Domain 8 - Software Development Security Flashcards Preview

CISSP > Domain 8 - Software Development Security > Flashcards

Flashcards in Domain 8 - Software Development Security Deck (85):
1

internal code that defines the actions an object performs in response to a message.

A method

2

The results or output exhibited by an object

Behavior

3

A collection of the common methods from a set of objects that defi nes the behavior of those objects

Class

4

Objects are ______ of or examples of classes that contain their methods.

instances

5

This occurs when methods from a class (parent or superclass) are inherited by another subclass (child).

Inheritance

6

the forwarding of a request by an object to another object or delegate. An object delegates if it does not have a method to handle the message.

Delegation

7

the characteristic of an object that allows it to respond
with different behaviors to the same message or method because of changes in external conditions.

Polymorphism

8

describes the strength of the relationship between the purposes of the methods within the same class.

Cohesion

9

the level of interaction between objects.

Coupling

10

This verifies that the values provided by a user match the programmer’s expectation before allowing further processing.

Input validation

11

puts the system into a high level of security (and possibly even disables it entirely) until an administrator can diagnose the problem and restore the system to normal operation.

fail-secure failure state

12

allows users to bypass failed security controls, erring on the side of permissiveness.

fail-open state

13

List the stages of the Software Capability Maturity
Model (abbreviated as SW-CMM)

Level 1: Initial, Level 2: Repeatable, Level 3: Defined, Level 4: Managed, Level 5: Optimizing

14

a type of bar chart that shows the interrelationships over time between projects and schedules.

A Gantt chart

15

Name the 3 basic components of change management process

Request Control, Change Control, Release Control

16

This component of change management process provides an organized framework within which users can request modifications, managers can conduct cost/benefit analysis, and developers can prioritize tasks.

Request Control

17

This component of change management process is used by developers to re-create the situation encountered by the user and analyze the appropriate changes to remedy the situation. It also provides an organized framework within which multiple developers can create and test a solution prior to rolling it out into a production environment.

Change Control

18

Once the changes are finalized, they must be approved for release through this procedure. An essential step of this component in the change management process is to double-check and ensure that any code inserted as a programming aid during this process (such as debugging code and/or back doors) is removed before releasing the new software to production. This should also include acceptance testing to ensure that any alterations to end-user work tasks are understood and functional.

Release Control

19

List the four main components of configuration management.

Configuration Identification, Configuration Control, Configuration Status Accounting, Configuration Audit

20

During this process, administrators document the configuration of covered software products throughout the organization.

Configuration Identification

21

This process ensures that changes to software versions are made in accordance with the change control and configuration management policies. Updates can be made only from authorized distributions in accordance
with those policies.

Configuration Control

22

Formalized procedures are used to keep track of all
authorized changes that take place.

Configuration Status Accounting

23

This should be conducted to ensure that the actual production environment is consistent with the accounting records and that no unauthorized configuration changes have taken place.

Configuration Audit

24

These allow application developers to bypass traditional web pages and interact directly with the underlying service through function calls.

application programming interfaces (APIs)

25

ensures that values returned by software match specifi ed criteria that are within reasonable bounds. For example, a routine that calculated optimal weight for a human being and returned a value of 612 pounds would certainly fail this type of test

reasonableness check

26

This testing examines the internal logical structures of a program and steps through the code line by line, analyzing the program for potential errors.

White-box testing

27

This testing examines the program from a user perspective by providing a wide variety of input scenarios and inspecting the output. These testers do not have access to the internal code.

Black-box Testing

28

This testing combines the two approaches and is popular for software validation. In this approach, testers examine the software from a user perspective,
analyzing inputs and outputs. They also have access to the source code and use it to help design their tests. They do not, however, analyze the inner workings of the program during their testing.

Gray-box Testing

29

This testing evaluates the security of software without running it by analyzing either the source code or the compiled application. It usually involves the use of automated tools designed to detect common software flaws, such as buffer overflows.

Static Testing

30

This testing evaluates the security of software in a runtime environment and is often the only option for organizations deploying applications written by someone else.

Dynamic Testing

31

This data model combines records and fields that are related in a logical tree structure.

