Acronym w. Definition . Flashcards

1
Q

3DES

A

Triple Digital Encryption Standard

A symmetric algorithm used to encrypt data & provide confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AAA

A

A group of technologies used in remote access systems.

  • Authentication verifies a user’s identification.
  • Authorization determines if a user should have access.
  • Accounting tracks a user’s access with logs.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ABAC

A

Attribute-Based Access Control

An access control model that grants access to resources based on attributes assigned to subjects and objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AUP

A

Acceptable Use Policy

A policy defining proper system usage and the rules of behavior for employees.

It often describes the purpose of computer systems and networks, how users can access them, and the responsibilities of users when accessing the systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AP

A

Access Point

A device that connects wireless clients to wireless networks. Sometimes called wireless access point (WAP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Accounting

A

The process of tracking the activity of users and recording this activity in logs. One method of accounting is audit logs that create an audit trail.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ACLs

A

Access control lists. Lists of rules used by routers and stateless firewalls. These devices use the ACL to control traffic based on networks, subnets, IP addresses, ports, and some protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Active Reconnaissance

A

A penetration testing method used to collect information. It sends data to systems and analyzes responses to gain information on the target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Ad Hoc

A

A connection mode used by wireless devices without an AP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Administrative controls

A

Security controls implemented via administrative or management methods.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Advanced Encryption Standard (AES)

A

A strong symmetric block cipher that encrypts data in 128-bit blocks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Affinity

A

A scheduling method used with load balancers. It used the client’s IP address to ensure the client is redirected to the same server during session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Aggregation switch

A

A switch used to connect multiple switches together into a network. Switches connect to the aggregation switch and it connects to a router.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Agile

A

A software development life cycle model that focuses on interaction and integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Authentication Header (AH)

A

Only used in Tunneling mode, to encrypt the message headers.

  • An option within IPSec to provide authentication and integrity.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Airgap

A

A physical security control that provides physical isolation. Systems separated by an airgap don’t typically have any physical connections to other systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Annual Loss Expectancy (ALE)

A

The expected loss for a year.

Used to measure risk with ARO and SLE in a quantitative risk assessment.

SLE x ARO = ALE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Amplification attack

A

An attack that increased the amount of bandwidth sent to a victim.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Anomaly

A

A type of monitoring on intrusion detection and intrusion prevention systems.

Detects attacks by comparing operations against a baseline.

Aka Heuristic detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

ANT

A

A proprietary wireless protocol used by some mobile devices.

Not an acronym

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Antispoofing

A

A method used on some routers to protect against spoofing attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Antivirus

A

Software that protects systems from malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Application blacklist

A

A list of applications that a system blocks.

Users are unable to install or run any applications on the list.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Application cell

A

A virtualization technology that runs services or applications within isolated application cells (containers).

Aka application containers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Application whitelist

A

A list of applications that a system allows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Advanced Persistent Threat (APT)

A

A group that has both the capability and intent to launch sophisticated and targeted attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Annual Rate of Occurrence (ARO)

A

The number of times a loss is expected to occur in a year.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

arp

A

A command-line tool used to show and manipulate the Address Resolution Protocol cache.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

ARP Poisoning

A

An attack that misleads systems about the actual MAC address of a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Asset Value

A

An element of a risk assessment. It identifies the value of an asset and can include any product, system, resource, or process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Asymmetric encryption

A

A type of encryption using two keys to encrypt & decrypt data.

  • uses public key & private key.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Attestation

A

A process that checks and validated system files during the boot process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Audit trail

A

A record of events recorded in one or more logs, the can re-create the events that occurred leading up to a security incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Authorization

A

The process of granting access to resources for users who prove their identity, based on their proven identity.

  • username & passwords.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Authentication

A

The process that occurs when a user provided an identity, such as a password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Availability

A

Ensures that systems and data are up & operational when needed.

