Study sets, textbooks, questions
Upgrade to remove ads
Official (ISC)² CSSLP - Chapter 1: Secure Software Concepts Domain
Terms in this set (18)
A clearly specified mathematical process for computation; a set of rules that, if followed, will give a prescribed result.
Anything of value may be considered an asset. Assets may be tangible or intangible.
A reference to cryptographic algorithms that rely on a mathematically related public-private key pair to perform encryption/decryption. Whichever key is used to encrypt a message, the other key must be used to decrypt the message. Aside from confidentiality, these algorithms may also be used for the purpose of key exchange and/or digital signatures.
The process of verifying a subject's identity based on one or more authentication factors. Authentication follows identification.
The process of determining the rights and permissions of subjects in regard to objects. Authorization follows authentication.
A reference to physical, administrative, or technical security controls used to protect assets. Countermeasures are reactive in nature.
Cryptographic Hash Function
An algorithm (function) suited for use in cryptography and used to map input data of arbitrary length to a fixed size output. Good hash functions are one way, deterministic, and collision resistant.
A reference to hash functions that always produce the same digest from the same input data.
A reference to cryptographic operations that, when implemented correctly, can provide assurance for data integrity, origin, and nonrepudiation.
Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.
Claim of an identity by a subject.
Malicious software such as viruses, worms, or Trojans. Different malware may have different characteristics and deliver various payloads.
A reference to physical, administrative, or technical security controls used to protect assets. Safeguards are proactive in nature.
Software Development Lifecycle (SDLC)
A framework and a systematic process with associated tasks that are performed in a series of steps for building software applications. The lifecycle begins with planning and requirements gathering and ends with decommissioning and sunsetting the software.
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, and other organizations through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Recommended textbook explanations
Introduction to Algorithms
Charles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen
Computer Organization and Design MIPS Edition: The Hardware/Software Interface
David A. Patterson, John L. Hennessy
John Buck, William Hayt
Introduction to the Theory of Computation
Sets with similar terms
ITM455-1 (First Exam)
CompTIA Security+ Identifying Security Fundamentals
CS356 exam 1
Chapter 10- Data Security
Sets found in the same folder
Official (ISC)² CSSLP - Chapter 3: Secure Software…
Official (ISC)² CSSLP - Chapter 2: Secure Software…
Official (ISC)² CSSLP - Chapter 4: Secure Software…
Official (ISC)² CSSLP - Chapter 6: Secure Software…
Other sets by this creator
Chapter 5: Security Operations
Chapter 4: Network Security
Chapter 3: Access Controls Concepts
Chapter 2: Incident Response, Business Continuity…
Write a function that accepts an int array and the array’s size as arguments. The function should create a new array that is twice the size of the argument array. The function should copy the contents of the argument array to the new array and initialize the unused elements of the second array with 0. The function should return a pointer to the new array.
T F If an array is partially initialized, the uninitialized elements will contain “garbage.”
True or False? A list can be an element in another list.
Consider a computer system in which computer games can be played by students only between 10 P.M. and 6 A.M., by faculty members between 5 P.M. and 8 A.M., and by the computer center staff at all times. Suggest a scheme for implementing this policy efficiently.
Other Quizlet sets
LATIN AMERICA VOCAB TERMS
Plants TSD Middle School Science
History 104 First Half Terms
What statement is true regarding the control the operator can exercise over the NAVTEX receivers operation?
Contains very useful information on how your data is collected from the website, how it's used, and what security measures the business will take to make sure your private data is safe.
At what nuisance alarm rate would you contact the Alarm Section to generate a work order?
Employees are not deterred by the potential loss of certification or professional accreditation resulting from a breach of a code of conduct as this loss has no effect on employees' marketability and earning power.