Flashcards in Chapter 7 - Host, Data and Application Security Deck (21):
What is the most common language used to speak to databases?
Structured Query Language (SQL)
What kind of database and application exist on a single system?
One-Tier Model or Single-Tier Model
In what tiered system model, does the client workstation or system runs an application that communicates with the database that is running on a different server.
In what tiered system model effectively isolates the end user from the database by introducing a middle-tier server.
What is NoSQL?
Is not a relational database and does not use SQL.
What is a SAN?
Storage Area Network
Is a separate network set up to appear as a server to the main organizational network.
What is a technique of providing unexpected values as input to an application in order to make it crash?
What is the best way to prevent Fuzzing is...
Is to validate all input to ensure that input is of expected type.
What is OWASP?
Is a voluntary group dedicated to forming secure coding practices for web-based applications as well as mobile and client applications along with back-end design issues.
What is CERT Secure coding Standards?
Computer Emergency Response Team
Cover many of the same issues as OWASP, but they also have complete language-specific standards for Java, Perl, C and C++.
What are the three types of operating system patches?
- Service Pack
What are the different permissions?
- Full Control
- Read & Execute
What are some actions you should take to keep safe from Malware?
Install antivirus software
Install antispam filters
Install antispyware software
Use pop-up blockers
Use host-based firewalls
Use host-based IDS
A _____ _______ defines the level of security that will implemented and maintained.
What types of Backups are there?
What is a Differential Backup?
All changes since the last full backup are archived.
What is an Incremental Backup?
All changes since the last backup of any type are archived.
What is RAID 3 or 4?
The RAID uses one dedicated disk to store parity information. The storage capacity of the array is reduced by one disk (the one used for parity). If a disk fails, that is only a partial loss of data. The data remaining on the other disks, along with the parity information allows data to be recovered.
What is RAID 6?
This RAID level combines four or more disks in a way that protects data against the loss of any two disks. It accomplishes this by adding an additional parity block to RAID 5. Each of the parity blocks is distributed across the drive array so parity is not dedicated to any specific drive.
What is RAID 1+0 (or 10)?
"Stripe of Mirrors", requires a minimum of 4 drives, 2 mirrored drives to hold half of the striped data, plus another 2 mirrored drives for the other half of the data.