A(s) Flashcards
802.11
Wireless Networking Standard
Integrity axiom
Biba property which states “no write up”
Security Property
Bell-LaPadula which states “no write down”
“Bad” blocks/clusters/sectors
Good disk blocks marked as bad
4GL
Fourth-generation programming language, designed to increase programmer’s efficiency by automating the creation of computer programming code
802.11-1997
The original mode of 802.11 operated at 2 mbps using the 2.4 GHz frequency
802.11a
802.11 mode that operates at 54 mbps using the 5 GHz frequency
802.11b
802.11 mode that operates at 11 mbps using the 2.4 GHz frequency
802.11g
802.11 mode that operates at 54 mbps using the 2.4 GHz frequency
802.11i
The first 802.11 wireless security standard that provides reasonable security
802.11n
802.11 mode that uses both 2.4 and 5 GHz frequencies and allows speeds of 144 mbps and beyond
802.11X
Port-based Network Access Control, layer 2 authentication
ABM
Asynchronous Balanced Mode, HDLC combined mode where nodes may act as primary or secondary, initiating transmissions without receiving permission
Abstraction
Hides unnecessary details from the user
Acceptance Testing
Testing to ensure the software meets the customer’s operational requirements
Access aggregation
The collective entitlements granted by multiple systems to one user. Can lead to authorization creep
ACL
Access Control List
Access Control Matrix
Table defining what access permissions exist between specific subjects and objects
Account Lockout
Disabled an account after a set number of failed logins, sometimes during a specific time period
Accountability
Holds individuals accountable for their actions
Accountability Principle
OECD privacy Guideline Principle which states individuals should have the right to challenge the content of any personal data being held, and have a process for updating their personal data if found to be inaccurate or incomplete
Accreditation
The Data owner’s acceptance of the risk represented by a system
ACK
TCP flag , acknowledge received data
Act honorably, honestly, justly,responsibly, and legally
Second canon of the (ISC)2 Code of Ethnics
Active RFID
Powered RFID tags that can operate via larger distances
Active-active cluster
Involves multiple systems all of which are online and actively processing traffic or data
Active-passive cluster
Involves devices or systems that are already in place, configured, powered on and ready to begin processing network traffic should a failure occur on the primary system
ActiveX Controls
The functional equivalent of Java applets. They use digital certificates instead of a sandbox to provide security
Ad box mode
802.11 peer-to-peer mode with no central AP
Address space Layout Randomization (ASLR)
Seeks to decrease the likelihood of successful exploitation by making memory addresses employed by the system less predictable
Administrative Controls
Implemented by creating and following organizational policy, procedure, or regulation. Also called directive Controls
Administrative law
Law enacted by government agencies, aka regulatory law
ADSL
Asymmetric Digital Subscriber Line, DSL featuring faster download speeds than upload
Advance and protect the profession
Fourth canon of the (ISC)2 code of ethics
Advanced Encryption Standard (AES)
A block cipher using 128 bit, 192 bit, or 256 bit keys to encrypt 128-bit blocks of data
Agents of law enforcement
Private citizens carrying out actions on behalf of law enforcement
Aggregation
Mathematical attack where a user is able to use lower-level access to learn restricted information
Agile software development
Flexible software development model that evolved as a reaction to rigid software development models such as waterfall model
AH
Authentication Header, IPSec protocol that provides authentication and integrity for each packet of network data
ALE
Annualized Loss Expectancy, the cost of loss due to a risk over a year
All pair testing
Or pairwise testing , form of combinatorial software testing that tests unique pairs of inputs
Allocated space
Portions of a disk partition that are marked as actively containing data
ALU
Arithmetic Logic Unit, CPU component that performs mathematical calculations
Analog
Communication that sends a continuous wave of information
ANN
Artificial Neural Networks, simulate neural networks found in humans and animals
ARO
Annual Rate of occurrence, the number of losses suffered per year
Antivirus software
Software is designed to prevent and detect malware infections
API
Application programming Interface, allows an application to communicate with an another application, or an operating system, database, network , etc.
For example, google maps API allows an application to integrate 3rd-party content, such as restaurants overlaid on a google map
Applet
Small pieces of mobile code that are embedded in other software such as web browsers
Application layer (OSI)
Layer 7 of the OSI model, where the user interfaces with the computer application
Application layer (TCP/IP)
TCP/IP model layer that combines layer 5 through 7 of the OSI model
Application-layer proxy
Proxy firewall that operates up to Layer 7
ARCNET
Attached Resource Computer Network, a legacy LAN technology that uses tokens
ARM
Asynchronous Response Mode, HDLC mode where secondary nodes may initiate communication with the primary
ARPAnet
The predecessor of the internet
Artificial Intelligence
The science of programming electronic computers to think more intelligently, Sometimes mimicking the ability of mammal brains
Assembly language
Low-level computer programming language with instructions that are short mnemonics, such as “ADD”, “SUB”(subtract) and “JMP”(jump), that match to machine language instructions
Asset
A resource that is valuable to an organization and must be protected
AV
Asset Value, the value of a protected asset
Asymmetric Encryption
Encryption that uses two keys: if you encrypt with one you may decrypt with the other
Asynchronous Dynamic Token
Authentication token that is not synchronized with a central server; includes challenge-response tokens
ATA Secure Erase
Hardware-level secure erase command available on Solid State Drives (SSDs) that erases all blocks and also generates a new encryption key
ATM
Asynchronous Transfer Mode , a WAN technology that uses fixed length cells
Attribute
A column in a rational database table
Authentication
Proof of an identity claim
Authorization
Actions an individual can perform on a system
Authorization creep
Occurs when employees not only maintain old access rights but also gain new ones as they move from one division to another within an organization
Availability
Assured information is available when needed
Awareness
Security control designed to change user behavior