2.0 Flashcards

1
Q

MFD

A

Multifunction devices
A device, such as a printer, with multiple functions, such as printing and scanning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SoC

A

System on a Chip
The integration of complete system functions on a single chip in order to simplify construction of devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

RTOS

A

Real-Time Operating System
Are designed for devices where the processing must occur in real time and data cannot be queued or buffered for any significant length of time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IaaS

A

Allows an organization to outsource its equipment requirements, including the hardware and all support operations. The IaaS service provider owns the equipment, houses it in its data center, and performs all the required hardware maintenance.
Ex. Amazon Web Services (AWS), Microsoft Azure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SaaS

A

Software as a Service
Any software or application provided to users over a network such as the Internet. Internet users access the SaaS applications with a web browser.
Ex. Gmail, Yahoo! Mail, Google Docs, One Drive etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PaaS

A

Platform as a Service
provides customers with a preconfigured computing platform they can use as needed. It provides the customer with an easy-to-configure operating system, combined with appropriate applications and on-demand computing.
Ex. Salesforce, Github, Docker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

TOTP

A

Time-based One-Time Password
A password that is used once and is only valid during a specific time period.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

WAF

A

Web Application Firewall
A firewall that operates at the application level, specifically designed to protect web applications by examining requests at the application stack level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Public Cloud

A

A cloud service that is rendered over a system open for public use. Services are available from third-party companies, such as Amazon, Google, Microsoft, and Apple.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Community Cloud

A

A cloud system is one where several organizations with a common interest share a cloud environment for the specific purposes of the shared endeavor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Private Cloud

A

A cloud system where it is essentially reserved resources used only by your organization if your organization is highly sensitive to sharing resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Hybrid Cloud

A

Is a combination of two or more clouds. They can be private, public, community, or a combination of these.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Federation

A

Defines policies, protocols, and practices to manage identities across systems and organizations. Federation’s ultimate goal is to allow users to seamlessly access data or systems across domains.
Ex. Provide network access to others, not just employees but partners, suppliers, customers, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

DNS sinkhole

A

Domain Name System sinkhole
This is a technique used to redirect malicious or unwanted traffic to a specific IP address. It’s often used as a security measure to block access to malicious domains or to filter out unwanted content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Honeynet

A

A network designed to look like a corporate network but is made attractive to attackers. A honeynet is a collection of honeypots.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Honeypot

A

It is a server that is designed to act like a real server on a corporate network, but rather than having real data, the honeypot possesses fake data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Screened subnet (formerly known as DMZ)

A

Demilitarized zone
A network segment that exists in a semi-protected zone between the Internet and the inner, secure trusted network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

UPS

A

Uninterruptible power supply
Provides short-term power and can protect against power fluctuations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Blockchain

A

A distributed ledger with growing lists of records (blocks) that are securely linked together via cryptographic hashes.
Keeps track of transactions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Asymmetric encryption

A

Uses two keys (public and private) created as a matched pair.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Symmetric encryption

A

Uses the same key to encrypt and decrypt data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Faraday cage

A

Room/ cage that prevents radio frequency (RF) signals or Electromagnetic interference (EMI) from entering into or emanating beyond a room.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Obfuscation

A

Altering the format, structure, or presentation of data or code without changing its functionality, making it challenging for adversaries to interpret or exploit the information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Key stretching

