Study sets, textbooks, questions
Upgrade to remove ads
Domain 8: Software development security (11th)
Terms in this set (88)
Machine code (aka machine language)
software that is executed directly by the central processing unit (CPU).
computer programming language instructions that are written in text that must be translated into machine code before execution by the CPU
a low-level computer programming language
converts assembly language into machine language
attempts to convert machine language into assembly
take source code, such as C or Basic, and compile it into machine code
is compiled on the fly each time the program is run
also interpreted code. Bytecode exists as an intermediary form that is converted from source code, but still must be converted into machine code before it can run on the CPU
Computer-aided software engineering (CASE)
uses programs to assist in the creation and maintenance of other computer programs
There are three types of software:
1. Tools: support only specific task in the software-production process.
2. Workbenches: support one or a few software process activities by integrating several tools in a single application.
3. Environments: support all or at least part of the software-production process with a collection of Tools and Workbenches.
components of CASE
Fourth-generation computer languages, object-oriented languages, and GUIs
software that is typically released in executable form, though the source code is kept confidential
publishes source code publicly
may mean it is free of charge (sometimes called "free as in beer"), or "free" may mean the user is free to use the software in any way they would like, including modifying it (sometimes called "free as in liberty"). The two types are called gratis and libre, respectively
"free as in beer" (gratis) software, which is free of charge to use
fully functional proprietary software that may be initially used free of charge
partially functioning proprietary software, often with key features disabled
a linear application development model that uses rigid phases; when one phase ends, the next begins
has highly overlapping steps; it can be thought of as a real-world successor to the waterfall model and is sometimes called the sashimi waterfall model
The model is based on the hardware design model used by Fuji-Xerox
Agile Software Development
evolved as a reaction to rigid software development models such as the waterfall model
methods include scrum and XP
• Individuals and interactions over processes and tools
• Working software over comprehensive documentation
• Customer collaboration over contract negotiation
• Responding to change over following a plan
where a team tries to go the distance as a unit,
passing the ball back and forth—may better serve today's competitive requirements
XP (Extreme programming)
uses pairs of programmers who work off a detailed specification. There is a high level of customer involvement.
• Planning: specifies the desired features, which are called the user stories. They are used to determine the iteration (timeline) and drive the detailed specifications.
• Paired programming: programmers work in teams.
• Forty-hour workweek: the forecasted iterations should be accurate enough to forecast how many hours will be required to complete the project. If programmers must put in additional overtime, the iteration must be flawed.
• Total customer involvement: the customer is always available and carefully monitors the project.
• Detailed test procedures: these are called unit tests.
software development model designed to control risk
This model repeats steps of a project, starting with modest goals, and expanding outwards in ever-wider spirals called rounds. Each round of the spiral constitutes a project, and each round may follow a traditional software development methodology, such as modified waterfall. A risk analysis is performed each round. Fundamental flaws in the project or process are more likely to be discovered in the earlier phases, resulting in simpler fixes. This lowers the overall risk of the project; large risks should be identified and mitigated.
Rapid Application Development
rapidly develops software via the use of prototypes, "dummy" GUIs, back-end databases, and more
SDLC (aka systems development life cycle or software development life cycle)
a system development model
focuses on security
NIST SP 800-14
• Prepare a security plan: Ensure that security is considered during all phases of the IT system
life cycle and that security activities are accomplished during each of the phases.
• Initiation: The need for a system is expressed and the purpose of the system is documented.
• Conduct a sensitivity assessment: Look at the security sensitivity of the system and the information to be processed.
• Development/acquisition: The system is designed, purchased, programmed, or developed.
• Determine security requirements: Determine technical features, like access controls; assurances, like background checks for system developers; or operational practices, like awareness and training.
• Incorporate security requirements in specifications: Ensure that the previously gathered
information is incorporated in the project plan.
• Obtain the system and related security activities: May include developing the system's security features, monitoring the development process itself for security problems, responding to changes, and monitoring threats.
• Implementation: The system is tested and installed.
• Install/turn-on controls: A system often comes with security features disabled. These need
to be enabled and configured.
• Security testing: Used to certify a system; may include testing security management, physical facilities, personnel, procedures, the use of commercial or in-house services such as networking services, and contingency planning.
• Accreditation: The formal authorization by the accrediting (management) official for system
operation and an explicit acceptance of risk.
• Operation/maintenance: The system is modified by the addition of hardware and software and
by other events.
• Security operations and administration: Examples include backups, training, managing cryptographic keys, user administration, and patching.
• Operational assurance: Examines whether a system is operated according to its current
• Audits and monitoring: A system audit is a one-time or periodic event to evaluate security. Monitoring refers to an ongoing activity that examines either the system or the users.