  • one of the three melon goals of information security known as the CIA.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Backdoor

A

An alternate method of accessing a system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Background check

A

A check into a person’s history, typically to determine eligibility for a job.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Banner grabbing

A

A method used to gain information about a remote system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Bcrypt

A

A key stretching algorithm.

  • used to protect passwords
  • salts passwords with additional bits before encrypting them with Blowfish.
  • this thwarts rainbow table attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Basic Input/Output System (BIOS)

A

A computer’s firmware used to manipulate different settings such as the date & time, boot drive, and access password.

*UEFI is the designated replacement for BIOS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Birthday

A

A password attack named after the birthday paradox in probability theory.

  • paradox states that for any random group of 23 people, there is a 50% chance that 2 of them have the same birthday.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Black box text

A

A type of penetration test. Testers have zero knowledge of the environment prior to starting the test.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Block cipher

A

An encryption method that encrypts data in fixed-sized blocks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Blowfish

A

A strong symmetric block cipher. It encrypts data in 64-bit blocks and supports key sizes between 32 & 448 bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Bluejacking

A

An attack against Bluetooth devices.

  • sending unsolicited messages to nearby Bluetooth devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Bluesnarfing

A

An attack against Bluetooth devices. Attackers gain unauthorized access to Bluetooth devices and can access all the data on the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Bollards

A

Short vertical posts that act as a barricade. Bollards block vehicles, not people.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Bots

A

Software robots that function automatically.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Business Partners Agreement (BPA)

A

A written agreement that details the relationship between business partners, including their obligations towards the partnership.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Bridge

A

A network device used to connect multiple networks together.

  • can be used instead of a router.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Brute force

A

A password attack that attempts to guess a password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Buffer overflow

A

An error that occurs when an application receives more input, or different input, than it expects.

  • it exposes system memory that is normally inaccessible.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Business Impact Analysis (BIA)

A

A process that helps an organization identify critical systems and components that are essential to the organization’s success.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Bring Your Own Device (BYOD)

A

A mobile device deployment model. Employees can connect their personally owned device to the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Certificate Authority (CA)

A

An organization that manages, issues, and signs certificates.

  • a main element of PKI
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Common Access Card (CAC)

A

Specialized type of smart card used by the U.S Department of Defense.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Captive portal

A

A technical solution that forces wireless clients using web browsers to complete a process before accessing a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Carrier unlocking

A

The process of unlocking a mobile phone from a specific cellular provider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Cipher Blocking Chaining (CBC)

A

A mode of operation used for encryption that effectively converts a block cipher into a stream cipher.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)

A

Encryption protocol based on AES and used with WPA2 for wireless security. It is more secure than TKIP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Canonical Encoding Rules (CER)

A

A base format for PKI certificates. They are binary encoded files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Certificate

A

A digital file used for encryption, authentication, digital signatures, and more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Certificate Chaining

A

A process that combines all certificates within a trust model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Chain of custody

A

A process that provides assurances that evidence has been controlled and handled properly after collection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Change Management

A

The process used to prevent unauthorized changes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Challenge Handshake Authentication Protocol (CHAP)

A

An authentication mechanism where a server challenges a client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Chroot

A

A Linux command us d to change the root directory.

  • often used for sandboxing.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Ciphertext

A

The result of encrypting plaintext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

Clean desk policy

A

A security policy requiring employees that o keep their areas organized and free of papers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

Clickjacking

A

An attack that tricks users into clicking something other than what they think they’re clicking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Cloud Access Security Broker (CASB)

A

Software tool or service that enforced cloud-based security requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

Cloud Deployment Models

A

Cloud model types that identify who has an access to cloud resources.

  • Public Clouds: for any organization
  • Private Clouds: for single organization
  • Community Clouds: shared among community
  • Hybrid Clouds: Combination of two or more clouds
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

Code signing

A

The process of assigning a certificate to code.

  • certificate includes a digital signature & validates the code.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

Cold Site

A

An alternate location for operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Collision

A

A hash vulnerability that can be used to discover passwords.

