A-D Flashcards

1
Q

Acceptable Interruption Window

A

The maximum period of time that a system can be unavailable before compromising the achievement of the enterprise’s business objective.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Acceptable use policy

A

A policy that establishes an agreement between users and the enterprise and defines for all parties’ the ranges of use that are approved before gaining access to a network or Internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Access control list (ACL)

A

An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals. (aka access control tables)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Access path

A

logical route that an end user takes to access computerized information. Typically includes a route through the operating system, telecommunications software, selected application software and the access control system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Accountability

A

the ability to map a given activity or event back to the responsible party.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Advanced Encryption Standard (AES)

A

A public algorithm that support keys from 128 bits to 256 bits in size

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Advanced persistent threat (APT)

A

An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives using multiple attack vectors

  1. Pursues its objectives repeatedly over an extended period of time
  2. adapts to defenders’ efforts to resist it
  3. is determined to maintain the level of interaction needed to execute its objectives.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Adversary

A

A threat agent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Adware

A

A software package that automatically plays, displays or downloads advertising materials to a computer after the software is installed on its or while the application is being used. In most cases, this is done without any notification to the user or without the user’s consent. The term adware may also refer to software that displays advertisements whether or not it does so with the user’s consent such programs display advertisements as an alternative to shareware registration fees. These are classified as adware in the sense of advertising supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and it provides the user with a specific service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Alert situation

A

The point in an emergency procedure when the elapsed time passes a threshold and the interruption is not resolved. The enterprise entering into an alert situation initiates a series of escalation steps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Alternate facilities

A

locations and infrastructures from which emergency or backup processes are executed, when the main premises are unavailable or destroyed; includes other buildings, offices or data processing centers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Alternate process

A

automatic or manual process designed and established to continue critical business processes from point-of failure to return to normal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Analog

A

transmission signal that varies continuously in amplitude and time and is generated in wave formation; used in telecommunication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Anti-malware

A

technology widely used to prevent, detect and remove many categories of malware, including computer viruses, worms, trojans, keyloggers, malicious browser plug-ins, adware and spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

application layer

A

In the Open systems interconnection (OSI) communications model, the application layer provides services for an application program to ensure the effective communication with another application program in a network is possible. The application layer is not the application that is doing the communication; a service layer that provides these services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Asset

A

Something of either tangible or intangible value that is worth protecting, including people, information, infrastructure, finances, and reputation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Asymmetric key (public key)

A

A cipher technique in which different cryptographic keys are used to encrypt and decrypt a message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Attack

A

An actual occurrence of an adverse event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Attack mechanism

A

method used to deliver the exploit. Unless he attacker is personally performing the attack, an attack mechanism may a payload, or container, that delivers the exploit to the target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Attenuation

A

Reduction of signal strength during transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Audit trail

A

a visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Authentication

A

The act of verifying the identity of a user’s eligibility to access computerized information. Authentication is designed to protect against fraudulent logon activity. It can also refer to the verification of the correctness of a piece of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Availability

A

ensuring timely and reliable access to and use of information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Back door

A

A means of regaining access to a compromised system by installing software or configuration existing software to enable remote access under attacker-defined conditions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Bandwidth

A

range between the highest and lowest transmittable frequencies. It equates to the transmission capacity of an electronic line and is expressed in bytes per second or hertz.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Bastion

A

System heavily fortified against attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Block cipher

A

A public algorithm that operates on a plaintext in blocks (strings or groups) of bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Botnet

A

“robot network”; a large automated an distributed network of previously compromised computers that can be simultaneously controlled to launch large-scale attacks such as a denial-of-service attack on selected victims

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Bridges

A

data link layer devices developed in the early 1980s to connect local area networks (LANs) or create 2 separate LAN or wide area network (WAN) network segments from a single segment to reduce collision domains. Bridges act as store- and forward device in moving frames toward their destination. This i achieved by analyzing the MAC header of a data packet, which represents the hardware address of an NIC.

30
Q

Brute Force

A

A class of algorithms that repeatedly try all possible combinations until a solution is found.

31
Q

Buffer overflow

A

Occurs when a program or process tries to store more data in a buffer (temperory data storage area) than it was intended to hold. Overflown data to adjacent buffers can cause corruption or overwriting of existing data.; increasingly common type of security attack on data integrity; overflown data may contain codes to design to trigger specific actions.

32
Q

Business continuity plan (BCP)

A

A plan used by an enterprise to respond to disruption of critical business processes.

33
Q

Business impact analysis/ assessment (BIA)

A

Evaluating the criticality and sensitivity of information assets. An exercise that determines the impact of losing the support of any resource to an enterprise, eestablishes the escalation of that loss over time, identifies the minimum resources needed to recover,, and prioritizes the recovery of processes and the supporting system. This process also includes addressing income loss, unexpected expense, legal issues, interdependent processes, and loss of public reputation or public confidence.

34
Q

Certificate authority (CA)

A

A trusted third party that serves authentication infrastructures or enterprises and registers entities and issues them certificates.

35
Q

Certificate revocation list (CRL)

A

An instrument for checking the continued validity of the certificate for which the certificate authority (CA) has responsibility. The CRL details digital certificates that are no longer valid. The time gap between 2 updates is very critical and is also a risk in digital certificates verification.

36
Q

Chain of custody

A

Legal principle regarding the validity and integrity of evidence. Includes documentation as to who had access to the evidence and when, as well as the ability to identify evidence as being the exact item that was recovered or tested.