A

Cryptographic technique used to enhance the security of passwords or cryptographic keys by increasing their complexity and resistance to brute-force attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Digital signature
An electronic, encrypted, stamp of authentication on digital information such as email messages, macros, or electronic documents. Used for non-repudiation and integrity.
26
MSP/MSSP
Managed Service Provider/ Managed Service Provider A third party that manages and maintains the security environment for companies. MSP support – Network connectivity management – Backups and disaster recovery – Growth management and planning
27
Continuous monitoring
To describe the technologies and processes employed to enable rapid detection of compliance issues and security risks. Check for a particular event, and then react.
28
Stored Procedure
Stored procedures are precompiled scripted methods of data access (SQL)
29
Normalization
The process of creating the simplest form, of a string, before processing. To reduce and eliminate redundancy
30
Attestation
Attestation can be done by a service that checks the credentials supplied, and if they are correct and match the required values, the service can attest that the entry is valid or correct.
31
HOTP
HMAC-based One-Time Password algorithm Keyed-hash message authentication code (HMAC). The keys are based on a secret key and a counter. Use them once, and never again.
32
HE
Homomorphic Encryption A set of algorithms that allows operations to be conducted on encrypted data, without decrypting and reencrypting.
33
ECC
Elliptic curve cryptography An approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. As a public-key cryptosystem, it relies on an asymmetric algorithm. Ex. of use is for mobile devices
34
Key exchange
A cryptographic method used to share cryptographic keys between two entities.
35
Ephemeral keys
Cryptographic keys that are used only once after generation.
36
Diffie–Hellman key exchange
Cryptographic protocol used to securely exchange encryption keys over an insecure medium.
37
Perfect forward secrecy
A feature of cryptographic systems that ensures that even if a long-term secret key is compromised, past communications remain secure. Generates random public keys for each session
38
Steganography
hides data inside other data, it hides data in plain sight. The goal is to hide the data in such a way that no one suspects there is a hidden message.
39
Stream Cipher
Encrypts data as a stream of bits or bytes rather than dividing it into blocks. It is done one at a time
40
Block
A block cipher encrypts plaintext one block at a time.
41
IP schema
An IP address plan or model
42
IRM
Information Rights Document To control how data is used. Restrict data access to unauthorized persons.
43
Fake telemetry
When security teams/tools send false information back to an attacker spotted using offensive security tools, like port scanners
44
Edge computing
The practice of storing and processing data close to the devices that generate and use the data. Which could be within a local area network (LAN) or on devices themselves.
45
Fog Computing
Complements cloud computing by processing data from IoT devices. Often places gateway devices in the field to collect and correlate data centrally at the edge.
46
Thin Client
A lightweight computer, with limited resources, whose primary purpose is to communicate with another machine
47
Container
Services or applications within isolated containers or application cells.
48
Microservices
They are small, independent code modules that perform specific functions, receive input (value), and produce output (value) through well-defined interfaces or APIs.
49
Serverless Architecture
A cloud computing model where developers can build and run applications without managing the underlying infrastructure.
50
Transfer gateway
A transit gateway is used to connect VPCs to an on-premises network.
51
Resource policies
Assigning permissions to cloud resources
52
Service Integration
Deploying multiple connection from multiple cloud services
53
SDN
Software-Defined Networking an approach to networking that separates the control plane from the data plane, allowing centralized control and programmability of network devices through software-based controllers.
54
SDV
Software-Defined Visibility Ensures that all traffic is viewable and can be analyzed.
55
Virtual machine (VM) sprawl avoidance
Refers to strategies and practices aimed at preventing the uncontrolled proliferation of virtual machines within an IT environment.
56
VM escape protection
Refers to measures and techniques implemented to prevent unauthorized access or exploitation of vulnerabilities that could allow an attacker to escape from a virtual machine (VM) and gain access to the underlying hypervisor or host system.
57
Snapshot
A snapshot is an image of the virtual machine (VM) at some point in time. It is standard practice to periodically take a snapshot of a virtual system so that you can return that system to a last known good state.
58
Elasticity
The ability to increase or decrease available resources as the workload changes.
59
Scalability
The ability to increase the workload in a given infrastructure.
60
Provisioning
Deploying an application
61
Deprovisioning
Dismantling and removing an application instance.
62
VPC
Virtual Private Cloud virtual device within a virtual network. Users or services can connect to the VPC endpoint and then access other resources via the virtual network instead of accessing the resources directly via the Internet.