  • occurs when two different passwords create the same hash.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

Compensating controls

A

Security controls that are alternative controls used when a primary security controls is not feasible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Complied code

A

Code that had been optimized by an application and converted into an executable file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

Confidential data

A

Data meant to be kept secret among a certain group of people. As an example,salary data is meant to be kept secret and not shared with everyone within a company.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

Confidentiality

A

One of the three main goals of information security knows as the CIA security triad.

Ensures that unauthorized entities cannot access data.

Encryption & access controls help protect against the lost of confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

Configuration compliance scanner

A

A type of vulnerability scanner that verify systems are configured correctly. Can use a file that identifies the proper configuration for systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

Confusion

A

The cryptography concept that indicates ciphertext is significantly different than plain text.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Containerization

A

A method used to isolate applications and mobile devices. That isolates and protects the application, including any data used by the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

Context-aware authentication

A

And authentication method using multiple elements to authenticate a user and a mobile device. It can include identity, Geolocation, the device type, and more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Continuity of operations planning

A

The planning process that identifies an alternate location for operations after a critical outage. It can include a hot sight, cold side, or warm sight.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

Control diversity

A

The use of different security control times, such as technical controls, administrative controls, and physical controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

Controller-based AP

A

An AP that is managed by a controller. Also called a thin AP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

COPE

A

Corporate-owned, personally enabled.

A mobile device deployment model. The organization purchases and issues devices to employees.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

Corrective controls

A

Security controls their attempt to reverse the impact of a security incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

CRL

A

Certificate revocation list.

A list of certificates that a CA has revoked. Certificates are commonly revoked if they are compromised, or issued to an employee who has left the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

Crossover error rate

A

The points were the false acceptance rate (FAR) crosses over with the false rejection rate (FRR). A lower C ER indicates a more accurate biometrics system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

XSRF

A

Cross-site request forgery

A Web application attack. XSRF attacks trick users into performing actions on websites, such as making purchases, without their knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

XSS

A

Cross-site scripting

A web application vulnerability. Attackers in bed malicious HTML or JavaScript code into a web site’s code, which executes when a user visits the site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

Crypto-malware

A

It’s a type of ransom where that encrypts the user’s data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

Crypto module

A

A set of hardware, software, and/or firmware that implements cryptographic functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

Crypto service provider

A

A software library of cryptographic standards and algorithms. These library‘s are typically distributed within crypto modules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

CSR

A

Certificate signing request.

A method of requesting a certificate from a CA. It starts by creating an RSA-based private/public key pair and then including the public key in the CSR.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

CTM

A

Counter mode

A mode of operation use for encryption that combines an IV with a counter. The combined result is used to encrypt blocks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

Custom firmware

A

Mobile device firmware other than the firmware provided with the device. People sometimes use custom firmware to root android devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

CIRT

A

Cyber-incident response team

A group of experts who respond to security incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

CYOD

A

Choose your own device

A mobile device deployment model. Employees can connect there personally on device to the network as long as the device is on a pre-approved list.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

DAC

A

Discretionary access control

An access control model where all objects have owners and owners can modify permissions for the objects files and folders Microsoft NTFS uses the DAC model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

Data-at-rest

A

Any data stored on media. It’s common to encrypt sensitive data-at-rest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

DEP

A

Data execution prevention

A security feature that prevents code from executing in memory regions marked as nonexecutable. It helps block malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

Data exfiltration

A

The unauthorized transfer of data outside an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

Data-in-transit

A

Any data sent over a network. It’s common to encrypt sensitive data-in-transit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

Data-in-use

A

Any data currently being used by a computer. Because the computer needs to process the data, it is not encrypted while in use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

Data retention policy

A

A security policy specifying how long data should be kept (retained).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

Data sovereignty

A

A term that refers to the legal implications of data stored in different countries. It is primarily concern related to back up stored an alternate locations via the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

DDos

A

Distributed denial-service

An attack on a system launched from multiple sources intended to make a computers resources or services unavailable to users. Do you DOS attacks typically include sustained, abnormally high network traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

