Software Development Jeopardy Template

Physical and Software Security Controls

Auditing and Penetration Testing

Software security and data vulnerabilities

Web Application Risks

Legislation

100

To confirm that an user can access a specific resource

What is User Authentication?

100

A security flaw or weakness found in software code that could be exploited

Software Vulnerability

100

Malicious software designed to infiltrate and damage computer systems without authorisation

Malware

100

Computer program used to prevent, detect, and remove malware

Antivirus Software

100

Laws created in the Australian Parliament house that apply to the whole country

Federal Laws

200

Turn the plaintext into ciphertext

Encrypt

200

Take advantage of a vulnerability

Exploit

200

Pretending to be a reputable entity or person in order to induce the disclosure of sensitive information

Pishing

200

Allows malicious script to be inserted into a regular web page form to gain access or information.

Cross-site scripting (XSS)

200

The preparing and enacting of laws

Legislation

300

An encoded message

Ciphertext

300

Strategies to identify and minimize potential risks

Software auditing and Penetration testing

300

Eavesdropping attack where communication and data are exposed to an unauthorised third party

Man-in-the-Middle-Attack

300

Record keystrokes from a computer and send passwords or sensitive information to unauthorised attackers.

Keyloggers

300

Original work is the property of the person who created it

400

The same key is used by the receiver and sender for secure communication over the internet.

Symmetric Encryption

400

Simulated cyber attack to check for vulnerabilities within a computer system

Penetration Testing

400

Personal information is accessed, disclosed without authorisation, or is lost.

Data Breaches

400

Redirects users to false websites that imitate the legitimate URL

Pharming

400

At a federal level, law is concerned with how information about people can be used.

Privacy Act 1988

500

Git/Github to manage changes to source code over time

Version Control System

500

To uncover any issues or problems of a software

Software Auditing

500

Tricking the victim into clicking 'accept' with admin permissions or into giving the attacker physical access to a device

Social Engineering

500

Standard set of instructions that can manipulate a database server

SQL injection

500

Privacy and Data Protection Act 2014 applies to these entities

Centrelink, VicRoads, WorkSafe