captures and stores each keystroke that a user types on the computer’s keyboard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

logic bomb

A

Computer code that is typically added to a legitimate program but lies dormant and evades detection until a specific logical event triggers it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

malware

A

Malicious software that enters a computer system without the user’s knowledge or consent and then performs an unwanted and harmful action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

memory leak

A

A situation that occurs when, due to a programming error, memory is not freed when the program has finished using it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

pointer/object dereference

A

A flaw that results in a pointer given a NULL instead of valid value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

potentially unwanted programs (PUPs)

A

Software that users do not want on their computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

race condition

A

A situation in software that occurs when two concurrent threads of execution access a shared resource simultaneously.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

ransomware

A

Malware that prevents a user’s endpoint device from properly and fully functioning until a fee is paid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

refactoring

A

Changing the design of existing code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

remote access Trojan (RAT)

A

Malware that infects a computer like a Trojan but also gives the threat agent unauthorized remote access to the victim’s computer by using specially configured communication protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

replay

A

An attack that copies data and then uses it for an attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

resource exhaustion attacks

A

An attack that depletes parts of memory and interferes with the normal operation of the program in RAM to give an attacker access to the underlying OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

rootkit

A

Malware that can hide its presence and the presence of other malware on the computer.

17
Q

security of the ML algorithms

A

A risk associated with the vulnerabilities in AI-powered cybersecurity applications and their devices.

18
Q

server-side request forgery (SSRF)

A

An attack that takes advantage of a trusting relationship between web servers

19
Q

shimming

A

Transparently adding a small coding library that intercepts calls made by a device and changes the parameters passed between the device and the device driver.

20
Q

spyware

A

Tracking software that is deployed without the consent or control of the user.

21
Q

SQL injection

A

An attack that inserts statements to manipulate a database server using Structured Query Language commands

22
Q

Structured Query Language

A

A language used to view and manipulate data that is stored in a relational database.

23
Q

tainted training data for machine learning

A

A risk associated with attackers can attempt to alter the training data that is used by ML

24
Q

time of check/time of use

A

A software check of the state of a resource before using that resource.

25
Q

Trojan

A

An executable program that masquerades as performing a benign activity but also does something malicious.

26
Q

worm

A

Malicious program that uses a computer network to replicate.

27
Q

XML injection

A

An attack that inserts statements to manipulate a database server using eXtensible Markup Language (XML).