click below
click below
Normal Size Small Size show me how
Chapter 7 Terms
Security+ SY0-501 7th Edition Terms (Chapter 7)
Question | Answer |
---|---|
advanced persistent threats (APTs) | Any sophisticated series of related attacks taking place over an extended period of time. |
Agile development | A method of software development meant to be rapid. |
baselining | Creating a fundamental, or baseline, security level. |
Big Data | Data that is larger than what can be handled with traditional tools and algorithms. |
database normalization | The process of removing duplication in a relational database. |
embedded system | Operating system in a device, sometimes on a single chip. |
fuzzing | A method of testing that intentionally enters invalid input to see if the application can handle it. |
hardening | The process of making a server or an application resistant to an attack. |
Infrastructure as Code (IaC) | The process of managing and provisioning computer datacenters through machine-readable definition files. |
Internet of Things (IoT) | Devices that interact on the Internet, without human intervention. |
NoSQL database | Datastores that do not use a relational structure. |
Open Web Application Security Project (OWASP) | An online community that develops free articles, documentation, tools, and more on web application security. |
prototyping | Creating a version of an application that has only the bare minimum functionality so that it can be evaluated before further development. |
sandboxing | Operating in an isolated environment. |
script kiddy | An attacker with very minimal skills. |
secure coding | Programming in a manner that is secure. |
stored procedures | SQL statements written and stored on the database that can be called by applications. |
stress testing | Subjecting a system to workloads that are extreme. |
Structured Query Language (SQL) | The language used by all relational databases. |
waterfall method | A software development method that uses very well-defined sequential phases. |
zero-day exploit | A vulnerability that is unknown to the product vendor, and thus there is no patch for it. |