Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
35 Cards in this Set
- Front
- Back
Which of the following layers of the ISO/OSI model do packet filtering firewalls operate at?
A. Application layer B. Session layer C. Network layer D. Presentation layer |
C. Network layer
|
|
In the OSI/ISO model, at what level is SET (SECURE ELECTRONIC TRANSACTION PROTOCOL) provided?
A. Application B. Network C. Presentation D. Session |
A. Application
|
|
What is not at a hot spot?
|
Data and Staff
|
|
What is at a warm spot?
|
partially ready to go but needs backups..
|
|
What is a cold spot?
|
Building, power, cooling basic connections.
|
|
A car radio is an example of
A. Simplex communication B. Half Duplex communication C. Full Duplex communication |
Simplex = car radio
Half Duplex = Walkie-talkie Full duplex = talking |
|
What is Hard-coded credentials?
A. Occurs when a programmer does not perform variable bounds checking B. Backdoor username/password left by Programmers manipulation of a back-end SQL server via a front-end web server C. 3rd party execution of web scripting languages such as Javascript within the security context of a trusted site D. CSRF or XSRF is a 3rd party redirect of static content within the security context of a trusted site |
Backdoor username/password left by Programmers
|
|
What is Buffer Overflow?
A. Occurs when a programmer does not perform variable bounds checking B. 3rd party execution of web scripting languages such as Javascript within the security context of a trusted site C. altering normal PHP URLs and variables D. manipulation of a back-end SQL server via a front-end web server |
Occurs when a programmer does not perform variable bounds checking
|
|
What is SQL Injection?
A. manipulation of a back-end SQL server via a front-end web server B. Backdoor username/password left by Programmers C. CSRF or XSRF is a 3rd party redirect of static content within the security context of a trusted site D. altering normal PHP URLs and variables |
manipulation of a back-end SQL server via a front-end web server
|
|
What is Directory Path Traversal?
A. 3rd party execution of web scripting languages such as Javascript within the security context of a trusted site B. Backdoor username/password left by Programmers C. Escaping from the root of a web server into the regular file system C. CSRF or XSRF is a 3rd party redirect of static content within the security context of a trusted site |
Escaping from the root of a web server into the regular file system.. manipulating the web address
|
|
What is PHP remote File Inclusion?
A. Occurs when a programmer does not perform variable bounds checking B. manipulation of a back-end SQL server via a front-end web server altering normal PHP URLs and variables C. altering normal PHP URLs and variables D. CSRF or XSRF is a 3rd party redirect of static content within the security context of a trusted site |
altering normal PHP URLs and variables
|
|
What is Cross Site Scripting (XXS)?
A. 3rd party execution of web scripting languages such as Javascript within the security context of a trusted site B. Backdoor username/password left by Programmers manipulation of a back-end SQL server via a front-end web server C. Escaping from the root of a web server into the regular file system altering normal PHP URLs and variables D. altering normal PHP URLs and variables |
3rd party execution of web scripting languages such as Javascript within the security context of a trusted site
|
|
Cross-Site Request Forgery?
A. Occurs when a programmer does not perform variable bounds checking altering normal PHP URLs and variables B. CSRF or XSRF is a 3rd party redirect of static content within the security context of a trusted site C. Backdoor username/password left by Programmers D. Escaping from the root of a web server into the regular file system.. manipulating the web address |
CSRF or XSRF is a 3rd party redirect of static content within the security context of a trusted site
|
|
Static testing
|
tests the code passively: the code is not running
|
|
White box software testing
|
gives the tester access to program source code, data, structures, variables, etc.
|
|
Black box testing
|
gives the tester no internal details: the software is treated as a black box that receives inputs
|
|
Unit testing
|
low level tests of software components such as functions, procedures, or objects
|
|
Installation Testing
|
Testing software as it is installed and first operated
|
|
Integration testing
|
testing multiple software components as they are combined into a working system.
|
|
Fuzzing
|
a type of black box testing that enters random, malformed data as inputs into software programs to determine if they will crash.
|
|
What is the software Capability Maturity Model
|
is a maturity framework for evaluating and improving the software development process.
|
|
Relational Databases are
|
the most common modern database Which contain two dimensional tables of related data.
|
|
what is a tuple
|
a row in a database
|
|
what is a attribute
|
a column in a database
|
|
what is a foreign key?
|
A key in a related database table that matches the primary key.
|
|
what is a data dictionary
|
contains a description of the database tables. This is metadata or data about data
|
|
Artificial Intelligence is
|
the science of programming electronic computers to "think" or mimic the human brain
|
|
what is often used to identify spam
|
Bayesian filtering.. it is based on a number of probabilities and statics.
|
|
Polyinstantiation
|
allows two objects to have same name
|
|
Polymorphism
|
allows object to overload an operator with many forms respectively
|
|
Data Definition Language
|
use to create, modify, and delete databases
|
|
What is Interface Definition Language (IDL)
|
used by CORBA objects to communicate
|
|
Types of database options
|
relational (two dimensional tables)
hierarchical (form a tree) object-oriented (combines data with function) |
|
Knowledge base
|
Expert system component that consists of if/then statements
|
|
inference engine
|
follows a tree formed by the knowledge base and fires a rule when there is a match
|