A. Threats to the Software Development Security Domain

After reading/viewing this week’s materials, please respond to one or more of the following questions.

1. Describe the following threats to the application environment: Buffer Overflow, Denial of Service, Time of Check/Time of Use, Malformed input attacks, Object reuse, Garbage collection, and Trap door.
2. Explain the following terms: file infector, boot sector infector, system infector, email virus, multipartite, macro virus, script virus, and hoax
3. Explain the difference between a virus and a worm. Describe what a Trojan Horse and a Logic Bomb are.

B. Software Development Security Countermeasures

After reading/viewing this week’s materials, please respond to one or more of the following questions.

1. What is a View-based access control in database? What is a Data warehouse? What is Online Transaction Processing (OLTP)?
2. What is Change Management and how is it used to control security breaches? What is Configuration Management and how is it used to control security breaches? What is Patch management and how is it used to control security breaches?
3. In a database, to control security, lock controls are implemented and tested using the ACID test. Explain the following terms for each letter within the ACID method: Atomicity, Consistency, Isolation, Durability.