WGU C706 Secure Software Design Terms (Over 200 Terms) (2022/2023) (Verified)

WGU C706 Secure Software Design Terms (Over 200 Terms) (2022/2023) (Verified) access control The restriction of persons or programs that may access specific information. There are two default policies for this: allow by exception or deny by exception. Access Control List (ACL) The list of persons or programs that are allowed (or, in the case of blacklisting, not allowed) to access a particular resource. Access List Traffic-Based Security plan (ALTBS) A network with no other security measures in place besides a router-based access control list. Active Directory service The directory service used by Microsoft and which is included in Microsoft Server operating systems and serves as a location for managing network resources and security. activity diagram A stepwise graphical description of an action taken by a system in completing a task; it is most often represented using UML. actor A user in a software system; these are modeled to perform user-based tasks in the standard software development lifecycle (SDLC). air gap security A security measure using an internal computer network with no access to the Internet. application programming interface (API) The software system used by a programmer in creating new software; most APIs have built-in routines for error checking and compiling, which may introduce or ignore errors in a language. You should always research the known issues in an API before using it for development. architectural design phase The period during which the high-level overview of the system is developed. archive A backup copy of data or information gathered or used by an organization; it is important to maintain archive copies of software code that is undergoing an update or rewrite. It is also important to archive data in case of system failure or loss. association A relationship between actors and procedures in defining use cases for a system. asymmetric encryption Asymmetric encryption uses one key for encryption and a different key for decryption; it prevents someone who knows one key to both encrypt and decrypt the data. These systems are designed such that knowing one key will not reveal the other key. attack The exploitation of a vulnerability in a software system that causes the system to fail or otherwise misbehave from what is expected in normal operation. attack surface The attack surface of a system is the set of known possible entry points on which an attack may be leveraged against a system. Planning an attack surface is essential for adequately mitigating system risk. attribute (or field) An attribute (also called a field) in a database is a single piece of raw data stored in a database record. An example of this is the first name attribute in an employee record. audit logs Records of some aspect of system behavior. Audit logs may be triggered by irregular behavior in a system or errors; these can provide valuable information in the case of attacks on a system that are recorded. authentication The verification of credentials for permitting a user or program to access a certain resource. Authentication systems suppose that users have a set of permissions that are associated with verification information, such as a username and password for accessing an account. availability The measure of time when a system is operating in a usable manner; the typical measurement of availability is called uptime. avoidance A potential strategy for responding to a threat; this strategy attempts to prevent the system from being open to attack at all. backdoor A method of circumventing normal authentication procedures and allowing unwanted access into a computer system. beta version A nearly complete build of the software that can be used to test for functionality of security flaws before the release of the final software product. This version is typically released to a group of testers or early adopters who will have some responsibility in reporting their experiences and any problems they encounter. binaries The compiled machine code of a software system; these are no longer readable by human beings but can still be scanned by other programs to detect functionality or vulnerabilities. BitLocker Full drive encryption capability included in Microsoft Ultimate and Enterprise editions of Microsoft Windows 7. black-box testing A testing methodology where the test cases are mostly derived from the requirements statements without consideration of the actual code content. block cipher A block cipher operates on multiple bits or symbols at once, treating them as a group for the purposes of encryption or decryption; the typical model of a block cipher is the Feistel cipher, which iterated the encryption process with variants of a given key. boot sector virus