Hierarchical data model

32

This data model has data stored in more than one database, but those databases are logically connected. The user perceives the database as a single entity, even though it consists of numerous parts interconnected over a network. Each field can have
numerous children as well as numerous parents. Thus, the data mapping relationship for these databases is many-to-many.

distributed data model

33

These databases consists of flat two-dimensional tables made up of rows and columns. In fact, each table looks similar to a spreadsheet file. The row and column structure provides for one-to-one data mapping relationships.

A relational database

34

In relational databases what are the columns in a tabled called

field

35

In relational databases what does each row represent

a record or tuple

36

In relational databases the number of rows in a relation is called what

cardinality

37

In relational databases the number of columns in a relation is called what

degree

38

In relational databases the set of allowable values that the attribute can take is called what

The domain of an attribute

39

Database transactions must be this—that is, they must be an “all-or-nothing” affair. If any part of the transaction fails, the entire transaction must be rolled back as if it never occurred.

Atomicity

40

All transactions must begin operating in an environment that is consistent with all of the database’s rules (for example, all records have a unique primary key). When the transaction is complete, the database must again be consistent with the rules, regardless of whether those rules were violated during the processing of the transaction itself. No other transaction should ever be able to use any inconsistent data that might be generated during the execution of another transaction.

Consistency

41

This principle requires that transactions operate separately from each other. If a database receives two SQL transactions that modify the same data, one transaction must be completed in its entirety before the other transaction is allowed to modify the same data. This prevents one transaction from working with invalid data generated as an intermediate step by another transaction.

Isolation

42

Database transactions must be this. That is, once they are committed to the database, they must be preserved. Databases ensure this through the use of
backup mechanisms, such as transaction logs.

Durability

43

This,or edit control, is a preventive security mechanism that endeavors to make certain that the information stored in the database is always correct or at least has its integrity and availability protected.

Concurrency

44

the concept of hiding individual database fields or cells or imposing more security restrictions on them.

cell suppression

45

the process of splitting a single database into multiple parts, each with a unique and distinct security level or type of content.

Database partitioning

46

This occurs when two or more rows in the same relational database table appear to have identical primary key elements but contain different data for use at differing classifi cation levels. It is often used as a defense against some types of inference attacks

Polyinstantiation

47

a database feature that allows applications to communicate with different types of databases without having to be directly programmed for interaction with each type.

Open Database Connectivity (ODBC)

48

consists of the main memory resources directly available to a system’s CPU. It normally consists of volatile random access memory (RAM) and is usually the most high-performance storage resource available to a system.

Primary (or “real”) memory

49

These systems consist of two main components: a knowledge base that contains a series of “if/then” rules and an inference engine that uses that information to draw conclusions about other data.

Expert systems

50

These simulate the functioning of the human mind to a limited extent by arranging a series of layered calculations to solve problems. They require extensive training on a particular problem before they are able to offer solutions.

Neural networks

51

This describes a sequential development process that results in the development of a finished product.

waterfall model

52

This model uses several iterations of the waterfall model to produce a number of fully specified and tested prototypes.

The spiral model

53

This model places an emphasis on the needs of the
customer and quickly developing new functionality that meets those needs in an iterative fashion.

Agile development model

54

This consists of more inexpensive, nonvolatile storage resources available to a system for long-term use. Typical secondary storage resources include magnetic
and optical media, such as tapes, disks, hard drives, flash drives, and CD/DVD storage.

Secondary storage

55

This allows a system to simulate additional primary memory resources through the use of secondary storage. For example, a system low on expensive RAM might make a portion of the hard disk available for direct CPU addressing.

Virtual memory

56

This allows a system to simulate secondary storage resources through the use of primary storage. The most common example of virtual storage is the RAM disk that presents itself to the operating system as a secondary storage device but is actually implemented in volatile RAM. This provides an extremely fast file system for use in various applications but provides no recovery capability.

Virtual storage

57

This allows the operating system to request contents from any point within the media. RAM and hard drives are examples of these storage resources.

Random access storage

58

This requires scanning through the entire media from the beginning to reach a specific address. A magnetic tape is a common example of a these storage resource.

Sequential access storage

59

This loses its contents when power is removed from the resource. RAM is the most common type of volatile storage resource.

Volatile storage

60

This does not depend upon the presence of power to maintain its contents. Magnetic/optical media and nonvolatile RAM (NVRAM) are typical examples of nonvolatile storage resources.