63
FRR
False rejection rate Likelihood that an authorized user will be rejected
64
FAR
False acceptance rate Likelihood that an unauthorized user will be accepted
65
CER
Crossover error rate Defines the overall accuracy of a biometric system
66
Pulping
An additional step taken after shredding paper. It reduces the shredded paper to mash or puree. Removes the ink.
67
Pulverizing
physical process of destruction using excessive physical force to break an item into unusable pieces, such as with a sledge hammer (and safety goggles).
68
Degaussing
Destroying files on magnetic storage devices (that is, magnetic tape and hard drives) is to destroy the data magnetically, using a strong magnetic field to degauss the media.
69
Access control vestibules
Sometimes call mantraps allow only a single person to pass at a time.
70
Protected cable distribution
A physically secure cabled network. Protect your cables and fibers
71
Air Gap
A physical security control that ensures that a computer or network is physically isolated from another computer or network.
72
Geographic dispersal
Use multiple data centers in different locations so that personnel can easily retrieve the backups when disaster happens in the current data center.
73
Multipath
It uses a separate data transfer path to and from the storage hardware.
74
Configuration Management
Ensures that systems are configured, in other words, configurations are known and documented.
75
Change management
Identify and document changes to reduce outages or weekend security from unauthorized changes.
76
Standard Naming Conventions
Are used to make identifying device type easier.
77
Asset management
Maintain an up-to-date asset register to ease the process of tracking and maintaining assets.
78
Baseline Configuration
Ensuring that systems are deployed with a common baseline or starting point
79
DRM
Digital Rights Management Allow content owners to enforce restrictions on their content that is used by others.
80
Data Sovereignty
Digital data that is subject to laws and regulations of the country it was created and cannot be moved to another region
81
IaC
Infrastructure as code is a management of infrastructure described in code
82
Integrity Measurement
Measuring and identification of changes to a system to ensures that the application performs as it should do and conforms to data industry standards and regulations.
83
Memory management
Code should be written to minimize memory consumption and return memory to the system when no longer needed.
84
Software Diversity
Creation of software that’s different on each user endpoint/device
85
OWASP
An organization that provides the most up to date of web application concerns/ attacks.
86
Static codes
a static set of numbers and letters to provide for authentication. A password or passphrase is an example of an alphanumeric static code.
87
NIC
Network Interface Card Dual network cards, paired together to give maximum throughput. Should one adapter fail, the other can ensure the server or client maintains network connectivity.
88
89
PDUs
Managed Power Distribution Units A device that provides multiple power outlets (for power cable plugs). A managed PDU includes network connectivity for remote connection and management of the power outlets.
90
SAN
Storage Area Network A hardware device that contains a large number of fast disks, such as Solid-State Drives (SSDs), usually isolated from the LAN on its own network
91
NAS
Network-attached storage Connect to a shared storage device across the network
92
HA
High Availability The ability to keep services up and running for long periods of time.
93
FPGA
Field-Programmable Gate Array an array of programmable logic blocks, designed to be configured by customer or designer after manufacturing.
94
SCADA/ICS
Supervisory control and data acquisition /industrial control system Are systems used for controlling and monitoring industrial processes.
95
Narrow Band
Refers to radio communications that carry signals in a narrowband of frequencies Used in a variety of scenarios requiring short range, wireless communication
96
Baseband Radio
Used for audio signals over a radio frequency transmitted over a single channel uses a single frequency for communication, and is digital
97
Zigbee
A short-range wireless PAN (Personal Area Network) technology developed to support automation, machine-to-machine communication, remote control and monitoring of IoT devices.
98
Industrial camouflage
For company facilities housing important resources and operations, designing the building to prevent recognition.
99
Proximity reader
It is commonly used to gain access to doors, or door locks.
100
Air gap
Create “air gaps” between some systems that are used internally to separate confidential systems from standard systems.
101
Quantum
Harnessing the principles of quantum mechanics to improve security.
102
Counter
Uses an incrementing counter instead of a seed. Errors do not propagate.
103
Post-quantum cryptography
Breaks our existing encryption mechanisms
104
Stream ciphers
Encryption is done one bit or byte at a time is a method of encrypting text in which a cryptographic key and algorithm are applied to a block of data
105
Block ciphers
Is a method of encrypting text in which a cryptographic key and algorithm are applied to a block of data
106
Entropy
a measure of the randomness or diversity of a data-generating function. Data with full entropy is completely random with no meaningful patterns.