Term
|
Definition
when Laurel installs a packet-filter firewall, it should not allow any packets to pass into the network that were not specifically granted access. |
|
|
Term
Phases of the system development life cycle (SDLC). |
|
Definition
initiation acquisition/development implementation operation/maintenance disposal |
|
|
Term
|
Definition
In the initiation phase the company establishes the need for a specific system |
|
|
Term
project risk analysis vs. security risk analysis. |
|
Definition
The project team may do a risk analysis pertaining to the risk of the project failing. Security risk analysis, which addresses the vulnerabilities within the software product itself. |
|
|
Term
SDLC - Acquisition/Development |
|
Definition
New system is either created or purchased |
|
|
Term
|
Definition
New system is installed into production environment |
|
|
Term
SDLC -Operation/maintenance |
|
Definition
System is used and cared for |
|
|
Term
|
Definition
System is removed from production environment |
|
|
Term
|
Definition
the technical testing of a system |
|
|
Term
|
Definition
the formal authorization given by management to allow a system to operate in a specific environment. |
|
|
Term
System development life cycle (SDLC) |
|
Definition
A methodical approach to standardize requirements discovery, design, development, testing, and implementation in every phase of a system. |
|
|
Term
Standard phases of a software development life cycle (SDLC) |
|
Definition
Requirements gathering Design Development Testing/Validation Release/Maintenance |
|
|
Term
|
Definition
Describes the product and customer requirements. A detailed-oriented SOW will help ensure that these requirements are properly understood and assumptions are not made. |
|
|
Term
|
Definition
scope of a project continually extends in an uncontrollable manner (creeps) |
|
|
Term
work breakdown structure (WBS) |
|
Definition
a project management tool used to define and group a project’s individual work elements in an organized manner. |
|
|
Term
Typical Privacy Impact Ratings |
|
Definition
P1 High Privacy Risk P2 Moderate Privacy Risk P3 Low Privacy Risk |
|
|
Term
Three Common Software Requirement Models |
|
Definition
Informational model Functional model Behavioral model |
|
|
Term
Software Requirements - Informational model |
|
Definition
Dictates the type of information to be processed and how it will be processed |
|
|
Term
Software Requirements - Functional model |
|
Definition
Outlines the tasks and functions the application needs to carry out |
|
|
Term
Software Requirements - Behavioral model |
|
Definition
Explains the states the application will be in during and after specific transitions take place |
|
|
Term
|
Definition
what is available to be used by an attacker against the product itself. |
|
|
Term
|
Definition
to identify and reduce the amount of code and functionality accessible to untrusted users. |
|
|
Term
|
Definition
a systematic approach used to understand how different threats could be realized and how a successful compromise could take place |
|
|
Term
computer-aided software engineering (CASE) |
|
Definition
refers to any type of software tool that allows for the automated development of software, which can come in the form of program editors, debuggers, code analyzers, version-control mechanisms, and more. |
|
|
Term
|
Definition
a debugging technique that is carried out by examining the code without executing the program, and therefore is carried out before the program is compiled. |
|
|
Term
|
Definition
The goal of this type of testing is to isolate each part of the software and show that the individual parts are correct. |
|
|
Term
|
Definition
Verifying that components work together as outlined in design specifications. |
|
|
Term
|
Definition
Ensuring that the code meets customer requirements. |
|
|
Term
|
Definition
After a change to a system takes place, retesting to ensure functionality, performance, and protection. |
|
|
Term
|
Definition
a technique used to discover flaws and vulnerabilities in software. Fuzzing is the act of sending random data to the target program in order to trigger failures. |
|
|
Term
|
Definition
refers to the evaluation of a program in real time, i.e., when it is running. |
|
|
Term
|
Definition
Sometimes developers enter lines of code in a product that will allow them to do a few keystrokes and get right into the application. This allows them to bypass any security and access controls so they can quickly access the application’s core components. |
|
|
Term
Verification vs. Validation |
|
Definition
Verification determines if the product accurately represents and meets the specifications. Validation determines if the product provides the necessary solution for the intended real-world problem. |