Dead code

A

Code that is never executed or used. It is often caused by logic errors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

Defense in depth

A

Do use of multiple layers of security to protect resources. Control diversity and vendor diversity or two methods organizations implement to provide defense in depth.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

Degaussing

A

The process of removing data for magnetic media using a very powerful electronica magnet. Degaussing is sometimes used to remove data from back up tapes or to destroy hard disks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

DER

A

Distinguished encoding rules

A base format for PKI certificates. They are BASE64 ASCII encoded files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

DES

A

Data encryption standard

A legacy symmetric encryption standard used to provide confidentiality it has been compromised and AES or 3DES should be used instead.

It is the weakest encryption standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

Detective controls

A

Security controls that attempt to discourage individuals from causing a security incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

Dictionary

A

A password attack that uses a file of words and character combinations. The attack tries every entry within the file when trying to get a password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

Differential backup

A

A type of back up that backs up all the data that has changed or is different since the last full backup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

DH

A

Diffie-Hellman

And asymmetric algorithm used to privately share symmetric keys. DH ephemeral (DHE) uses ephemeral keys, Which are re-created for each session. Elliptic curve DHE (ECDHE) uses elliptic her cryptography to generate encryption keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

Diffusion

A

A cryptography concept that ensures that small changes in plain text result in significant changes in ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

Dig

A

A command-line tool used to test DNS on Linux systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

Digital signature

A

And encrypted hash of a message, encrypted with the senders private key. It provides authentication, non-repudiation, and integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

Disablement policy

A

A policy that identifies when administrators should disable user accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

Disassociation attack

A

An attack that removes wireless clients from a wireless network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

Dissolvable agent

A

A NAC agent that runs on a client, but deletes itself later. It checks the client for health.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

DLL injection

A

An attack that injects a dynamic link library (DLL) into memory and runs it. Attackers rewrite the DLL, inserting malicious code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

DLP

A

Data loss prevention

A group of technologies used to prevent data loss. They can block the use of USB devices, monitor outgoing email to detect and block unauthorized data transfers, and monitor data stored in the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
128
Q

DMZ

A

Demilitarized zone

A buffer zone between the Internet and an internal network. Internet clients can access the service is hosted on servers in the DMZ, but the DMZ provides a layer of protection for the internal network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
129
Q

DNSSEC

A

Domain name system security extensions

A suite of extensions toDNS used to protect the integrity of DNS records and prevent some DNS attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
130
Q

DNS poisoning

A

An attack that modifies or karups DNS results. Do you NSSAC helps prevent DNS poisoning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
131
Q

Domain hijacking

A

An attack that changes the registration of a domain name without permission from the owner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
132
Q

DOS

A

Denial-of-service

An attack from a single source that attempts to disrupt the services provided by the attached system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
133
Q

Downgrade attack

A

A type of attack that forces a system to downgrade its security the attacker then exports the lesser security control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
134
Q

DSA

A

Digital signature algorithm

And encrypted hash of a message used for authentication, non-repudiation, and integrity. The senders private key increase the hash of the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
135
Q

Dumpster diving

A

The practice of searching through trash looking to gain information from discarded documents. Shredding or burning papers helps prevent the success of dumpster diving.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
136
Q

EAP

A

Extensible authentication protocol

And authentication framework that provides general guidance for authentication methods.

Variations include:

  • PEAP
  • EAP-TTLS
  • EAP-FAST
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
137
Q

EAP-FAST

A

EAP-flexible authentication via secure tunneling (EAP-FAST)

A Cisco-designed replacement for lightweight EAP (LEAP). EAP-FAST supports certificates, but they are optional.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
138
Q

EAP-TLS

A

Extensible authentication protocol-transport layer security

An extension of EAP sometimes used with 802.1x. This is one of the most secure EAP standards and is widely implemented. It requires certificates on the 802.1x server and on the clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
139
Q

EAP-TTLS

A

Extensible authentication protocol-tunneled transport layer security

An extension of EAP sometimes used with 802.1x. It allows systems to use some older authentication method such as PAP within a TLS tunnel. It requires a certificate on the 802.1x server but not on the clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
140
Q

