CITP EXAM QUESTIONS AND ANSWERS:
LATEST UPDATE (ALREADY GRADED A+.)
Single-Sign-On (SSO)
An authentication process that allows the user to enter a single set of credentials to access multiple
applications.
Social Engineering
A general term for how attackers can try to persuade a user to provide information or create some other
sort of security vulnerability.
Software Requirements Specification
A formal documentation of a software system or product to be developed that includes both functional
and nonfunctional requirements. These are used so that the individual tasked with creating the system
or product is aware of the needs of the individual seeking the creation.
SPAM
Unsolicited commercial e-mail.
Spear Phishing
Phishing targeted at a particular group of people with a known affiliation to some organization.
SQL Injection
Taking advantage of SQL forms by inserting commands in information entry boxes. SQL is transferred in
such a way that commands placed in forms can be seen as valid commands and affect the system in
whatever way that command operates. Hackers can use SQL Injections to erase data banks, over load
servers, etc. if the SQL isn't properly set up to avoid such attacks.
Storage Encryption
The use of encryption to protect stored or backed-up data both in transit and in the storage medium to
provide an additional layer of security.
Structured Query Language
A special-purpose programming language that allows for the creation of interactive forms which users
can insert, alter and delete data they have input, and the system administrators can easily transfer
information into usable data banks of user information. Originally developed by IBM, SQL has become
an international standard for data collection and use.
Super Cookie
A tracking mechanism that persists even after all cookies have been deleted, usually using several
varying types of storage to remain within a device.
LATEST UPDATE (ALREADY GRADED A+.)
Single-Sign-On (SSO)
An authentication process that allows the user to enter a single set of credentials to access multiple
applications.
Social Engineering
A general term for how attackers can try to persuade a user to provide information or create some other
sort of security vulnerability.
Software Requirements Specification
A formal documentation of a software system or product to be developed that includes both functional
and nonfunctional requirements. These are used so that the individual tasked with creating the system
or product is aware of the needs of the individual seeking the creation.
SPAM
Unsolicited commercial e-mail.
Spear Phishing
Phishing targeted at a particular group of people with a known affiliation to some organization.
SQL Injection
Taking advantage of SQL forms by inserting commands in information entry boxes. SQL is transferred in
such a way that commands placed in forms can be seen as valid commands and affect the system in
whatever way that command operates. Hackers can use SQL Injections to erase data banks, over load
servers, etc. if the SQL isn't properly set up to avoid such attacks.
Storage Encryption
The use of encryption to protect stored or backed-up data both in transit and in the storage medium to
provide an additional layer of security.
Structured Query Language
A special-purpose programming language that allows for the creation of interactive forms which users
can insert, alter and delete data they have input, and the system administrators can easily transfer
information into usable data banks of user information. Originally developed by IBM, SQL has become
an international standard for data collection and use.
Super Cookie
A tracking mechanism that persists even after all cookies have been deleted, usually using several
varying types of storage to remain within a device.