• Disposal: The secure decommission of a system.
• Information: Information may be moved to another system, or it could also be archived,
discarded, or destroyed.
• Media sanitization: There are three general methods of purging media: overwriting,
degaussing (for magnetic media only), and destruction.
Integrated Product Teams (IPT)
a customer-focused group that focuses on the
entire lifecycle of a project
describes the process of having a third-party store an archive of computer software
Code Repository Security
They provide the following list of security controls:
• System security
• Operational security
• Software security
• Secure communications
• File system and backups
• Employee access
• Maintaining security
• Credit card safety
application programming interface (API)
allows an application to communicate with another application or an operating system, database, network, etc
OWASP enterprise security API toolkits
• Access control
• Input validation
• Output encoding/escaping
• Error handling and logging
• Communication security
• HTTP security
• Security configuration
Software Change and Configuration Management
provide a framework for managing changes to software as it is developed, maintained, and eventually retired. Some organizations treat this as one discipline; the exam treats configuration management and change management as separate but related disciplines
the practice of operations and development engineers participating together in the entire service lifecycle, from design through the development process to production support
a structured collection of related data
database management system (DBMS)
controls all access to the database and enforces the database security
Databases may be searched
structured query language
contain two dimensional tables, or relations, of related data
a row is a database record
any attribute (column) in the table with unique values
a key in a related database table that matches a primary key in a parent database table
ensure the integrity of the data in the tables
that every foreign key in a secondary table matches a primary key in the parent table; if this is not true, referential integrity has been broken
that each attribute (column) value is consistent with the attribute data type
each tuple has a unique primary key that is not null
seeks to make the data in a database table logically concise, organized, and consistent. Normalization removes redundant data and improves the integrity and availability of the database.
Database tables may be queried; the results of a query are this
constrained user interface
Restrict users access to specific functions by not allowing them to request it
data definition language (DDL)
used to create, modify, and delete tables
data manipulation language (DML)
used to query and update data stored in the tables
form a tree: the global domain name service (DNS) servers form a global tree
combine data with functions (code) in an object-oriented framework
make the pending changes permanent
If the commit is unsuccessful, the DBMSs can abort
clean snapshot of the database tables
a log of all database transactions
mirrors a live database, allowing simultaneous reads and writes to multiple replicated databases by clients. These pose additional integrity challenges. A two-phase (or multiphase) commit can be used to assure integrity.
similar to a replicated database with one key difference: these mirrors all changes made to a primary database, but clients do not access the shadow. Unlike replicated databases, the these are one way.
a large collection of data
used to search for patterns
Object-Oriented Programming (OOP)
uses an object metaphor to design and write computer programs
the functions they perform
encapsulation (aka data hiding)
we do not know, from the outside, how the object performs its function
summary of OOP concepts illustrated by Addy
• Object: Addy
• Class: Mathematical operators
• Method: Addition
• Inheritance: Addy inherits an understanding of numbers and math from his parent class mathematical operators. The programmer simply needs to program Addy to support the method
• Example input message: 1 + 2
• Example output message: 3
• Polymorphism: Addy can change behavior based on the context of the input, overloading the +
to perform addition, or concatenation, depending on the context
• Polyinstantiation: Two Addy objects (secret and top-secret), with different data
Cornerstone Object-Oriented Programming Concepts
include objects, methods, messages, inheritance, delegation, polymorphism, and polyinstantiation
Object request brokers (ORBs)
can be used to locate objects because they act as object search engines; ORBs are middleware
connects programs to programs
can occur when a programmer fails to perform bounds checking
Time of check/Time of use (TOC/TOU)
attacks are also called race conditions. This means that an attacker attempts to alter a condition after it has been checked by the operating system, but before it is used.
This is an example of a state attack
Cross-site scripting (XSS)
leverages the third-party execution of web scripting languages
cross-site request forgery (CSRF, or sometimes XSRF)
leverages a third-party redirect of static content
within the security context of a trusted site
allow an attacker with typically limited access
to be able to access additional resources
shortcuts in a system that allow a user to bypass security checks, such as username/password authentication
describes the actions taken by a security researcher after discovering a software vulnerability
the controversial practice of releasing vulnerability
the practice of privately sharing vulnerability
information with a vendor and withholding public release until a patch is available
Software Capability Maturity Model (CMM)
a maturity framework for evaluating
and improving the software development process
The five levels of CMM
1. Initial: The software process is characterized as ad hoc and occasionally even chaotic. Few
processes are defined, and success depends on individual effort.
2. Repeatable: Basic project management processes are established to track cost, schedule, and functionality. The necessary process discipline is in place to repeat earlier successes on projects
with similar applications.
