CISSP (Domain 4 - Software Development Security) Flashcards Preview

CISSP > CISSP (Domain 4 - Software Development Security) > Flashcards

Flashcards in CISSP (Domain 4 - Software Development Security) Deck (63)
Loading flashcards...
1
Q

Waterfall Method

A
  • Traditional model
  • Completion of one task goes to another
  • Long term projects
2
Q

Prototyping Method

A
  • Address time issues with waterfall
  • Evolves each round
  • Four Phases
    + initial concept, implement pt, refine, release
3
Q

Spiral Model

A
  • Combination of waterfall and prototyping

- Develop initial with PT then each with Waterfall

4
Q

Software Development Life Cycle (SDLC) (7 things)

PI/FD/SD/SD/ITI/OM/D

A
  • Project initiation
  • Functional design analysis and planning
  • System design specifications
  • Software development
  • Installation/Test/Implementation
  • Operational/Maintenance
  • Disposal
5
Q

Project Initiation - SDLC

A

Identify security requirements

6
Q

Functional Design - SDLC

A

Function to address the threat

7
Q

System Design - SDLC

A

What security technology will be used

8
Q

Software Development - SDLC

A

Write code to meet specifications

9
Q

Testing and Installation - SDLC

A

Test system components, create manuals, UAT

10
Q

Operations/Maintenance - SDLC

A

Maintain system through SLA

11
Q

Disposal - SDLC

A

Data moved to another system or discarded

12
Q

Verification

A

Test features for functionality

13
Q

Validation

A

Test system as a whole

14
Q

Computer Aided Software Engineering (CASE)

A

Tools used to help programmers/PM/Analyst for automation, debugging, and rapid prototyping

15
Q

Capability Maturity Model (5 levels)

IRDMO

A

Used to improve processes which improves output

  • Initiating
  • Repeatable
  • Defined
  • Managed
  • Optimizing
16
Q

Initiating - CMM

A

Processes are disorganized, ad-hoc processes

17
Q

Repeatable - CMM

A

Processes made, established, defined, and documented

18
Q

Defined - CMM

A

Know the date it will be done

19
Q

Managed - CMM

A

% measurements of completion

20
Q

Optimizing - CMM

A

Constant process improvement

21
Q

Object Oriented Programming

A
  • Closely maps to real activities in the business world
  • Highly modular
  • Self contained
22
Q

Classes

A

Define attributes and characteristics of the possible objects within them

23
Q

Objects

A

Software entities that are grouped into Classes

24
Q

Polymorphism

A

Two objects sent the same message but react differently.

Same input different output with different object in same class.

25
Q

Polyinstantiation

A

Creation of another version of an object using different values for its variables to ensure lower level subjects do not access data at higher classification.

Data masking

26
Q

Cohesive - Module Interaction

A

Perform single task with little help from other modules

27
Q

Coupling - Module Interaction

A

Measurement of interaction between objects. Modules should not affect each other drastically.

28
Q

Meta-Data

A
  • Data about data

- Data used to describe the database and the data within it

29
Q

Open Database Connectivity (ODBC)

A

Manager between the application and the database’s.

30
Q

Data Warehousing

A

Combine data from multiple databases into a large database for information retrieval and data analysis

31
Q

Data Mining

A

Process of analyzing a database using tools that look for trends or anomalies without having the knowledge of the meaning of the data.

Massage data to be more meaningful

32
Q

Database ACID Test

A
  • Atomicity: Either all changes take effect or none do
  • Consistency: A transaction is allowed if it follows constraints
  • Isolation: The result of the transaction are not visible until the transaction is complete
  • Durability: Results of a completed transaction are permanent

*Maintain integrity of DB

33
Q

Aggregation - DB Security Attack

A

Act of combining information from separate sources to form new information for which attacker does not have access to

34
Q

Inference - DB Security Attack

A

Ability to derive additional information from learned facts about a particular system.

Lower security level indirectly portrays data at a higher level.

