Module 06 Software and Hardware Assurance Best Practices
input validation
Assuring that the data received is legitimate.
Trusted Platform Module (TPM)
A chip on the motherboard of the computer that provides cryptographic services.
self-encrypting drive (SED)
A hard drive that automatically encrypts all data files.
Simple Object Access Protocol (SOAP)
A message protocol that allows the distributed elements of an application to communicate in a web-services environment.
malware signatures
A method that can be used to identify and label malware code.
software development lifecycle (SDLC)
A methodology that can be used to build a program or application from its inception to decommission.
trusted foundry
A program by the U.S. Department of Defense that is designed to secure the manufacturing supply chain for vendors who supply technology to the military.
hardware security module (HSM)
A removable external cryptographic device.
Trusted execution
A secure area of the processor that guarantees that code and data are loaded inside a special secure area.
secure enclave
A secure coprocessor that functions in addition to the regular processor.
Endpoint detection and response (EDR)
A set of tools that have a similar functionality to HIDS and HIPS but are considered more robust.
Firmware
A specific class of computer software that provides the low-level control for a device's specific hardware.
eFuse
A technology that prevents the contents of a chip to be reversed.
bus encryption
A technology that protects the transfer of data between two processors.
Stress testing
A type of software testing that verifies stability and reliability of the software application when tested under extremely heavy load conditions.
processor security extensions
Additions added to the functionality of processors to provide additional enhancements and reduce the attack surface of the system
Security Assertion Markup Language (SAML)
An XML standard that allows secure web domains to exchange user authentication and authorization data in an SOA.
code review
An analysis of software code that can be either simple or comprehensive.
service-oriented architecture (SOA)
An approach that makes software components reusable through "service interfaces."
UEFI (Unified Extensible Firmware Interface)
An improved version of the firmware interface developed to replace the BIOS.
Formal methods for verification of critical software
Applying mathematically rigorous techniques (called formal methods) that use tools for the specification, design, and verification of software.
trusted firmware updates
Approved and verified updates to be used to edit the contents of firmware.
Which of the following permits a processor to read from a memory location or write to a location during the same data operation?
Atomic execution
Representational State Transfer (REST)
Considered an improvement over SOAP as a means of communications between web-based systems.
Which of the following options are capabilities of the EDR tool?
Data collection Providing a Detection Engine Data Recording Centralized Console
antitampering
Devices that can be installed on secure systems to prevent any physical actions by the threat actor on the device.
Which of the following is NOT an advantage of a software-oriented architecture (SOA)?
Eliminates the need for business analysts
What does EDR stand for?
Endpoint Detection and Response
True or False: Measured Boot provides the highest degree of security and does not impact the boot process.
False
True or False: Provisioning is removing a resource that is no longer needed.
False
True or false: A Windows firewall can be configured only locally.
False
True or false: Permissions can be applied to differ from user to user.
False
True or false: SRPs can be applied to the local security policy and group policy.
False
True or false: The blacklist method is used for blocking the application or set of applications from shutting down.
False
rule writing
Generating malware signatures based on specific rules.
Where does a hardware root of trust security check begin?
Hardware
Which of these provides cryptographic services and is external to the device?
Hardware security module (HSM)
Which of the following is NOT correct about the agile model?
It follows a rigid sequential design process.
Which of the following is NOT correct about YARA?
It is a proprietary tool.
Which boot security mode provides the highest degree of security?
Measured Boot
Which boot security mode sends information on the boot process to a remote server?
Measured Boot
session management
Monitoring and controlling the authentication and access control (or authorization) modules in web applications.
Which of the following is NOT a secure SDLC source?
Nessus
Raul is removing HTML control characters from text that is to be displayed on the screen. What secure coding best practice is he following?
Output encoding
Simpson is using predefined variables as placeholders when querying a database. What secure best coding practice is he following?
Parameterized query
Which of the following options are used to configure ACLs?
Per-user basis Per group basis Using an effective right mask For users other than the ones in the group for a file
Atomic execution
Permitting a processor to read from a memory location or write to a location during the same data operation.
Which of the following options are the three main tasks of DLP?
Protect Intellectual Property (IP) Bring Data Visibility Protect the personal information
security regression testing
Retesting an application to ensure that new software modifications do not reintroduce any old vulnerabilities that had been already corrected.
What is an XML standard that allows secure web domains to exchange user authentication and authorization data in an SOA?
SAML
Which technology is REST replacing?
SOAP
data protection
Schemes for securing the integrity of any data that the application accesses.
port security
Securing the ports on a hardware device.
Ryker has added a new module to an application and now needs to test it to be sure that the new module does not reintroduce any old vulnerabilities. What testing is Ryker performing?
Security regression testing
Which stage conducts a test that will verify the code functions as intended?
Staging stage
output encoding
Stripping anything other than text from data before it is displayed.
User acceptance testing (UAT)
The final phase of the software assessment process in which those who will be using the software will test it.
DevSecOps
The process of integrating secure development best practices and methodologies into application software development and deployment processes using the agile model.
sandboxing
The process of using a sandbox container in which an application can run so that it does not impact the underlying hardware.
hardware root of trust
The strongest starting point of the security chain that cannot be modified like software.
Which of the following is NOT correct about the software development lifecycle (SDLC)?
There has been only one approved SDLC model.
True or False: A goal of software diversity is to reduce the probability that errors created by different compilers will influence the end results.
True
True or False: A program by the U.S. Department of Defense that is designed to secure the manufacturing supply chain for vendors who supply technology to the military.
True
True or false: Data loss prevention is a set of rules that are defined to protect confidential and sensitive information.
True
Which of the following is a secure area of the processor that guarantees that code and data are loaded inside a special secure area?
Trusted execution
parameterized query
Using predefined variables or prepared statements as placeholders for parameters.
Measured Boot
Using the computer's firmware to log the boot process so the OS can send it to a trusted server to assess the security.
boot attestation
Verifying that the boot process is secure.
Which of the following types of NVM cannot be reset once code is written to it?
efuse
Which model uses a sequential design process?
waterfall model
