Information Technology /Security+ (SY0-701): Lesson 11: Enhance Application Security Capabilities Part 4
Security+ (SY0-701): Lesson 11: Enhance Application Security Capabilities Part 4
This deck covers key concepts from Lesson 11, focusing on application security enhancements such as error handling, sandboxing, and cloud security.
How can errors/exceptions be handled in a good manner?
By a programmer implementing a structured exception handler (SEH) to dictate what the application should then do.
Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/13
Key Terms
Term
Definition
How can errors/exceptions be handled in a good manner?
By a programmer implementing a structured exception handler (SEH) to dictate what the application should then do.
Define a 'structured exception handler (SEH)'
A mechanism to account for unexpected error conditions that might arise during code execution.
What is the purpose of implementing to code?
To reduce the chances that a program could be exploited.
What is the difference between an error and an exception?
An error is a condition that the process cannot recover from; An exception is a type of error that can be handled by a block of code without the proce...
Define 'cloud hardening'
Fortify the cloud infrastructure, reducing its attack surface.
What should be implemented in the cloud to restrict access to cloud resources?
Least privilege access.
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
How can errors/exceptions be handled in a good manner? | By a programmer implementing a structured exception handler (SEH) to dictate what the application should then do. |
Define a 'structured exception handler (SEH)' | A mechanism to account for unexpected error conditions that might arise during code execution. |
What is the purpose of implementing to code? | To reduce the chances that a program could be exploited. |
What is the difference between an error and an exception? | An error is a condition that the process cannot recover from; An exception is a type of error that can be handled by a block of code without the process crashing. |
Define 'cloud hardening' | Fortify the cloud infrastructure, reducing its attack surface. |
What should be implemented in the cloud to restrict access to cloud resources? | Least privilege access. |
How do modern web browsers implement sandboxing/sandbox environments? | If a website or browser extension in one browser tab attempts to run malicious code, it is confined within that tab's sandbox to prevent malicious code from impacting the entire browsers or the OS. |
How do mobile phone OS's implement sandboxing? | They use sandboxing to limit each app's actions; An app in a sandbox can access its own data and resources but cannot access other app data or any nonessential system resources without explicit permission. |
What are examples of large scale infrastructure sandboxing? | Virtual machines (VMs) and containers like Docker; each VM or container can run in isolation. |
How can sandboxing be leveraged in security operations? | Detecting and understanding malware activities via forensic inspection. |
What is the purpose of using sandboxing in security operations? | To create an enclosed, controlled environment that allows the safe execution of potentially harmful software without affecting the IT environment. |
Which response header provides protection against SSL stripping attacks? | HTTP Strict Transport Security (HSTS) |
What are the two types of centralized logging management are available on Windows? |
|