Shared Flashcard Set

Details

Security + || 5.4 Secure Application Development
Security + || 5.4 Secure Application Development
24
Computer Science
Undergraduate 4
12/13/2018
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Zero-day attack
 Definition
Vulnerability that has not been reported or patched
Term
Improper input handling
 Definition
Send invalid data to the application to try to crash it
Term
Buffer overflow
 Definition
Buffer is memory allocated to application
Term
Integer overflow
 Definition
Cause application to calculate values that are out-of-bounds
Term
Arbitrary and remote code execution
 Definition
Attacker uses buffer overflow or some other method to execute his or her own code
Term
Privilege escalation
 Definition
Get privileges from process to install malware
Term
SQL / XML injection
 Definition
Pass application SQL or XML commands via user input or URI
Term
Directory traversal / command injection
 Definition
Obtain access to host OS file system or shell
Term
Transitive access
 Definition
Compromise trust relationships between sites
Term
Cross-Site Scripting (XSS)
 Definition
Attacker injects code in trusted site
Term
Cookies Session Hijacking
 Definition
Cookies can be used (and misused) for session management
Term
XSRF (Cross-site Request Forgery)
 Definition
Passes a URI to another site open in the user’s browser
Term
HTTP header manipulation
 Definition
Pass corrupted header to server to trick it into returning attacker’s code
Term
Provisioning
 Definition
Process of deploying an application to the target environment
Term
Deprovisioning
 Definition
Process of removing an application from packages or instances
Term
Design review
 Definition
Application attack surface
Term
Verification
 Definition
Compliance-testing process to ensure that the product or system meets its design goals.
Term
Validation
 Definition
Process of determining whether the application is fit-for-purpose.
Term
Agile operations
 Definition
Resiliency over reliability operations.
Term
Buffer
 Definition
Memory allocated to an application.
Term
DevOps
 Definition
Closer integration of programming / development team and admin team

Use of code in network provisioning and management.
Term
Memory Leak
 Definition
You don't recover allocated memory as you use it and it stays reserved for some process.

It crashes eventually.
Term
Stored Procedure
 Definition
Bit of code in a database a routine that activates when you enter a particular field or record.
Term
Fuzzer
 Definition
Provide random or invalid data to see how a program responds.
Supporting users have an ad free experience!