700

Question 1

A notification that an unusual condition exists and should be investigated.

Answer 1

alert

Question 2

The series of steps/formula/process that is followed to arrive at a result.

Answer 2

algorithm

Question 3

The component or process that analyzes the data collected by the sensor.

Answer 3

analyzer

Question 4

A calculation that is used to identify risks and calculate the expected loss each year.

Answer 4

annual loss expectancy (ALE)

Question 5

A calculation of how often a threat will occur.

Answer 5

annualized rate of occurrence (ARO)

Question 6

The act of looking for variations from normal operations (anomalies) and reacting to them.

Answer 6

anomaly detection

Question 7

Authentication that doesn’t require a user to provide a username - password - or any other identification before accessing resources.

Answer 7

anonymous authentication

Question 8

A category of software that uses various methods to prevent and eliminate viruses in a computer.

Answer 8

antivirus

Question 9

The core program that runs the virus-scanning process.

Answer 9

antivirus engine

Question 10

Software that identifies the presence of a virus and is capable of removing or quarantining the virus.

Answer 10

antivirus software

Question 11

A networking capability included with all Macintosh Computers.

Answer 11

AppleTalk

Question 12

A freestanding device that operates in a largely self-contained manner.

Answer 12

appliance

Question 13

The seventh layer of the OSI model. This layer deals with how applications access the network and describes application functionality - such as file transfer - messaging - and so on.

Answer 13

Application layer

Question 14

An abstract interface to the services and protocols provided by an operating system.

Answer 14

Application Programming Interface (API)

Question 15

A virus that is protected in a way that makes disassembling it difficult.

Answer 15

armored virus

Question 16

Any resource of value.

Answer 16

asset

Question 17

Any unauthorized intrusion into the normal operations of a computer or computer network.

Answer 17

attack

Question 18

Files that hold information about a resource’s access by users.

Answer 18

audit files

Question 19

The act of tracking resource usage by users.

Answer 19

auditing

Question 20

Individuals involved in auditing log and security files.

Answer 20

auditors

Question 21

Verifying that the logs and other resources collected are legitimate.

Answer 21

authenticating the evidence

Question 22

The means of verifying that someone is who they say they are.

Answer 22

authentication

Question 23

The time period during which a resource can be accessed.

Answer 23

availability

Question 24

An opening left in a program application (usually by the developer) that allows additional access to data.

Answer 24

backdoor

Question 25

Originally created as a support tool - it is now well known as an illicit server program that can be used to gain access to Windows NT/2000 servers and take control.

Answer 25

Back Orifice

Question 26

A copy of data made to removable media.

Answer 26

backup

Question 27

A documented plan governing backup situations.

Answer 27

backup plan

Question 28

A written policy detailing the frequency of backups and the location of storage media.

Answer 28

backup policy

Question 29

A model designed for the military to address the storage and protection of classified information. The model prevents the user from accessing information that has a higher security rating than they are authorized to access. It also prevents information from being written to a lower level of security.

Answer 29

Bell La-Padula model

Question 30

A set of rules governing basic operations.

Answer 30

best practices

Question 31

A device that can authenticate an individual based on a physical characteristic.

Answer 31

biometric device

Question 32

The science of identifying a person by using one or more of their features. This can be a thumbprint - a retina scan - or any other biological trait.

Answer 32

biometrics

Question 33

A probability method of finding similar keys in MD5.

Answer 33

birthday attack

Question 34

A type of symmetric block cipher created by Bruce Schneier.

Answer 34

Blowfish

Question 35

Also known as the Master Boot Record (MBR). The first sector of the hard disk - where the program that boots the operating system resides. It’s a popular target for viruses.

Answer 35

boot sector

Question 36

A protocol predominantly used by ISPs that allows routers to share information about routes with each other.

Answer 36

Border Gateway Protocol (BGP)

Question 37

A router used to translate from LAN framing to WAN framing.

Answer 37

border router

Question 38

A type of attack that relies purely on trial and error.

Answer 38

brute force attack

Question 39

A type of DoS attack that occurs when more data is put into a buffer than it can hold - thereby overflowing it (as the name implies.)

Answer 39

buffer overflow attack

Question 40

A contingency plan that will allow a business to keep running in the event of a disruption to vital resources.

Answer 40

Business Continuity Planning (BCP)

Question 41

A study of the possible impact if a disruption to a business’s vital resources were to occur.

Answer 41

Business Impact Analysis (BIA)

Question 42

A type of symmetric block cipher defines by RFC 2144.

Answer 42

Carlisle Adams Stafford Tavares (CAST)

Question 43

The primary office from which most resources extend.

Answer 43

central office

Question 44

A digital entity that establishes who you are and is often used with e-commerce

Answer 44

certificate

Question 45

An issuer of digital certificates (which are then used for digital signatures or key pairs.)

Answer 45

certificate authority (CA)

Question 46

Policies governing the use of certificates

Answer 46

certificate policies

Question 47

The principles and procedures employed in the issuing and managing of certifications.

Answer 47

Certificate Practice Statement (CPS)

Question 48

The act of making a certificate invalid.

Answer 48

certificate revocation

Question 49

A list of digital certificate revocations that must be regularly downloaded to stay current.

Answer 49

Certificate Revocation List (CRL)

Question 50

The log of the history of evidence that has been collected.

Answer 50

chain of custody

Question 51

A protocol that challenges a system to verify identity.

Answer 51

Challenge Handshake Authentication Protocol (CHAP)

Question 52

Documentation required to make a change in the scope of any particular item.

