What are 3 web application security design considerations?

What is an insecure direct object reference?

What is Cross Site Scripting (XSS)?

What is a CSRF?

What is click jacking?

What is input validation?

What are the two types of privilege escalation?

What is vertical privilege escalation?

What is horizontal privilege escalation?

What is fuzz testing (fuzzing)

What is a race condition?

What are two disposal methods?

What is data purging?

What is data clearing?

What is an application security framework?

What 3 components are provided by an application security library?

What are 5 organizations that are generally industry accepted approaches to application security?

What is WASC?

What is OWASP?

What is BSI?

What is ISO/IEC 27000?

What is WS-Security

What are the 3 main mechanisms of WSS?

What are some common models for software development?
Card 1 of 2

What are some common models for software development?
Card 2 of 2

In reference to software development, what is the build and fix model?

In reference to software development, what is the waterfall method?

In reference to software development, what is the V-Shaped model?

In reference to software development, what is the prototyping model?

In reference to software development, what is the incremental model?

In reference to software development, what is the spiral model?

In reference to software development, what is the Rapid Application Development (RAD) model?

In reference to software development, what is the agile model?

In reference to software development, what is the Joint Analysis (or Application) Development (JAD) model?

In reference to software development, what is the clean room model?

What is DAM?

What is a WAF?

What is REST?

What are two popular RESTful web services?

What are advantages to using REST/JSON over SOAP/XML?

What is a browser extension?

What is ActiveX?

What is a Java applet?

What is AJAX?

What is SOAP?

What is defined in the SOAP messaging framework?