Shared Flashcard Set

Details

Security + || 5.4 Secure Application Development
Security + || 5.4 Secure Application Development
24
Computer Science
Undergraduate 4
12/13/2018

Additional Computer Science Flashcards

 


 

Cards

Term
Zero-day attack
Definition
Vulnerability that has not been reported or patched
Term
Improper input handling
Definition
Send invalid data to the application to try to crash it
Term
Buffer overflow
Definition
Buffer is memory allocated to application
Term
Integer overflow
Definition
Cause application to calculate values that are out-of-bounds
Term
Arbitrary and remote code execution
Definition
Attacker uses buffer overflow or some other method to execute his or her own code
Term
Privilege escalation
Definition
Get privileges from process to install malware
Term
SQL / XML injection
Definition
Pass application SQL or XML commands via user input or URI
Term
Directory traversal / command injection
Definition
Obtain access to host OS file system or shell
Term
Transitive access
Definition
Compromise trust relationships between sites
Term
Cross-Site Scripting (XSS)
Definition
Attacker injects code in trusted site
Term
Cookies Session Hijacking
Definition
Cookies can be used (and misused) for session management
Term
XSRF (Cross-site Request Forgery)
Definition
Passes a URI to another site open in the user’s browser
Term
HTTP header manipulation
Definition
Pass corrupted header to server to trick it into returning attacker’s code
Term
Provisioning
Definition
Process of deploying an application to the target environment
Term
Deprovisioning
Definition
Process of removing an application from packages or instances
Term
Design review
Definition
Application attack surface
Term
Verification
Definition
Compliance-testing process to ensure that the product or system meets its design goals.
Term
Validation
Definition
Process of determining whether the application is fit-for-purpose.
Term
Agile operations
Definition
Resiliency over reliability operations.
Term
Buffer
Definition
Memory allocated to an application.
Term
DevOps
Definition
Closer integration of programming / development team and admin team

Use of code in network provisioning and management.
Term
Memory Leak
Definition
You don't recover allocated memory as you use it and it stays reserved for some process.

It crashes eventually.
Term
Stored Procedure
Definition
Bit of code in a database a routine that activates when you enter a particular field or record.
Term
Fuzzer
Definition
Provide random or invalid data to see how a program responds.
Supporting users have an ad free experience!