Host, Data and Application Security

Ace your homework & exams now with Quizwiz!

Which of the following is the technique of providing unexpected values as input to an application to try to make it crash?

Fuzzing

Gerard is concerned about SQL injection attacks on his company's e-commerce server. What security measure would be most important for him to implement?

Input Validation

Mary is responsible for website security in her company. She wants to address widely known and documented web application vulnerabilities. Which resource would be most helpful?

OWASP (Open Web Application Security Project)

John is responsible for application security at his company. He is concerned that the application reacts appropriately to unexpected input. What type of testing would be most helpful to him?

Fuzzing

What refers to the process of establishing a standard for security?

Baselining

You want to assign privileges to a user so that she can delete a file but not be able to assign privileges to others. What permissions should you assign?

Delete

Elizabeth works for a company that manufactures portable medical devices, such as insulin pumps. She is concerned about security for the device. What would be the most helpful in securing these devices?

Ensure that all communication with the device are encrypted

You've been chosen to lead a team of administrators in an attempt to increase security. You're currently creating an outline of all the aspects of security that will need to be examined and acted on. What describes the process of improving security in a network operating system (NOS)?

Hardening

Your company does electronic monitoring of individuals under house arrest around the world. Because of the sensitive nature of the business, you can't afford any unnecessary downtime. What is the process of applying a repair to an operating system while the system stays in operation?

Hotfix

Ahmed is responsible for security of a SCADA system. If availability is his biggest concern, what is the most important thing for him to implement?

IPS (Intrusion Prevention System

Myra is concerned about database security. She wants to begin with a good configuration of the database. Which of the following is a fundamental issue with database configuration?

Normalization

What is the process of applying manual changes to a program called?

Patching

Denish is testing an application that is multithreaded. What is a specific concern for multithreaded applications?

Race Conditions

Juan has just made a minor change to the company's e-commerce application. The change works as expected. What type of testing is most important for him to perform?

Regression Testing

Your company has grown at a tremendous rate, and the need to hire specialists in various IT areas has become apparent. You're helping to write an online advertisement that will be used to recruit new employees, and you want to make certain that applicants possess the necessary skills. One knowledge area in which your organization is weak is database intelligence. What is the primary type of database used in applications today that you can mention in the ads?

Relational

What would be the most secure way to deploy a legacy application that requires a legacy operating system?

Sandboxing

Gertrude is managing a new software project. The project has very clearly defined requirements that are not likely to change. What is the most appropriate development model for her?

Scrum

The administrator at MTS was recently fired, and it has come to light that he didn't install updates and fixes as they were released. As the newly hired administrator, your first priority is to bring all networked clients and servers up to date. What is a bundle of one or more system fixes in a single product called?

Service Pack

Vincent is a programmer working on an e-commerce site. He has conducted a vulnerability scan and discovered a flaw in a third-party module. There is an update available for this module that fixes the flaw. What is the best approach for him to take to mitigate this threat?

Submit an RFC (Rear Field Communication)

You're redesigning your network in preparation for putting the company up for sale. The network, like all aspects of the company, needs to perform at its best in order to benefit the sale. What model is used to provide an intermediary server between the end user and the database?

Three-Tiered


Related study sets

Chpt 6 - Project Time Management

View Set

CH. 9 : Antimicrobial chemotherapy

View Set

health and nutrition chapter 4 test

View Set

Apex CCPII 2.4.2 notes (Personal Essay)

View Set

HEALTHCARE FOUNDATIONS PREPU Chapter 06: Values, Ethics, and Advocacy

View Set

Time is an important variable in many psychological concepts. Describe a specific example that clearly demonstrates an understanding of each of the following concepts and how it relates to or is affected by time. Use a different example for each concept.

View Set

Cosmetology II - How to Use Lighteners

View Set