|
|
Term
|
Definition
vulnerabilities that do not currently have a resolution. If a vulnerability is identified and there is not a preestablished fix (patch, configuration, update), it is considered a zero day |
|
|
Term
|
Definition
Indicates the sensitivity level of the data that will be processed or made accessible. |
|
|
Term
Web Application Security Consortium (WASC) |
|
Definition
an organization that provides bestpractice security standards for the World Wide Web and the web-based software that makes it up |
|
|
Term
Open Web Application Security Project (OWASP). |
|
Definition
The group provides development guidelines, testing procedures, and code review steps, but is probably best known for its top ten web application security risk list that it maintains. |
|
|
Term
|
Definition
The U.S. Department of Homeland Security (DHS) also provides best practices, tools, guidelines, rules, principles, and other resources that software developers, architects, and security practitioners can use to build security into software in every phase of its development. |
|
|
Term
|
Definition
International standard that provides guidance to assist organizations in integrating security into the processes used for managing their applications. It is applicable to in-house developed applications, applications acquired from third parties, and where the development or the operation of the application is outsourced. |
|
|
Term
|
Definition
No architecture design is carried out Development takes place immediately with little or no planning involved. Problems are dealt with as they occur, which is usually after the software product is released to the customer. |
|
|
Term
|
Definition
Uses a linear-sequential life-cycle approach Each phase must be completed in its entirety before the next phase can begin. At the end of each phase, a review takes place to make sure the project is on the correct path and if the project should continue (IMAGE) 1112 |
|
|
Term
|
Definition
it follows steps that are laid out in a V format This model emphasizes the verification and validation of the product at each phase and provides a formal method of developing testing plans as each coding phase is executed. (IMAGE) 1113 |
|
|
Term
|
Definition
A sample of software code or a model (prototype) can be developed to explore a specific approach to a problem before investing expensive time and resources. |
|
|
Term
|
Definition
an approach that allows the development team to quickly create a prototype (sample) to test the validity of the current understanding of the project requirements. |
|
|
Term
|
Definition
evolutionary prototypes are developed They are built with the goal of incremental improvement. Instead of being discarded after being developed, as in the rapid prototype approach, the prototype in this model is continually improved upon until it reaches the final product stage |
|
|
Term
|
Definition
Same as evolutionary model, but the operational prototype is designed to be implemented within a production environment as it is being tweaked |
|
|
Term
Incremental development model |
|
Definition
allows the team to carry out multiple development cycles on a piece of software throughout its development stages |
|
|
Term
|
Definition
uses an iterative approach to software development and places emphasis on risk analysis. The model is made up of four main phases: planning, risk analysis, development and test, and evaluation |
|
|
Term
Rapid Application Development (RAD) model |
|
Definition
Combines prototyping and iterative development procedures with the goal of accelerating the software development process. |
|
|
Term
|
Definition
an umbrella term for several development methodologies. It focuses not on rigid, linear, stepwise processes, but instead on incremental and iterative development methods that promote cross-functional teamwork and continuous feedback mechanisms. |
|
|
Term
Capability Maturity Model Integration (CMMI) |
|
Definition
models a comprehensive integrated set of guidelines for developing products and software both software vendors would use the model to help improve their processes and customers would use the model to assess the vendors’ practices |
|
|
Term
five maturity levels of the CMMI model |
|
Definition
Initial - Development process is ad hoc or even chaotic. Repeatable - A formal management structure, change control, and quality assurance are in place. Defined - Formal procedures are in place that outline and define processes carried out in each project. Managed - processes in place to collect and analyze quantitative data, and metrics are defined and fed into the process improvement program. Optimizing - The company has budgeted and integrated plans for continuous process improvement.
