Logo

Go on. Explore!

lvl 0 0 xp

lvl 1

HomeMarketDecksInterests
Programming Languages

Programming Languages

memorize.aimemorize.ai (lvl 286)
Star 0%
Star 0%
Star 0%
Star 0%
Star 0%
(0)
(0)
(0)
32 cards
()
Section 1

Preview this deck

Define inheritence

Front

1 / 32

GoR Programming Language
Star 0%
Star 0%
Star 0%
Star 0%
Star 0%

0.0

0 reviews

5
0
4
0
3
0
2
0
1
0

Active users

0

All-time users

0

Favorites

0

Last updated

6 years ago

Date created

Mar 14, 2020

Cards (32)

Section 1

(32 cards)

Define inheritence

Front

The use of a base parent class and defining specific extensions of it

Back

Name the rules for scrubbing output

Front

Encrypt information that is secret; include only what is necessary for the external process; do not assume trust for the external system

Back

Define compiling

Front

The process of translating the high-level language into native machine code or intermediary code that will be used by an interpreter

Back

Name some rules for assessing input

Front

Never allow input over the maximum length to be stored in a variable; process the input one character, word, or byte at a time; never leave extra input on the incoming line

Back

Name several rules that should be followed with any system, but particularly with JIT systems

Front

Never execute user input (executing output is acceptable); keep a layer between your code and user input; handle exceptions

Back

The number one issue with any system

Front

The user

Back

Define ahead-of-time compilation

Front

Used for stand-alone applications and thick clients; will generally be a step in packaging the system for release

Back

Name the defensive techniques used to mitigate buffer overflows

Front

Array bounding; pointer handler indirection; data canaries; strict read and write limits

Back

Name the steps to mitigate vulnerabilities in a function if the function must be used

Front

Research the vulnerability and mitigate your code accordingly; make sure all external systems are running the latest version with all security patches in place; quiet the error logs; heed the compiler

Back

Describe a nonexecutable stack

Front

Some portions of memory are not allocated to contain executable code

Back

Name two methods for preventing stack smashing

Front

Stack canaries; nonexecutable stacks

Back

Describe the technique of strict read and write limits

Front

A mechanism used to digest and discard excess input from the user, such as a character-by-character read that will store to a junk character after it has passed the acceptable limit of input

Back

Define overload

Front

A redefinition of an existing operation for a new class

Back

Describe how a stack smash works

Front

Forcing new calls onto the stack or new information onto the stack to where the size of the stack exceeds the space allotted to the program, leading to a crash. After the system crashes, the malicious code will be executed

Back

Define pseudocode

Front

A mix between programming language structures and pure human language

Back

Describe an interpreted language

Front

A language that has a lower layer of machine code that dynamically reads commands from a higher-level language

Back

Define just-in-time (JIT) compilation

Front

Used by web applications to allow for dynamic instructions that come from other system modules or processing. The system is constantly being recompiled before each execution

Back

Describe the technique of pointer handling indirection

Front

When a pointer variable is being used, it should have a layer of indirection between the pointer update and any input from the user

Back

Describe how overloading could be abused

Front

It can potentially be misused or called in error between two dissimilar classes if there is no strong typing in the language of choice, causing a mismatch that the compiler will not catch

Back

Describe how output scrubbing differs from input scrubbing

Front

You do not need to worry about format and injection unless you are passing user input through your system into another external component

Back

Describe the technique of array bounding

Front

Validate the value of the array index before any call is made to retrieve or store data

Back

The type of buffer overflow that attacks the vulnerable call stack

Front

Stack smash

Back

Define machine code

Front

The set of instructions that is supported by the central processing unit (CPU) of the system for performing tasks; generally a small set of fixed instructions that can be combined for greater versatility and an expanded functionality

Back

Define a regular expression (regex)

Front

A specialized sequence of text that facilitates a quick and descriptive search of a string

Back

Describe the precaution that should be used with inheritance

Front

The child class should never violate the security assertions of the parent class

Back

Describe the technique of data canary

Front

A value located at the end of an assigned buffer length can be checked to verify that an overflow has not occurred. These can be overwritten if the attacker knows the location and value

Back

Define pointer

Front

A data type that contains a reference to a memory location containing a data value

Back

Define programming language

Front

A set of rules, worlds, symbols, and codes used to write computer programs.

Back

Define application programming interface (API)

Front

Created to allow a system to call existing functionality in another module or system through a specified interface

Back

Name the minimum input validation measures

Front

Length, format

Back

Another name for executables

Front

Binaries

Back

Describe a stack canary

Front

A randomly chosen small integer value that is placed in the stack adjacent to the return address for code execution. This makes it so the canary is overwritten instead of the return address. If the canary does not match, the return address cannot be used trusted for execution

Back