Answer 52

change documentation

Question 53

A certain action or moment in time that is used to perform a check. It allows a restart to begin at the last point the data was saved as opposed to from the beginning.

Answer 53

checkpoint

Question 54

A hexadecimal value computed from transmitted data that is used in error-checking routines.

Answer 54

checksum

Question 55

A switching method where a dedicated connection between the sender and receiver is maintained throughout the conversation.

Answer 55

circuit switching

Question 56

An integrity model for creating a secure architecture.

Answer 56

Clark-Wilson model

Question 57

Unencrypted text that can be read with any editor.

Answer 57

cleartext

Question 58

The part of a client/server network where the computing is usually done. In a typical setting - a client uses the server for remote storage - backups - or security (such as a firewall).

Answer 58

client

Question 59

A server-centric network in which all resources are stored on a file server and processing power is distributed among workstations and the file server.

Answer 59

client/server network

Question 60

An early encryption system offered by the NSA for civilian use that was a hardware implementation of the skipjack encryption algorithm.

Answer 60

clipper chip

Question 61

A method of balancing loads and providing fault tolerance.

Answer 61

clustering

Question 62

A type of cabling used in computer networks

Answer 62

coax

Question 63

The storage and conditions for release of source code provided by a vendor - partner - or other party.

Answer 63

code escrow

Question 64

A physical site that has all the resources necessary to enable an organization to use it if the main site is inaccessible (destroyed).

Answer 64

cold site

Question 65

The means and orderly fashion by which evidence is collected - identified - and marked.

Answer 65

collection of evidence

Question 66

An agreement between individuals to commit fraud or deceit.

Answer 66

collusion

Question 67

A document of specifications detailing security evaluation methods for IT products and systems.

Answer 67

Common Criteria (CC)

Question 68

A set of standards - formerly known as the Mutual Recognition Agreement (MRA) - the define Evaluation Assurance Levels (EALs).

Answer 68

Common Criteria Recognition Agreement (CCRA)

Question 69

An older form of scripting that was used extensively in early web systems.

Answer 69

Common Gateway Interface (CGI)

Question 70

A virus that creates a new program that runs in place of an expected program of the same name.

Answer 70

companion virus

Question 71

Standards that support a non-hierarchical security classification.

Answer 71

compartmentalization

Question 72

The act of assuring that data remains private and no one sees it except for those expected to see it.

Answer 72

confidentiality

Question 73

The administration of setup and changes to configuration.

Answer 73

configuration management

Question 74

Communications between two hosts that have no previous session established for synchronizing sent data.

Answer 74

connectionless

Question 75

Communications between two hosts that have a previous session established for synchronizing sent data.

Answer 75

connection-oriented

Question 76

A plain-text file stored on your machine that contains information about you (and your preferences) for use by a database server.

Answer 76

cookie

Question 77

Functions on which the livelihood of the company depends.

Answer 77

critical business functions

Question 78

The study and practice of finding weaknesses in ciphers.

Answer 78

cryptanalysis

Question 79

A person who does cryptanalysis.

Answer 79

cryptanalyst

Question 80

A person who participates in the study of cryptographic algorithms.

Answer 80

cryptographer

Question 81

A symmetric algorithm - also known as a cipher - used to encrypt and decrypt data.

Answer 81

cryptographic algorithm

Question 82

The field of mathematics focused on encrypting and decrypting data.

Answer 82

cryptography

Question 83

An individual responsible for maintaining the data - and the integrity of it - within their area.

Answer 83

custodian

Question 84

An error-checking method in data communications that runs a formula against data before transmission.

Answer 84

cyclical redundancy check (CRC)

Question 85

A level of confidence that data won’t be jeopardized and will be kept secure.

Answer 85

data integrity

Question 86

The second layer of the OSI model. It describes the physical topology of a network.

Answer 86

Data Link layer

Question 87

A unit of data sent over a network. A packet includes a header - addressing information - and the data itself.

Answer 87

data packet

Question 88

A centralized storage location for data - such as a database.

Answer 88

data repository

Question 89

Where data originates.

Answer 89

data source

Question 90

A Layer 3 packet descriptor.

Answer 90

datagram

Question 91

The process of converting encrypted data back into its original form.

Answer 91

decryption

Question 92

The router to which all packets are sent when the workstation doesn’t know where the destination station is or when it can’t find the destination station on the local segment.

Answer 92

default gateway

Question 93

A method of placing web and other servers that serve the general public outside the firewall and - therefore - isolating them from internal network access.

Answer 93

demilitarized zone (DMZ)

Question 94

A type of attack that prevents any users–even legitimate ones–from using the system.

Answer 94

Denial of Service (DoS) attack

Question 95

A portion of a complete address of the PC to which data is being sent from a sending PC. The port portion allows for the demultiplexing of data to be sent to a specific application.

Answer 95

destination port number

Question 96

The act of noticing an irregularity as it occurs.

Answer 96

detection

Question 97

An attack that uses words from a database (dictionary) to test against passwords until a match is found.

Answer 97

dictionary attack

Question 98

A type of backup that includes only new files or files that have changed since the last full backup.

Answer 98

differential backup

Question 99

This cryptographic algorithm is used primarily to send secret keys across public networks. The process isn’t used to encrypt or decrypt messages; it’s used merely for the transmission of keys in a secure manner.

Answer 99

Diffie-Hellman

Question 100

An electronic signature whose sole purpose is to authenticate the sender.

Answer 100

digital signature