Home
Subjects
Textbook solutions
Create
Study sets, textbooks, questions
Log in
Sign up
Upgrade to remove ads
Only $35.99/year
Official (ISC)² CSSLP - Chapter 1: Secure Software Concepts Domain
STUDY
Flashcards
Learn
Write
Spell
Test
PLAY
Match
Gravity
Terms in this set (18)
Algorithm
A clearly specified mathematical process for computation; a set of rules that, if followed, will give a prescribed result.
Asset
Anything of value may be considered an asset. Assets may be tangible or intangible.
Asymmetric Algorithm
A reference to cryptographic algorithms that rely on a mathematically related public-private key pair to perform encryption/decryption. Whichever key is used to encrypt a message, the other key must be used to decrypt the message. Aside from confidentiality, these algorithms may also be used for the purpose of key exchange and/or digital signatures.
Authentication
The process of verifying a subject's identity based on one or more authentication factors. Authentication follows identification.
Authorization
The process of determining the rights and permissions of subjects in regard to objects. Authorization follows authentication.
Countermeasure
A reference to physical, administrative, or technical security controls used to protect assets. Countermeasures are reactive in nature.
Cryptographic Hash Function
An algorithm (function) suited for use in cryptography and used to map input data of arbitrary length to a fixed size output. Good hash functions are one way, deterministic, and collision resistant.
Deterministic
A reference to hash functions that always produce the same digest from the same input data.
Digital Signature
A reference to cryptographic operations that, when implemented correctly, can provide assurance for data integrity, origin, and nonrepudiation.
Encryption Algorithm
Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.
Identification
Claim of an identity by a subject.
Malware
Malicious software such as viruses, worms, or Trojans. Different malware may have different characteristics and deliver various payloads.
Safeguard
A reference to physical, administrative, or technical security controls used to protect assets. Safeguards are proactive in nature.
Software Development Lifecycle (SDLC)
A framework and a systematic process with associated tasks that are performed in a series of steps for building software applications. The lifecycle begins with planning and requirements gathering and ends with decommissioning and sunsetting the software.
Threat
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, and other organizations through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Recommended textbook explanations
Introduction to Algorithms
3rd Edition
Charles E. Leiserson, Clifford Stein, Ronald L. Rivest, Thomas H. Cormen
709 explanations
Computer Organization and Design MIPS Edition: The Hardware/Software Interface
5th Edition
David A. Patterson, John L. Hennessy
220 explanations
Engineering Electromagnetics
8th Edition
John Buck, William Hayt
483 explanations
Introduction to the Theory of Computation
3rd Edition
Michael Sipser
389 explanations
Sets with similar terms
ITM455-1 (First Exam)
57 terms
CompTIA Security+ Identifying Security Fundamentals
52 terms
CS356 exam 1
94 terms
Chapter 10- Data Security
60 terms
Sets found in the same folder
Official (ISC)² CSSLP - Chapter 3: Secure Software…
15 terms
Official (ISC)² CSSLP - Chapter 2: Secure Software…
16 terms
Official (ISC)² CSSLP - Chapter 4: Secure Software…
15 terms
Official (ISC)² CSSLP - Chapter 6: Secure Software…
15 terms
Other sets by this creator
Chapter 5: Security Operations
34 terms
Chapter 4: Network Security
38 terms
Chapter 3: Access Controls Concepts
28 terms
Chapter 2: Incident Response, Business Continuity…
17 terms
Verified questions
COMPUTER SCIENCE
Write a function that accepts an int array and the array’s size as arguments. The function should create a new array that is twice the size of the argument array. The function should copy the contents of the argument array to the new array and initialize the unused elements of the second array with 0. The function should return a pointer to the new array.
COMPUTER SCIENCE
T F If an array is partially initialized, the uninitialized elements will contain “garbage.”
COMPUTER SCIENCE
True or False? A list can be an element in another list.
COMPUTER SCIENCE
Consider a computer system in which computer games can be played by students only between 10 P.M. and 6 A.M., by faculty members between 5 P.M. and 8 A.M., and by the computer center staff at all times. Suggest a scheme for implementing this policy efficiently.
Other Quizlet sets
LATIN AMERICA VOCAB TERMS
24 terms
Plants TSD Middle School Science
38 terms
Exam #3
44 terms
History 104 First Half Terms
51 terms
Related questions
QUESTION
What statement is true regarding the control the operator can exercise over the NAVTEX receivers operation?
QUESTION
Contains very useful information on how your data is collected from the website, how it's used, and what security measures the business will take to make sure your private data is safe.
QUESTION
At what nuisance alarm rate would you contact the Alarm Section to generate a work order?
QUESTION
Employees are not deterred by the potential loss of certification or professional accreditation resulting from a breach of a code of conduct as this loss has no effect on employees' marketability and earning power.