3. Defined: The software process for both management and engineering activities is documented, standardized, and integrated into a standard software process for the organization. Projects use an approved, tailored version of the organization's standard software process for developing and maintaining software.
4. Managed: Detailed measures of the software process and product quality are collected, analyzed, and used to control the process. Both the software process and products are quantitatively
understood and controlled.
5. Optimizing: Continual process improvement is enabled by quantitative feedback from the
process and from piloting innovative ideas and technologies.
examines whether software meets various end-state requirements, whether from a user or customer, contract, or compliance perspective.
International Software Testing Qualifications Board (ISTQB)
acceptance testing as "a formal testing with respect to user needs, requirements, and business processes conducted to determine whether or not a system satisfies the acceptance criteria and to enable the user, customers or other authorized entity to determine whether or not to accept the system.
• The User Acceptance test: focuses mainly on the functionality, thereby validating the fitness-for-
use of the system by the business user. The user acceptance test is performed by the users and application managers.
• The Operational Acceptance test: also known as Production Acceptance test validates whether
the system meets the requirements for operation. In most of the organization, the operational
acceptance test is performed by the system administration before the system is released. The
operational acceptance test may include testing of backup/restore, disaster recovery, maintenance
tasks, and periodic check of security vulnerabilities.
• Contract Acceptance testing: performed against the contract's acceptance criteria for producing
custom-developed software. Acceptance should be formally defined when the contract is agreed.
• Compliance acceptance testing: also known as regulation acceptance testing, which is performed against the regulations that must be followed, such as governmental, legal, or safety regulations.
Commercial Off-the-Shelf Software (COTS)
software or hardware products that are ready-made and available for sale to the general public
Custom-Developed Third-Party Products
An alternative to COTS
1. Correct answer and explanation: A. DevOps is a more agile development and support model, where developers directly support operations.
Incorrect answers and explanations: Answers B, C, and D are incorrect. Sashimi, spiral, and waterfall are software development methodologies that do not describe a model for developers directly supporting operations.
1. What describes a more agile development and support model, where developers directly support operations?
2. Correct answer and explanation: C. Polyinstantiation means "many instances," such as two objects with the same names that have different data.
Incorrect answers and explanations: Answers A, B, and D are incorrect. Delegation allows objects to delegate messages to other objects. Inheritance means an object inherits capabilities from its parent class. Polymorphism allows the ability to overload operators, performing different methods depending on the context of the input message.
2. Two objects with the same name have different data. What OOP concept does this illustrate?
3. Correct answer and explanation: Answer A is correct; acceptance testing determines whether software meets various end-state requirements from a user or customer, contract, or compliance perspective.
Incorrect answers and explanations: Answers B, C, and D are incorrect. Integration testing tests multiple software components as they are combined into a working system. Regression testing tests software after updates, modifications, or patches. Unit testing consists of low-level tests of software components, such as functions, procedures, or objects.
3. What type of testing determines whether software meets various end-state requirements from a user or customer, contract, or compliance perspective?
A. Acceptance testing
B. Integration testing
C. Regression testing
D. Unit testing
4. Correct answer and explanation: A. Entity integrity means each tuple has a unique primary key that is not null.
Incorrect answers and explanations: Answers B, C, and D are incorrect. Normalization seeks to make the data in a database table logically concise, organized, and consistent. Referential integrity means that every foreign key in a secondary table matches a primary key in the parent table; if this is not true, referential integrity has been broken. Semantic integrity means each attribute (column) value is consistent with the attribute data type.
4. A database contains an entry with an empty primary key. What database concept has been violated?
A. Entity integrity
C. Referential integrity
D. Semantic integrity
5. Correct answer and explanation: A. Cross-site request forgery (CSRF) allows a third party to redirect static content within the security context of a trusted site.
5. Which vulnerability allows a third party to redirect static content within the security context of a trusted site?
A. Cross-site request forgery (CSRF)
B. Cross-site ccripting (XSS)
C. PHP remote file inclusion (RFI)
D. SQL injection
Recommended textbook explanations
John Buck, William Hayt
Introduction to Algorithms
Charles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen
Introduction to the Theory of Computation
Starting Out with Python
Sets found in the same folder
Domain 6: Security assessment and testin…
Domain 7: Security operations (11th)
CISSP - ISO/IEC standards
Sets with similar terms
CISSP Domain - Software Development Security
Chapter 12 BEC
MD BEC Ch12 - IT
Other sets by this creator
Chapter 9: Operations Management
Chapter 8: Operations Elements
Chapter 7: Cloud Application Security
Chapter 6: Responsibilities in the Cloud
Other Quizlet sets
Fluid & Electrolytes
Business Law Exam#1
History unit 2