Each level builds upon the previous one. For example, a company that accomplishes a Level 5 CMMI rating must meet all the requirements outlined in Levels 1–4 along with the requirements of Level 5. (IMAGE) 1121 |
|
|
Term
Capability Maturity Models (CMMs) |
|
Definition
general models that allow for maturity- level identification and maturity improvement steps |
|
|
Term
|
Definition
the process of controlling the changes that take place during the life cycle of a system and documenting the necessary change control activities. |
|
|
Term
Software Configuration Management (SCM) |
|
Definition
Identifies the attributes of software at various points in time, and performs a methodical control of changes for the purpose of maintaining software integrity and traceability throughout the software development life cycle. |
|
|
Term
|
Definition
a third party keeps a copy of the source code, and possibly other materials, which it will release to the customer only if specific circumstances arise, mainly if the vendor who developed the code goes out of business or for some reason is not meeting its obligations and responsibilities |
|
|
Term
|
Definition
A format that the computer’s processor can understand and work with directly. Machine code is represented in a binary format (1 and 0) |
|
|
Term
|
Definition
A low-level programming language and is the symbolic representation of machine-level instructions Uses symbols (called mnemonics) to represent complicated binary codes |
|
|
Term
|
Definition
Tools that convert assembly code into the necessary machine-compatible binary language for processing activities to take place. |
|
|
Term
|
Definition
Otherwise known as third-generation programming languages, due to their refined programming structures, using abstract statements. |
|
|
Term
very high-level languages |
|
Definition
Otherwise known as fourth-generation programming languages and are meant to take natural language-based statements one step ahead. |
|
|
Term
|
Definition
Otherwise known as fifth-generation programming languages, which have the goal to create software that can solve problems by themselves. Used in systems that provide artificial intelligence. |
|
|
Term
|
Definition
Tools that convert high-level language statements into the necessary machine-level format (.exe, .dll, etc.) for specific processors to understand. |
|
|
Term
|
Definition
Tools that convert code written in interpreted languages to the machine-level format for processing. |
|
|
Term
Object-oriented programming (OOP) |
|
Definition
OOP works with classes and objects. A real-world object, such as a table, is a member (or an instance) of a larger class of objects called “furniture.” The furniture class will have a set of attributes associated with it, and when an object is generated, it inherits these attributes. |
|
|
Term
|
Definition
the functionality or procedure an object can carry out |
|
|
Term
|
Definition
Objects communicate with each other, and this happens by using messages that are sent to the receiving object’s API. |
|
|
Term
|
Definition
Means this information is packaged under one name and can be reused as one entity by other objects |
|
|
Term
|
Definition
details of the processing are hidden from all other program elements outside the object. Objects communicate through well-defined interfaces; therefore, they do not need to know how each other works internally. |
|
|
Term
|
Definition
Two objects can receive the same input and have different outputs. |
|
|
Term
Object-oriented analysis (OOA) |
|
Definition
the process of classifying objects that will be appropriate for a solution. |
|
|
Term
Object-oriented design (OOD) |
|
Definition
creates a representation of a real-world problem and maps it to a software solution using OOP |
|
|
Term
|
Definition
Considers data independently of the way the data are processed and of the components that process the data. A process used to define and analyze data requirements needed to support the business processes. |
|
|
Term
|
Definition
A measurement that indicates how much interaction one
module requires for carrying out its tasks. |
|
|
Term
|
Definition
A measurement that indicates how many different types of tasks a module needs to carry out. |
|
|
Term
|
Definition
A representation of the logical relationship between elements of data. |
|
|
Term
|
Definition
Identifies blocks of memory that were once allocated but are no longer in use and deallocates the blocks and marks them as free. |
|
|
Term
|
Definition
The capability to suppress unnecessary details so the important, inherent properties can be examined and reviewed. |
|
|
Term
Distributed Computing Environment (DCE) |
|
Definition
a client/server framework that is available to many vendors to use within their products |
|
|
Term
globally unique identifier (GUID), |
|
Definition
used to uniquely identify users, resources, and components within an environment. |
|
|
Term
Common Object Request Broker Architecture (CORBA) |
|
Definition
An open object-oriented standard architecture developed by the Object Management Group (OMG). It provides interoperability among the vast array of software, platforms, and hardware in environments today. CORBA enables applications to communicate with one another no matter where the applications are located or who developed them. |
|
|
Term
object request brokers [ORBs] |
|
Definition
ORB manages all communications between components and enables them to interact in a heterogeneous and distributed environment The ORB acts as a “broker” between a client request for a service from a distributed object and the completion of that request. |
|
|
Term
Component Object Model (COM) |
|
Definition
