1.4-2.2 Flashcards

1
Q

hsm

A

hardware security module. high end cryptographic hardware, stores thousands of crypto keys. used for multiple devices or in large environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

key management system

A

on premises or cloud based. manage from a centralized manager(third party software) all key from one console.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

secure enclave

A

the tpm for mobile devices. does all encryption and other security features.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

obfuscation

A

process of making something unclear. how receipts only give last 4 of credit card

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

steganography

A

concealed writing. message is invisible. invisible watermarks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

audio steganography

A

modify the digital audio file, secret message within the audio.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

video steganograpy

A

a sequence of images, use image steganography on a larger scale.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

tokenization

A

replace sensitive data with a non sensitive placeholder. ssn 111-12-1111 is now 235-45-4581

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

data masking

A

data obfuscation, may only be hidden from view, control the view based on permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

collision

A

different inputs create same hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

salting

A

random data added to a password when hashing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

blockchain

A

a distributed ledger, keep track of transactions with inherent security options.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Open public ledger

A

A public ledger is an open-access network; anyone can join at any time. The public ledger is fully decentralized, and no single entity controls the blockchain network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

self signed

A

Internal certificates don’t need to be signed by public CA. Build your own CA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

root of trust

A

inherently trusted component. trusted from someones elses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

certificate signing requests

A

send your public and private key with your identifying info. to the CA to be signed that is the (Certificate Signing Request, (CSR))

The CA validates the request

CA digitally signs the certificate with their private key.

17
Q

wildcard certificates

A

allows a certificate to support many different domains.

18
Q

threat actors

A

the entity responsible for an event that has an impact on the safety of another entity.

19
Q

what are attributes of threat actor

A

internal/external
resources/funding
level of sophistication/capability

20
Q

nation states

A

external entity
-govt and national security.

21
Q

hacktivist

A

a hacker with a purpose.
-motivated by philosophy, revenge

22
Q

organized crime

A

professional criminals.
-motivated by money
-Very sophisticated

23
Q

shadow IT

A

going rogue
-working around the internal IT organization
-builds their own infrastructure.

24
Q

threat vectors

A

method used by attacker to gain access or infect target.

25
Q

file based vector

A

adobe pdf, zip/rar, microsoft office

26
Q

vulnerable software vectors

A

client-based. such as an -infected executable, or known or unknown vulnerabilities
agentless- meaning the attacker would infect the server

27
Q

msps

A

managed service providers.

28
Q

smishing

A

sms phishing

29
Q

vishing

A

voice phishing

30
Q

tpm

A

trusted platform module. cryptographic processor, random number generator, key generator. password protected