CompTIA Security + Ch 4
Home > Preview
The flashcards below were created by user
on FreezingBlue Flashcards.
Tesxt files placed on the client computer that store information about it, which include your browsing habits and credentials.
Tracking cookies are used by spyware to collect information about a web users activities.
Session cookies are used by attackers in an attempt to hijack a session.
When a process stores data outside the memory that the developer intended. This could cause erratic behavior in the application.
User Account Control (UAC)
Security componet of Windows Vista, and 7 that keeps every user in standard user mode instead of as an admin with full admin rights.
Systems Development Life Cycle (SDLC)
The process of creating systems and applications, and the methodologies used to do so.
Secure Code Review
An in-depth code inspection procedure.
Secure Coding Concepts
The best practices used during the life cycle of software development.
Fuzz Testing (Fuzzing)
When random data is inputted into a computer program in an attempt to find vulnerabilities.
Cross-site Scripting (XSS)
A type of vulnerability found in web applications used with session hijacking.
Cross-site Request Forgery (XSRF)
An attack that exploits the trust a website has in a users browser in an attempt to transmit unauthorized commands to the website.
A process that ensures the correct usage of data.
When a web script runs in its own environment for the express purpose of not interfering with other processes, possibly for testing.
Also known as the ../ (dot dot slash) attack is a method of accessing unauthorized parent directories.
Zero Day Attack
An attack that is executed on a vulnerability in software before that vulerability is known to the creator of the software.
Prioritize threats to an application, based on their potential impact.
What would you like to do?
Home > Flashcards > Print Preview