A model developed by Microsoft that allows for interprocess communication between applications potentially written in different programming languages on the same computer system. |
|
|
Term
Distributed Component Object Model (DCOM) |
|
Definition
IMAGE 1146. - DCOM has been faded out and replaced with the .NET framework |
|
|
Term
|
Definition
The framework has a large library that different applications can call upon. The libraries provide functions as in data access, database connectivity, network communication, etc. |
|
|
Term
Object linking and embedding (OLE) |
|
Definition
provides a way for objects to be shared on a local personal computer and to use COM as their foundation. OLE enables objects—such as graphics, clipart, and spreadsheets—to be embedded into documents. |
|
|
Term
Java Platform, Enterprise Edition (J2EE) |
|
Definition
J2EE is an enterprise Java computing platform. This means it is a framework that is used to develop enterprise software written mainly in the Java programming language. It provides APIs for networking services, fault tolerance, security, and web services for large-scale, multi-tiered network applications |
|
|
Term
service-oriented architecture (SOA) |
|
Definition
provides standardized access to the most needed services to many different applications at one time SOA is just a more web-based approach. |
|
|
Term
|
Definition
the combination of functionality, data, and presentation capabilities of two or more sources to provide some type of new service or functionality. |
|
|
Term
Simple Object Access Protocol (SOAP). |
|
Definition
an XML-based protocol that encodes messages in a web service environment. It actually defines an XML schema of how communication is going to take place. The SOAP XML schema defines how objects communicate directly |
|
|
Term
Software as a Service (SaaS) |
|
Definition
a model that allows applications and data to be centrally hosted and accessed by thin clients, commonly web browsers |
|
|
Term
|
Definition
a method of providing computing as a service rather than as a physical product. It is Internet-based computing, whereby shared resources and software are provided to computers and other devices on demand. |
|
|
Term
|
Definition
Code that can be transmitted across a network, to be executed by a system or device on the other end |
|
|
Term
|
Definition
intermediate code created by Java platform |
|
|
Term
Java Virtual Machine (JVM) |
|
Definition
converts the bytecode to the machine code that the processor on that particular system can understand |
|
|
Term
|
Definition
Small components (applets) that provide various functionalities and are delivered to users in the form of Java bytecode. Java applets can run in a web browser using a Java Virtual Machine (JVM). Java is platform independent; thus, Java applets can be executed by browsers for many platforms. |
|
|
Term
|
Definition
a Microsoft technology composed of a set of OOP technologies and tools based on COM and DCOM |
|
|
Term
|
Definition
A virtual environment that allows for very fine-grained control over the actions that code within the machine is permitted to take. This is designed to allow safe execution of untrusted code from remote sources. |
|
|
Term
|
Definition
A type of code signing, which is the process of digitally signing software components and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was digitally signed. Authenticode is Microsoft’s implementation of code signing. |
|
|
Term
|
Definition
when the input validation is done at the client before it is even sent back to the server to process |
|
|
Term
|
Definition
instead of valid input, the attacker puts actual database commands into the input fields, which are then parsed and run by the application |
|
|
Term
|
Definition
refers to an attack where a vulnerability is found on a web site that allows an attacker to inject malicious code into a web application |
|
|
Term
|
Definition
where the values that are being received by the application are validated to be within defined limits before the server application processes them within the system. |
|
|
Term
session cookie vs. persistent cookie |
|
Definition
session cookie - data that are passed and stored in memory persistent cookie - data that are passed and stored locally as a file |
|
|
Term
adequate parameter validation |
|
Definition
Adequate parameter validation may include pre-validation and post-validation controls. |
|
|
Term
|
Definition
an attacker capturing the traffic from a legitimate session and replaying it to authenticate his session |
|
|
Term
Server side includes (SSI) |
|
Definition
An interpreted server-side scripting language used almost exclusively for web-based communication. It is commonly used to include the contents of one or more files into a web page on a web server. Allows web developers to reuse content by inserting the same content into multiple web documents. |
|
|
Term
|
Definition
A piece of software installed on a system that is designed to intercept all traffic between the local web browser and the web server. |
|
|
Term
database management system (DBMS) |
|
Definition
software that provides access, view, and modify data as needed. It also enforces access control restrictions, provides data integrity and redundancy, and sets up different procedures for data manipulation |
|
|
Term
|
Definition
a collection of data stored in a meaningful way that enables multiple users and applications to access, view, and modify data as needed |
|
|
Term
|
Definition
• Relational • Hierarchical • Network • Object-oriented • Object-relational |
|
|
Term
relational database model |
|
Definition
