Red Hat Product Security Crossword

1234567891011121314151617181920212223242526272829303132333435363738394041
Across
  1. 5. Identifying and addressing security risks before an attack occurs.
  2. 7. A record of everything that has happened to source code, components or packages.
  3. 11. Program instructions.
  4. 12. Ensuring no single individual has control of a transaction from beginning to end.
  5. 13. A storage location for software packages.
  6. 17. A set of practices that combines software development and IT operations.
  7. 18. Ensuring an actor is only able to access the information and resources that are necessary for its legitimate purpose.
  8. 24. The set of points on the boundary of a system where an attacker can try to enter, cause an effect on, or extract data.
  9. 28. A chain of processing elements arranged so that the output of each element is the input of the next.
  10. 31. A development methodology that emphasizes teamwork, customer involvement and the creation of small or partial pieces of the total system that are tested in a user environment.
  11. 32. A string of characters that allows access to a computer system or service.
  12. 33. Submitting random or invalid data as inputs in an attempt to identify bugs or vulnerabilities.
  13. 34. The process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed.
  14. 36. Safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets.
  15. 37. The possibility of something bad happening.
  16. 38. A concept that addresses logging transactions so they can be reviewed at a later time to determine who did what when and where.
  17. 39. A product or service intended to allow a user to more efficiently complete a set of tasks.
  18. 40. A type of scan that examines an application as it's running to find vulnerabilities that an attacker could exploit.
  19. 41. A type of scan used to secure software by reviewing the source code of the software to identify sources of vulnerabilities.
Down
  1. 1. The origin from which source code, components or packages came from.
  2. 2. The concept of maintaining and assuring the accuracy and completeness of data over its entire lifecycle.
  3. 3. Defending against attacks that have already happened.
  4. 4. Using several independent layers of security controls so that if one fails another will be operative.
  5. 6. Software for which the original source code is made freely available and may be redistributed and modified.
  6. 8. The assurance that someone cannot deny or refute actions they have taken.
  7. 9. The verification of identity or tools for authentication.
  8. 10. A direction toward the original authors or maintainers of software that is distributed as source code.
  9. 14. An idea implemented to protect software against malicious attack and other hacker risks so that the software continues to function correctly under such potential risks.
  10. 15. A weakness which can be exploited by an attacker.
  11. 16. Red Hat’s process for managing issues that will generate media attention and increase the level of customer interest beyond a typical vulnerability response.
  12. 19. Establishing a user’s identity.
  13. 20. Rights and privileges granted to an individual or process that enable access to resources and information.
  14. 21. A process by which potential threats can be identified, enumerated, and mitigations can be prioritized.
  15. 22. A unique identifier assigned to unique states of computer software.
  16. 23. A general term for someone who is interested in attacking information technology systems.
  17. 25. A piece of information that determines the functional output of a cryptographic algorithm.
  18. 26. Someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network.
  19. 27. Observing whether software resists or tolerates attacks upon it and how it behaves when it cannot do so.
  20. 29. The concept that computing systems used to store and process information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly.
  21. 30. The concept that information is not made available or disclosed to unauthorized individuals, entities, or processes.
  22. 34. A method of protecting information and communications through the use of codes, so that only those for whom it is intended can read and process it.
  23. 35. A set of tools that provides users visibility into their open source inventory.