Upgrade to remove ads
Official (ISC)² CSSLP - Chapter 1: Secure Software Concepts Domain
Terms in this set (18)
A clearly specified mathematical process for computation; a set of rules that, if followed, will give a prescribed result.
Anything of value may be considered an asset. Assets may be tangible or intangible.
A reference to cryptographic algorithms that rely on a mathematically related public-private key pair to perform encryption/decryption. Whichever key is used to encrypt a message, the other key must be used to decrypt the message. Aside from confidentiality, these algorithms may also be used for the purpose of key exchange and/or digital signatures.
The process of verifying a subject's identity based on one or more authentication factors. Authentication follows identification.
The process of determining the rights and permissions of subjects in regard to objects. Authorization follows authentication.
A reference to physical, administrative, or technical security controls used to protect assets. Countermeasures are reactive in nature.
Cryptographic Hash Function
An algorithm (function) suited for use in cryptography and used to map input data of arbitrary length to a fixed size output. Good hash functions are one way, deterministic, and collision resistant.
A reference to hash functions that always produce the same digest from the same input data.
A reference to cryptographic operations that, when implemented correctly, can provide assurance for data integrity, origin, and nonrepudiation.
Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.
Claim of an identity by a subject.
Malicious software such as viruses, worms, or Trojans. Different malware may have different characteristics and deliver various payloads.
A reference to physical, administrative, or technical security controls used to protect assets. Safeguards are proactive in nature.
Software Development Lifecycle (SDLC)
A framework and a systematic process with associated tasks that are performed in a series of steps for building software applications. The lifecycle begins with planning and requirements gathering and ends with decommissioning and sunsetting the software.
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, and other organizations through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Trusted Computing Base (TCB)
Totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination responsible for enforcing a security policy.
Trusted Platform Module (TPM)
A tamper-resistant integrated circuit built into some computer motherboards that can perform cryptographic operations (including key generation) and protect small amounts of sensitive information, such as passwords and cryptographic keys.
Also known as revision control or source control systems. A reference to software tools that are used by software development teams to manage the access and the changes to source code over time.
THIS SET IS OFTEN IN FOLDERS WITH...
Official (ISC)² CSSLP - Chapter 2: Secure Software…
Official (ISC)² CSSLP - Chapter 3: Secure Software…
Official (ISC)² CSSLP - Chapter 4: Secure Software…
Official (ISC)² CSSLP - Chapter 6: Secure Software…
YOU MIGHT ALSO LIKE...
ITM455-1 (First Exam)
CompTIA Security+ Identifying Security Fundamentals
CS356 exam 1
Chapter 10- Data Security
OTHER SETS BY THIS CREATOR
Chapter 9: Putting it All Together
Chapter 8: Security Operations
Chapter 7: Security Assessment and Testing
Chapter 6: Software Development Security
OTHER QUIZLET SETS
Social studies chapter 3
Bio psych audition
Evolution Midterm 3 Modules 4-7
Radiation Safety and Equipment