uses attributes (columns) and tuples (rows) to contain and organize information. The relational database model is the most widely used model today |
|
|
Term
|
Definition
combines records and fields that are related in a logical tree structure. In the hierarchical database the parents can have one child, many children, or no children. IMAGE 1172 |
|
|
Term
|
Definition
built upon the hierarchical data model. Instead of being constrained by having to know how to go from one branch to another and then from one parent to a child to find a data element, the network database model allows each data element to have multiple parent and child records
[image] |
|
|
Term
|
Definition
An object-oriented database management system (ODBMS) is more dynamic in nature than a relational database, because objects can be created when needed and the data and procedure (called method) go with the object when it is requested. IMAGE 1173 |
|
|
Term
object-relational database (ORD) |
|
Definition
a relational database with a software front end that is written in an object-oriented programming language |
|
|
Term
Open Database Connectivity (ODBC) |
|
Definition
An API that allows an application to communicate with a database, either locally or remotely |
|
|
Term
Object Linking and Embedding Database (OLE DB) |
|
Definition
Separates data into components that run as middleware on a client or server. |
|
|
Term
ActiveX Data Objects (ADO) |
|
Definition
An API that allows applications to access back-end database systems. |
|
|
Term
Java Database Connectivity (JDBC) |
|
Definition
An API that allows a Java application to communicate with a database. |
|
|
Term
|
Definition
a central collection of data element definitions, schema objects, and reference keys. |
|
|
Term
|
Definition
Primary key - is an identifier of a row and is used for indexing in relational databases Foreign Key - If an attribute in one table has a value matching the primary key in another table and there is a relationship set up between the two of them |
|
|
Term
Three main types of Database integrity services |
|
Definition
Semantic - makes sure structural and semantic rules are enforced. These rules pertain to data types, logical values, uniqueness constraints, and operations that could adversely affect the structure of the database.
Referential - if all foreign keys reference existing primary keys. There should be a mechanism in place that ensures no foreign key contains a reference to a primary key of a nonexisting record, or a null value.
Entity - guarantees that the tuples are uniquely identified by primary key values. |
|
|
Term
|
Definition
mechanism makes sure structural and semantic rules are enforced. |
|
|
Term
|
Definition
If all foreign keys reference existing primary keys. There should be a mechanism in place that ensures no foreign key contains a reference to a primary key of a nonexisting record, or a null value |
|
|
Term
|
Definition
guarantees that the tuples are uniquely identified by primary key values |
|
|
Term
|
Definition
an operation that ends a current transaction and cancels the current changes to the database |
|
|
Term
|
Definition
completes a transaction and executes all changes just made by the user. |
|
|
Term
|
Definition
are used to make sure that if a system failure occurs, or if an error is detected, the database can attempt to return to a point before the system crashed or hiccupped. |
|
|
Term
two-phase commit mechanism |
|
Definition
A mechanism that is another control used in databases to ensure the integrity of the data held within the database. |
|
|
Term
|
Definition
when a user does not have the clearance or permission to access specific information, but she does have the permission to access components of this information. She can then figure out the rest and obtain restricted information |
|
|
Term
|
Definition
when a subject deduces the full story from the pieces he learned of through aggregation. This is seen when data at a lower security level indirectly portrays data at a higher level. |
|
|
Term
|
Definition
a technique used to hide specific cells that contain information that could be used in inference attacks. |
|
|
Term
|
Definition
involves dividing the database into different parts, which makes it much harder for an unauthorized individual to find connecting pieces of data that can be brought together |
|
|
Term
|
Definition
a technique of inserting bogus information in the hopes of misdirecting an attacker or confusing the matter enough that the actual attack will not be fruitful. |
|
|
Term
|
Definition
Databases can permit one group, or a specific user, to see certain information while restricting another group from viewing it altogether |
|
|
Term
|
Definition
enables a table that contains multiple tuples with the same primary keys, each instance is distinguished by a security level. If your security level is to low another set of data is created to fool the lower-level subjects into thinking the information actually means something else
It is often used to prevent inference attacks. |
|
|
Term
Online transaction processing (OLTP) |
|
Definition
provides mechanisms that watch for problems and deal with them appropriately when they do occur. For example, if a process stops functioning, the monitor mechanisms within OLTP can detect this and attempt to restart the process. |
|
|
Term
|
Definition
• Atomicity - Divides transactions into units of work and ensures that all modifications take effect or none takes effect. Either the changes are committed or the database is rolled back. • Consistency - A transaction must follow the integrity policy developed for that particular database and ensure all data are consistent in the different databases. • Isolation - Transactions execute in isolation until completed, without interacting with other transactions. The results of the modification are not available until the transaction is completed. • Durability - Once the transaction is verified as accurate on all systems, it is committed and the databases cannot be rolled back. |