37
Q

Checksum

A

Math value that is assigned to a file and used to “test” the file at a later date to verify that the data contained in the file has not been maliciously changed. Without knowing which cryptographic algorithm was used to create the hash value, it is highly likely that an unauthorized person would be able to change data without changing the corresponding checksum. Used in data transmission and data storage. Aka message authentication codes, integrity check-values, modification detection codes/ message integrity codes.

38
Q

Cipher

A

An algorithm to perform encryption.

39
Q

Ciphertext

A

information generation by an encryption algorithm to protect that plaintext and that is unintelligible to the unauthorized unauthorized reader

40
Q

Cleartext

A

Data that is not encrypted; aka plaintext

41
Q

Cloud computing

A

Convenient, on-demand network access to a shared pool of resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.

42
Q

Collision

A

Situation that occurs when 2 or more demands are made simultaneously on equipment that can handle only one at any given instant.

43
Q

Common Attack Pattern Enumeration and Classification (CAPEC)

A

A catalog of attack patterns as “an abstraction mechanism for helping describe how an attack against vulnerable systems or networks is executed

44
Q

Compartmentalization

A

process for protecting very high value assets or in environments where trust is an issue. Access to an asset requires 2 or more processes, controls, or individuals

45
Q

Computer emergency response team (CERT)

A

A group of people integrated at the enterprise with clear lines of reporting and responsibilities for standby support in case of an information systems emergency. This group will act as an efficient corrective control, and should also act as a single point of contact for all incident and issues related to information systems

46
Q

Confidentiality

A

preserving authorized restrictions on access and disclosure, including means for protecting privacy and proprietary information

47
Q

Configuration management

A

control of changes to a set of configuration items over a system life cycle

48
Q

Comsumerization

A

a new model in which emerging technologies are first embraced by the consumer market and later spread to the business

49
Q

containment

A

actions taken to limit exposure after an incident has been identified and confirmed.

50
Q

Content filtering

A

Controlling access to a network by analyzing the contents of the incoming and outgoing packets and either letting them pass or denying them based on a list of rules. Differs from packet filtering in that it is the data in the packet that are analyzed instead of the attributes of the packet itself (e.g. source/ target IP address, transmission control protocol [TCP] flags.

51
Q

Countermeasure

A

any process that directly reduces a threat or vulnerability

52
Q

Cross-site scripting (XSS)

A

type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web applicatio uses input from a user within the output it generates without validating or encoding it.

53
Q

Cryptography

A

act of designing, analyzing and attacking cryptographic schemes

54
Q

Cryptosystem

A

a pair of algorithms that take a key and covert plaintext to ciphertext and back

55
Q

Cyberwarefare

A

Activities supported by military organizations with the purpose to threat the survival and well-being of society/ foreign entity.

56
Q

Data classification

A

assignment of a level of sensitivity of data that results in the specification of controls for each level of classification. Levels of sensitivity of data are assigned according to predefined categories.

57
Q

Data Custodian

A

individual and department responsible for storage and safeguarding of computerized data.

58
Q

Data Encryption Standard (DES)

A

An algorithm for encoding binary data. It is a secret key cryptosystem published by the National Bureau of Standards (NBS), the predecessor of the US National Institute of Standards and Technology (NIST). DES and its variants has been replaced by the Advanced Encryption Standard (AES).

59
Q

Dencentralization

A

process of distributing computer processing to different locations within an enterprise

60
Q

Decryption

A

technique used to recover the original plaintext from the ciphertext; reverse of encryption

61
Q

Decryption key

A

digital piece of information used to recover plaintext from the corresponding ciphertext by decryption.

62
Q

Defense in depth

A

practice of layering defenses to provide added protection. Defense in depth increases security by raising the effort needed in an attack. This strategy places multiple barriers between an attacker and an enterprise’s computing and information resources.

63
Q

Demilitarized zone (DMZ)

A

a screened (firewalled) network segment that acts as a buffer zone between a trusted and untrusted network. A DMZ is typically used to house systems such as web servers that must be accessible from both internal networks and the Internet.

64
Q

Denial-of-service (DoS) attack

A

An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stooped completely or operates at a significantly reduced rate.

65
Q

Digital certificate

A

piece of information, digitized form of signature, that provides sender authenticity, message integrity and nonrepudiation. A digital signature is generated using the sender’s private key or applying a one-way hash function.

66
Q

Diaster

A

A sudden, unplanned calamitous event causing great damage or loss. Any event that creates an inability on an organization’s part to provide critical business functions for some predetermined period of time. Similar terms are business interruption, outage and catastrophe. The period when enterprise mgmt decides to divert from normal production responses and exercises its disaster recovery plan (DRP). It typically signifies the beginning of a move from a primary location to an alternate location.

67
Q

Disaster recovery plan (DRP)

A

set of human, physical, technical, and procedural resources to recover, within a defined time and cost, an activity interrupted by an emergency or diaster.

68
Q

Discretionary access control (DAC)

A

means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject.

69
Q

Domain name system (DNS)

A

A hierarchical database that is distributed access the Internet that allows names to be resolved into IP addresses (and vice versa) to locate services such as web and email servers.

70
Q

Domain name system (DNS) exfilration

A

Tunneling over DNS to gain network access. Lower-level attack vector for simple to complex data transmission, slow but difficult to detect.

71
Q

Dynamic ports

A

Dynamic and/or private ports 49152-65535, not listed by IANA because of their dynamic nature.