700 Flashcards
A notification that an unusual condition exists and should be investigated.
alert
The series of steps/formula/process that is followed to arrive at a result.
algorithm
The component or process that analyzes the data collected by the sensor.
analyzer
A calculation that is used to identify risks and calculate the expected loss each year.
annual loss expectancy (ALE)
A calculation of how often a threat will occur.
annualized rate of occurrence (ARO)
The act of looking for variations from normal operations (anomalies) and reacting to them.
anomaly detection
Authentication that doesn’t require a user to provide a username - password - or any other identification before accessing resources.
anonymous authentication
A category of software that uses various methods to prevent and eliminate viruses in a computer.
antivirus
The core program that runs the virus-scanning process.
antivirus engine
Software that identifies the presence of a virus and is capable of removing or quarantining the virus.
antivirus software
A networking capability included with all Macintosh Computers.
AppleTalk
A freestanding device that operates in a largely self-contained manner.
appliance
The seventh layer of the OSI model. This layer deals with how applications access the network and describes application functionality - such as file transfer - messaging - and so on.
Application layer
An abstract interface to the services and protocols provided by an operating system.
Application Programming Interface (API)
A virus that is protected in a way that makes disassembling it difficult.
armored virus
Any resource of value.
asset
Any unauthorized intrusion into the normal operations of a computer or computer network.
attack
Files that hold information about a resource’s access by users.
audit files
The act of tracking resource usage by users.
auditing
Individuals involved in auditing log and security files.
auditors
Verifying that the logs and other resources collected are legitimate.
authenticating the evidence
The means of verifying that someone is who they say they are.
authentication
The time period during which a resource can be accessed.
availability
An opening left in a program application (usually by the developer) that allows additional access to data.
backdoor
Originally created as a support tool - it is now well known as an illicit server program that can be used to gain access to Windows NT/2000 servers and take control.
Back Orifice
A copy of data made to removable media.
backup
A documented plan governing backup situations.
backup plan
A written policy detailing the frequency of backups and the location of storage media.
backup policy
A model designed for the military to address the storage and protection of classified information. The model prevents the user from accessing information that has a higher security rating than they are authorized to access. It also prevents information from being written to a lower level of security.
Bell La-Padula model
A set of rules governing basic operations.
best practices
A device that can authenticate an individual based on a physical characteristic.
biometric device
The science of identifying a person by using one or more of their features. This can be a thumbprint - a retina scan - or any other biological trait.
biometrics
A probability method of finding similar keys in MD5.
birthday attack
A type of symmetric block cipher created by Bruce Schneier.
Blowfish
Also known as the Master Boot Record (MBR). The first sector of the hard disk - where the program that boots the operating system resides. It’s a popular target for viruses.
boot sector
A protocol predominantly used by ISPs that allows routers to share information about routes with each other.
Border Gateway Protocol (BGP)
A router used to translate from LAN framing to WAN framing.
border router
A type of attack that relies purely on trial and error.
brute force attack
A type of DoS attack that occurs when more data is put into a buffer than it can hold - thereby overflowing it (as the name implies.)
buffer overflow attack
A contingency plan that will allow a business to keep running in the event of a disruption to vital resources.
Business Continuity Planning (BCP)
A study of the possible impact if a disruption to a business’s vital resources were to occur.
Business Impact Analysis (BIA)
A type of symmetric block cipher defines by RFC 2144.
Carlisle Adams Stafford Tavares (CAST)
The primary office from which most resources extend.
central office
A digital entity that establishes who you are and is often used with e-commerce
certificate
An issuer of digital certificates (which are then used for digital signatures or key pairs.)
certificate authority (CA)
Policies governing the use of certificates
certificate policies
The principles and procedures employed in the issuing and managing of certifications.
Certificate Practice Statement (CPS)
The act of making a certificate invalid.
certificate revocation
A list of digital certificate revocations that must be regularly downloaded to stay current.
Certificate Revocation List (CRL)
The log of the history of evidence that has been collected.
chain of custody
A protocol that challenges a system to verify identity.
