400 Flashcards
Anything that occurs after the fact - such as an audit or review
postmortem
Controls intended to prevent attacks or intrusions
preventive controls
A state of security in which information isn’t seen by unauthorized parties without the express permission of the party involved
privacy
Screens that restrict viewing of monitors to only those sitting in front of them
privacy filters
A cloud delivery model owned and managed internally
private cloud
An asymmetric encryption technology in which both the sender and the receiver have different keys
private key
The result when a user obtains access to a resource they wouldn’t
privilege escalation
The likelihood of something occurring
probability
A mode wherein a network interface card (NIC) intercepts all traffic crossing the network wire and not just the traffic intended for it
promiscuous mode
A network in which physical network security has been substituted for encryption security
protected distribution system (PDS)
An authentication protocol that replaces LEAP and for which there is native support in Windows
Protected Extensible Authentication Protocol (PEAP)
A software and hardware troubleshooting tool that is used to decode protocol information to try to determine the source of a network problem and to establish baselines
protocol analyzer
Cards that can be read by being near a reader
proximity cards
Readers capable of working with proximity cards
proximity readers
A type of system that prevents direct communication between a client and a host by acting as an intermediarty
proxy
A proxy server that also acts as a firewall - blocking network access from external networks
proxy firewall
A type of server that makes a single Internet connection and services requests on behalf of many users
proxy server
Cameras that can pan - tilt - and zoom
PTZ
A cloud delivery model available to others
public cloud
A technology that facilitates encryption using two keys—a public key and a private key- to facilitate communication
public key
A set of voluntary standards created by RSA security and industry leaders
Public-Key Cryptography Standards (PKCS)
A two-key encryption system wherein messages are encrypted with a private key and decrypted with a public key
public-key infrastructure (PKI)
The Internet Engineering Task Force (IETF) working group developing standards and models for the Public Key Infrastructure (PKI) environment
Public-Key Infrastructure X.509 (PKIX)
A collection of technologies that provide the ability to balance network traffic and prioritize workloads
QoS (quality of service)
Used in risk management - it involves measuring the quality of something (as opposed to the quantity)
qualitative
Numerically measuring the quantity of something (as opposed to the quality)
quantitative
Cryptography based on changing the polarity of a photon
quantum cryptography
The byproduct of electrical processes - similar to electromagnetic interference
radio frequency interference (RFI
A table of hashed phrases/words that can be used in a password attack
rainbow table
Software that demands payment before restoring the data or system infected
ransomware
Within business continuity planning - this is the point of maximum tolerable loss for a system due to a major incident
recovery point objective (RPO)
The maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable
recovery time objective (RTO)
A configuration of multiple hard disks used to provide fault tolerance should a disk fail
Redundant Array of Independent Disks (RAID)
An organization that offloads some of the work from a certificate authority (CA)
registration authority (RA)
A database technology that allows data to be viewed in dynamic way based on the users or administrators needs
relational database
A computer that has one or more connections installed to enable remote connections to the network
Remote Access Services (RAS)
A networking protocol that allows authentication of dial-in and other network connections
Remote Authentication Dial-In User Service (RADIUS)
A protocol used to allow remote desktop connections
Remote Desktop Protocol (RDP
A programming interface that allows a remote computer to run programs on a local machine
Remote Procedure Call (RPC)
The process of sending a command to remotely clear data
remote wipe