*Fought with Polyinstantiation

35
Q

Enterprise Java Bean (EJB) - Distributed Communication Standard

A

Intended to handle common concerns with persistence, transactional integrity, security in a standard way.

*Programmers can concentrate on object at hand

36
Q

Simple Object Access Protocol (SOAP) - Distributed Communication Standard

A

Replacement for DCOM and uses XML-based communication

37
Q

Distributed Component Object Model (DCOM)

A

Allows for objects on different systems to interact

38
Q

Common Object Model (COM)

A

Allow for simple inter-process communication between objects

39
Q

Object Linking and Embedding (OLE)

A

Provides a way for objects to be shared on a local workstation and uses COM as its foundation base

*Embedding an image in a document

40
Q

Cross Site Scripting (XSS)

A

Client makes request to web server. Web server is compromised to throw a popup with the contents of an attackers site

41
Q

5 Types of Malware

VMLTO

A
  • Virus
  • Worm
  • Logic Bomb
  • Trojan Horse
  • Other Attack Types
42
Q

Malicious Code Detection

A
  • *File integrity checker (checksum)
  • File size increases
  • Many unexpected disk access
43
Q

Virus

A
  • Needs a delivery vehicle

- Program that searches out other programs and infects them by embedding a copy of itself

44
Q

Macro Virus

A

Written in macro language that is platform independent.

Programs run automatically when document is opened

45
Q

Compression Virus

A

Appends itself to executable’s on the system and compresses them by using the users permissions

46
Q

Stealth Virus

A

Hides modifications it has made and tricks anti-virus software by intercepting its requests to the OS and provides bogus information

47
Q

Polymorphic Virus

A

*Digital signature changes

Produces varied by operational copies of itself. (nothing identical)

48
Q

Multi-Partite Virus

A

Infects computer in multiple ways

  • Boot sector
  • Hard Drive
49
Q

Self-Garbling Virus

A

Attempts to hide from anti-virus software by modifying its own code so it doesn’t match predefined signatures

50
Q

Meme Virus

A

E-mail messages that are continually forwarded around the internet. Not a virus

51
Q

Worms

A
  • Can reproduce on their own
  • Self contained code

*Own mind

52
Q

Logic Bomb

A

An event triggers on a certain date/time

53
Q

Trojan Horse

A

Program disguised as another program and does stuff in backgroun

54
Q

Smurf Attack

A

Uses IP spoofing and ICMP replies in order to saturate a host

  1. Spoofed IP (SRC Masked)
  2. ICMP echo to broadcast destination (DST)
  3. Bounced response (DST to SRC Masked IP)
55
Q

Fraggle Attack

A

Uses IP spoofing and UDP replies in order to saturate a host

  1. Spoofed IP (SRC Masked)
  2. UDP to broadcast destination (DST)
  3. Bounced response (DST to SRC Masked IP)
56
Q

Stop Smurf Attacks (Internal/Target/Bounce)

A

Internal:
- Only let traffic from our own network out (SRC was masked)

Target:
- Block no ICMP from outside

Bounce Site:
- Block ICMP and Broadcast

57
Q

Zombies

A

Computers that make up botnet community

58
Q

Ingress Filtering - DDoS Countermeasure

A

Do not allow packets in with internal source addresses

59
Q

Egress Filtering - DDoS Countermeasures

A

Do not allow packets to leave with external source addresses

60
Q

Expert Systems - AI

A
  • Computer users KB, algorithms, and rules
  • Infer new facts from existing knowledge and incoming data
  • Heuristic obtained through experiences and learning
  • App
61
Q

Inference Engine - AI

A
  • Rule based programming

- If/Then logic

62
Q

Artificial Neural Networks (ANN)

A
  • The ability to remember and learn from new experiences
  • Capacity to generalize
  • Only good for the experience they are given
63
Q

Online Transaction Processing (OLTP)

A

Mechanisms that watch for problems and deal with them appropriately when they occur.

*Ensure transactions go properly