Challenge Handshake Authentication Protocol (CHAP)
Documentation required to make a change in the scope of any particular item.
change documentation
A certain action or moment in time that is used to perform a check. It allows a restart to begin at the last point the data was saved as opposed to from the beginning.
checkpoint
A hexadecimal value computed from transmitted data that is used in error-checking routines.
checksum
A switching method where a dedicated connection between the sender and receiver is maintained throughout the conversation.
circuit switching
An integrity model for creating a secure architecture.
Clark-Wilson model
Unencrypted text that can be read with any editor.
cleartext
The part of a client/server network where the computing is usually done. In a typical setting - a client uses the server for remote storage - backups - or security (such as a firewall).
client
A server-centric network in which all resources are stored on a file server and processing power is distributed among workstations and the file server.
client/server network
An early encryption system offered by the NSA for civilian use that was a hardware implementation of the skipjack encryption algorithm.
clipper chip
A method of balancing loads and providing fault tolerance.
clustering
A type of cabling used in computer networks
coax
The storage and conditions for release of source code provided by a vendor - partner - or other party.
code escrow
A physical site that has all the resources necessary to enable an organization to use it if the main site is inaccessible (destroyed).
cold site
The means and orderly fashion by which evidence is collected - identified - and marked.
collection of evidence
An agreement between individuals to commit fraud or deceit.
collusion
A document of specifications detailing security evaluation methods for IT products and systems.
Common Criteria (CC)
A set of standards - formerly known as the Mutual Recognition Agreement (MRA) - the define Evaluation Assurance Levels (EALs).
Common Criteria Recognition Agreement (CCRA)
An older form of scripting that was used extensively in early web systems.
Common Gateway Interface (CGI)
A virus that creates a new program that runs in place of an expected program of the same name.
companion virus
Standards that support a non-hierarchical security classification.
compartmentalization
The act of assuring that data remains private and no one sees it except for those expected to see it.
confidentiality
The administration of setup and changes to configuration.
configuration management
Communications between two hosts that have no previous session established for synchronizing sent data.
connectionless
Communications between two hosts that have a previous session established for synchronizing sent data.
connection-oriented
A plain-text file stored on your machine that contains information about you (and your preferences) for use by a database server.
cookie
Functions on which the livelihood of the company depends.
critical business functions
The study and practice of finding weaknesses in ciphers.
cryptanalysis
A person who does cryptanalysis.
cryptanalyst
A person who participates in the study of cryptographic algorithms.
cryptographer
A symmetric algorithm - also known as a cipher - used to encrypt and decrypt data.
cryptographic algorithm
The field of mathematics focused on encrypting and decrypting data.
cryptography
An individual responsible for maintaining the data - and the integrity of it - within their area.
custodian
An error-checking method in data communications that runs a formula against data before transmission.
cyclical redundancy check (CRC)
A level of confidence that data won’t be jeopardized and will be kept secure.
data integrity
The second layer of the OSI model. It describes the physical topology of a network.
Data Link layer
A unit of data sent over a network. A packet includes a header - addressing information - and the data itself.
data packet
A centralized storage location for data - such as a database.
data repository
Where data originates.
data source
A Layer 3 packet descriptor.
datagram
The process of converting encrypted data back into its original form.
decryption
The router to which all packets are sent when the workstation doesn’t know where the destination station is or when it can’t find the destination station on the local segment.
default gateway
A method of placing web and other servers that serve the general public outside the firewall and - therefore - isolating them from internal network access.
demilitarized zone (DMZ)
A type of attack that prevents any users–even legitimate ones–from using the system.
Denial of Service (DoS) attack
A portion of a complete address of the PC to which data is being sent from a sending PC. The port portion allows for the demultiplexing of data to be sent to a specific application.
destination port number
The act of noticing an irregularity as it occurs.
detection
An attack that uses words from a database (dictionary) to test against passwords until a match is found.
dictionary attack
A type of backup that includes only new files or files that have changed since the last full backup.
differential backup
This cryptographic algorithm is used primarily to send secret keys across public networks. The process isn’t used to encrypt or decrypt messages; it’s used merely for the transmission of keys in a secure manner.
Diffie-Hellman
An electronic signature whose sole purpose is to authenticate the sender.
digital signature
