Shared Flashcard Set

Details

Security + Chapter 4
Security + Chapter 4
13
Computer Science
Not Applicable
08/02/2012

Additional Computer Science Flashcards

 


 

Cards

Term
Cookies
Definition
Text files placed on the client computer that store information about it, which could include your computer’s browsing habits and credentials. Tracking cookies are used by spyware to collect information about a web user’s activities. Session cookies are used by attackers in an attempt to hijack a session.
Term
Buffer Overflow
Definition
When a process stores data outside the memory that the developer intended. This could cause erratic behavior in the application, especially if the memory already had other data in it.
Term
UAC
Definition

User Account Control

 

A security component of Windows Vista that keeps every user (besides the actual Administrator account) in standard user mode instead of as an administrator with full administrative rights—even if they are a member of the administrators group.

Term
SDLC
Definition

Systems Development Life Cycle

The process of creating systems and applications, and the methodologies used to do so.

Term
Secure Code Review
Definition
An in-depth code inspection procedure.
Term
Secure Coding Concepts
Definition
The best practices used during the life cycle of software development.
Term
Fuzz Testing
Definition
When random data is inputted into a computer program in an attempt to find vulnerabilities
Term
XSS
Definition

Crosssite Scripting

 

A type of vulnerability found in web applications used with session hijacking.

Term
XSRF
Definition

Cross-Site Request Forgery

 

An attack that exploits the trust a website has in a user’s browser in an attempt to transmit unauthorized commands to the website.

Term
Input Validation
Definition
Input validation or data validation is a process that ensures the correct usage of data.
Term
Sandbox
Definition
When a web script runs in its own environment for the express purpose of not interfering with other processes, possibly for testing.
Term
Directory Traversal
Definition
Also known as the ../ (dot dot slash) attack is a method of accessing unauthorized parent directories.
Term
Zero Day Attack
Definition
An attack that is executed on a vulnerability in software before that vulnerability is known to the creator of the software.
Supporting users have an ad free experience!