Refer to Chapter 5 - Slides 6 - Salting
Salting is used to make hashing more secure. If two users have the same password, they will also have the same password hashes. A salt, which is a random string of characters, is an additional input to the password before hashing. This creates a different hash result for the two passwords

Which method tries all possible passwords until a match is found?

Refer to Chapter 5 - Slides 5 - Hashing Algorithms
A brute-force attack attempts every possible combination of characters up to a given length. A brute-force attack takes a lot of processor time, but it is just a matter of time before this method discovers the password

A user downloads an updated driver for a video card from a website. A warning message pops up saying the driver is not approved. What does this piece of software lack?

Refer to Chapter 5 - Slides 10 - How Digital Signature Technology Works (In Notes Pane)
The following two situations provide examples of using digital signatures:
1) Code signing - Used to verify the integrity of executable files downloaded from a vendor website. Code signing also uses signed digital certificates to authenticate and verify the identity of the site.

2) Digital certificates - Used to verify the identity of an organization or individual to authenticate a vendor website and establish an encrypted connection to exchange confidential data

Write down one criteria used for validation rule. (more then 1 answer)

Refer to Chapter 5 - Slides 17 - Database Validation
A validation rule checks that data falls within the parameters defined by the database designer. A validation rule helps to ensure the completeness, accuracy and consistency of data. The criteria used in a validation rule include the following:
1) Size – checks the number of characters in a data item
2) Format – checks that the data conforms to a specified format
3) Consistency – checks for the consistency of codes in related data items
4) Range – checks that data lies within a minimum and maximum value
5) Check digit – provides for an extra calculation to generate a check digit for error detection

A user wants to ensure that when new users downloaded his newly created program, the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?

Refer to Chapter 5 - Slides 4 - Hashing Algorithms (In Notes Pane)
What is Hashing?
Users need to know that their data remains unchanged while at rest or in transit. Hashing is a tool that ensures data integrity by taking binary data (the message) and producing a fixed-length representation called the hash value or message digest

What is the standard for a public key infrastructure to manage digital certificates?

Refer to Chapter 5 - Slides 13 - Constructing a Digital Certificate
The X.509 is the standard for construction of digital certificates and the public key infrastructure (PKI) used to manage digital certificates. 

A recent breach at a company due to the ability of a hacker to access the corporate database through the company website by using malformed data in the login form. What is the problem with the company website?

Refer to Chapter 5 - Slides 17 - Database Validation (In Notes Pane)
Input Validation
One of the most vulnerable aspects of database integrity management is controlling the data input process. Many well-known attacks run against a database and insert malformed data. The attack can confuse, crash, or make the application divulge too much information to the attacker. Attackers use automated input attacks.