|
|
Term
|
Definition
combines data from multiple databases or data sources into a large database for the purpose of providing more extensive information retrieval and data analysis |
|
|
Term
|
Definition
the process of massaging the data held in the data warehouse into more useful information |
|
|
Term
three approaches used in data mining to uncover patterns: |
|
Definition
• Classification - Groups together data according to shared similarities. • Probabilistic - Identifies data interdependencies and applies probabilities to their relationships. • Statistical - Identifies relationships between data elements and uses rule discovery. |
|
|
Term
|
Definition
Database structure that is described in a formal language supported by the database management system (DBMS). It is used to describe how data will be organized. |
|
|
Term
|
Definition
programs that can emulate human expertise in specific domains program containing a knowledge base and a set of algorithms and rules used to infer new facts from data and incoming requests. |
|
|
Term
|
Definition
A computer program that tries to derive answers from a knowledge base. It is the “brain” that expert systems use to reason about the data in the knowledge base for the ultimate purpose of formulating new conclusions. |
|
|
Term
artificial neural network (ANN) |
|
Definition
a mathematical or computational model based on the neural structure of the brain |
|
|
Term
|
Definition
A common way of developing expert systems, with rules based on if-then logic units, and specifying a set of actions to be performed for a given situation. |
|
|
Term
|
Definition
a small application, or string of code, that infects software The main function of a virus is to reproduce and deliver its payload, and it requires a host application to do this. |
|
|
Term
|
Definition
can reproduce on their own without a host application, and are self-contained programs. |
|
|
Term
|
Definition
Once the level of access is achieved, the attacker can upload a bundle of tools, collectively called a rootkit. The first thing that is usually installed is a back-door program, which allows the attacker to enter the system at any time without having to go through any authentication steps. The other common tools in a rootkit allow for credential capturing, sniffing, attacking other systems, and covering the attacker’s tracks. |
|
|
Term
|
Definition
a type of malware that is covertly installed on a target computer to gather sensitive information about a victim. |
|
|
Term
|
Definition
software that automatically generates (renders) advertisements |
|
|
Term
|
Definition
a piece of code that carries out functionality for its master, who could be the author of this code. Bots allow for simple tasks to be carried out in an automated manner in a web-based environment |
|
|
Term
command-and-control (C&C) servers, |
|
Definition
servers that send the bots instructions and manage the botnets they can maintain thousands or millions of computers at one time |
|
|
Term
|
Definition
an evasion technique. Botnets can use fast flux functionality to hide the phishing and malware delivery sites they are using. One common method is to rapidly update DNS information to disguise the hosting location of the malicious web sites. |
|
|
Term
|
Definition
executes a program, or string of code, when a certain set of conditions are met |
|
|
Term
|
Definition
a program that is disguised as another program |
|
|
Term
Signature-based detection |
|
Definition
Once a virus is detected, the antivirus vendor must study it, develop and test a new signature, release the signature |
|
|
Term
|
Definition
analyzes the overall structure of the malicious code, evaluates the coded instructions and logic functions, and looks at the type of data within the virus or worm. So, it collects a bunch of information about this piece of code and assesses the likelihood of it being malicious in nature. It has a type of “suspiciousness counter,” which is incremented as the program finds more potentially malicious attributes. Once a predefined threshold is met, the code is officially considered dangerous and the antivirus software jumps into action to protect the system. |
|
|
Term
|
Definition
A virus written in a macro language and that is platform independent. Since many applications allow macro programs to be embedded in documents, the programs may be run automatically when the document is opened. This provides a distinct mechanism by which viruses can be spread. |
|
|
Term
|
Definition
A virus that hides the modifications it has made. The virus tries to trick antivirus software by intercepting its requests to the operating system and providing false and bogus information. |
|
|
Term
|
Definition
Produces varied but operational copies of itself. A polymorphic virus may have no parts that remain identical between infections, making it very difficult to detect directly using signatures. |
|
|
Term
|
Definition
Attempts to hide from antivirus software by modifying its own code so that it does not match predefined signatures. |
|
|
Term
|
Definition
Attaches code to the file or application, which would fool a virus into “thinking” it was already infected. |
|
|
Term
|
Definition
Allowing the suspicious code to execute within the operating system and watches its interactions with the operating system, looking for suspicious activities. |
|
|