Nonvolatile storage

61

What are the two main functions of viruses?

propagation and destruction

62

One of the earliest known forms of virus infection. These viruses attack the portion of bootable media (such as a hard disk, USB drive, or CD/DVD) that the computer uses to load the operating system during the boot process.

Master Boot Record Viruses

63

These viruses infect different types of executable files and trigger when the operating system attempts to execute them.

File Infector Viruses

64

Many common software applications implement some sort of scripting functionality to assist with the automation of repetitive tasks. Although they offer great productivity-enhancing opportunities to computer users, they also expose systems to yet another avenue of infection.

Macro Viruses

65

Recent outbreaks of malicious code use yet another technique to infect systems and escape detection—injecting themselves into trusted runtime processes
of the operating system, such as svchost.exe , winlogin.exe , and explorer.exe .

Service Injection Viruses

66

These viruses use more than one propagation technique in an attempt to penetrate systems that defend against only one method or the other.

Multipartite Viruses

67

These viruses hide themselves by actually tampering with the operating system to fool antivirus packages into thinking that everything is functioning normally. For
example, this virus might overwrite the system’s master boot record with malicious code but then also modify the operating system’s file access functionality to cover
its tracks.

Stealth Viruses

68

These viruses actually modify their own code as they travel from system to system. The virus’s propagation and destruction techniques remain the same, but the signature of the virus is somewhat different each time it infects a new system. It is the hope of polymorphic virus creators that this constantly changing signature
will render signature-based antivirus packages useless.

Polymorphic viruses

69

These viruses use cryptographic techniques to avoid detection. In their outward appearance, they are actually quite similar to polymorphic viruses—each infected system has a virus with a different signature. However, they do not generate these modified signatures by changing their code; instead, they alter the way they are stored on the disk.

Encrypted viruses

70

malicious code objects that infect a system and lie dormant until they are triggered by the occurrence of one or more conditions such as time, program launch, website logon, and so on.

logic bombs

71

a software program that appears benevolent but carries a malicious, behind-the-scenes payload that has the potential to wreak havoc on a system or network.

Trojan horse

72

These contain the same destructive potential as other malicious code objects with an added twist—they propagate themselves without requiring any human intervention.

Worms

73

These vulnerabilities exist when a developer does not properly validate user input to ensure that it is of an appropriate size. Input that is too large can “overflow” a data structure to affect other data stored in the computer’s memory.

Buffer overflow

74

This issue is a timing vulnerability that occurs when a program checks access permissions too far in advance of a resource request. For example, if an operating system builds a comprehensive list of access permissions for a user upon logon and then consults that list throughout the logon session, this vulnerability exists.

time-of-check-to-time-of-use (TOCTTOU or TOC/TOU)

75

These are undocumented command sequences that allow individuals with knowledge of the back door to bypass normal access restrictions. They are often used during the development and debugging process to speed up the workflow and avoid forcing developers
to continuously authenticate to the system.

Back doors

76

This is a type of computer security vulnerability typically found in web applications. It enables attackers to inject client-side scripts into web pages viewed by other users.

Cross-site scripting

77

These attacks use unexpected input to a web application. They allow a malicious individual to directly perform SQL transactions against the underlying database to gain unauthorized access to an underlying database.

SQL injection

78

These are often the first type of network reconnaissance carried out against a targeted network. The nmap tool is one of the most common tools used to perform these.

IP probes (also called IP sweeps or ping sweeps )

79

These probe all the activesystems on a network and determine what public services are running on each machine.

port scan

80

Attackers borrow the identities of legitimate users and systems to gain the trust of third parties.

masquerading attacks

81

In this attack , the malicious individual simply reconfigures their system so that it has the IP address of a trusted system and then attempts to gain access to other external resources. This is surprisingly effective on many networks that don’t have adequate filters installed to prevent this type of traffic from occurring.

IP spoofing

82

These attacks occur when a malicious individual intercepts part of the communication between an authorized user and a resource and then uses a hijacking technique to take over the session and assume the identity of the authorized user.

Session hijacking

83

This is also known as one-click attack or session riding. It is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.

Cross-site Request Forgery

84

Cross Site scripting takes advantage of trust I have in a web site. Cross Site Request Forgery takes advantage of trust a web site has in me.

True

85

Within databases this states that the primary key field can't be null

Entity Integrity