Chapter 20 - Quiz Flashcards Preview

Intro to Computer Security Final > Chapter 20 - Quiz > Flashcards

Flashcards in Chapter 20 - Quiz Deck (10):

Bob is developing a software application and has a field where users may enter a date. He wants to ensure that the values provided by the users are accurate dates to prevent security issues. What technique should Bob use?
A. Polyinstatntiation
B. Input validation
C. Contamination
D. Screening

B. Input Validation


What form of access control is concerned primarily with the data stored by a field?
A. Context-dependent
B. Content-dependent
C. Semantic integrity mechanisms
D. Perturbation

A. Content-dependent is based on data in the field

context dependent is based on the big-picture


Richard believes that a databse user is misusing his privileges to gain information about the company's overall business trends by issuing queries that combine data to form a large number of records. What process is the databse user taking advantage of?
A/ Inference
B. Contamination
C. Polyinstantiation
D. Aggregation

D. Aggregation


What databse technique can be used to prevent unauthorized users from determining classified information by unoticing the absence of information normally available to them?
A. Inference
B. Manipulation
C. Polyinstantiation
D. Aggregation

C. Polyinstantiation


What type of information is used to form the basis of an expert system's decision-making process?
A. A series of weighted layered computation
B. Combined input from a number of human experts, weighted according to past performance
C. A series of "if/then" rules codified in a knowledge base
D. A biological decision-making process that simulates the reasoning process used by the human mind

C. A series of "if/then" rules codified in a knowledge base


Which of the following acts as a proxy between an application and a database to support interaction and simplify the work of programers?
D. Abstraction



In what type of software testing does the tester have access to the underlying source code?
A. static testing
B. Dynamic testing
C. Cross-site scripting testing
D. Black box testing

A. Static testing


Which databse security risk occurs when ddata from a higher classification level is mixed with data from a lower classification level?
A. Aggregation
B. Inference
C. Contamination
D. Polyinstantiation

C. Contamination


What database security technology involves creating two or more rows with seemingly indentical primary keys that contain different data for users with differenct security clearances?
A. Polyinstantiation
B. Cell suppression
C. Aggregation
D. Views

A. Polyinstantiation


What transaction management principle ensures that two transactions do not interfere with each other as they operate on the same data?
A. Atomicity
B. Consistency
C. Isolation
D. Durability

C. Isolation