ECB

A

Electronic Codebook

A legacy mode of operation used for encryption. It is weak and should not be used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
141
Q

Embedded system

A

Any device that has a dedicated function and uses a computer system to perform that function. It includes a CPU, and operating system, and one or more applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
142
Q

EMI

A

Electromagnetic interference

Interference caused by motors, power lines, and fluorescent lights. The MI shielding prevents outside interference sources from corrupting data and prevents data from emanating outside the cable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
143
Q

EMP

A

Electromagnetic pulse

A short burst of energy that can potentially damage electronica equipment. They can result from electrostatic discharge (ESD) lightning, and military weapons.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
144
Q

Encryption

A

A process that scrambles, or ciphers, data to make it unreadable. Encryption normally includes a public algorithm and a private key.

Two Types:

  • asymmetric
  • symmetric
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
145
Q

Enterprise

A

A wireless mode that uses in 802.1x server for security. It forces users to authenticate with a username and password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
146
Q

Ephemeral Key

A

The type of key used in cryptography. Ephemeral keys have very short lifetimes and are re-created for each session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
147
Q

Error handling

A

A programming process that handles errors gracefully.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
148
Q

ESP

A

Encapsulating security payload

Is used to encrypt the data being transmitted.

  • An option with an IPsec to provide confidentiality, integrity, and authentication.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
149
Q

Evil twin

A

A type of rogue AP. An evil twin has the same SSID as a legitimate AP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
150
Q

Exit interview

A

An interview conducted with departing employees just before they leave an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
151
Q

Exploitation frameworks

A

Tools used to store information about security vulnerabilities. They are often used by penetration testers (and attackers) to detect an exploit software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
152
Q

Extranet

A

The part of an internal network shared with outside entities. Extra notes are often used to provide access to an authorized business partners, customers, vendors, or others.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
153
Q

Facial recognition

A

A biometric method that identifies people based on facial features.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
154
Q

False negative

A

A security incident that isn’t detected or reported. As an example, a NIDS false negative occurs if an attack is active on the network but the NIDS does not raise an alert.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
155
Q

False positive

A

An alert on an event that isn’t a security incident. As an example, a NIDS false positive occurs if the NIDS raises an alert with activity on the network is normal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
156
Q

FAR

A

False acceptance rate

Also called the false match rate. A rate that identifies the percentage of times a biometric authentication system incorrectly indicates a match.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
157
Q

Faraday cage

A

A room or enclosure that prevents signals from emanating beyond the room or enclosure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
158
Q

Fat AP

A

An AP that includes everything needed to connect wireless clients to a wireless network. Fat APs Must be configured independently. Sometimes called a stand-alone AP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
159
Q

Fault tolerance

A

The capability of a system to suffer a fault, but continue to operate. Said another way, the system can tolerate the fault as if it never occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
160
Q

FDE

A

Full desk encryption

A method to encrypt an entire disk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
161
Q

Federation

A

Two or more members of a federated identity management system. Used for single sign-on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
162
Q

Fingerprint scanners

A

Biometric systems that scan fingerprints for authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
163
Q

Firewall

A

Is software or a network device used to filter traffic. Firewalls can be application-based (running on a host), or a network-based device.

Stateful firewalls filter traffic using rules within an ACL.
Stateless firewalls filter traffic based on its state within a session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
164
Q

Firmware OTA updates

A

Over-the-Air updates for mobile device firmware that keep them up to date. These are typically downloaded to the device from the Internet and applied to update the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
165
Q

Flood guard

A

A method of thwarting flood attacks. On switches, a flood guard thwarts MAC flood attacks. On routers, a flood guard prevents SYN flood attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
166
Q

Framework

A

A structure used to provide a foundation. Cyber security frameworks typically use a structure of basic concepts and provide guidance to professionals on how to implement security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
167
Q

FRR

A

False rejection rate

Also called the false non-match rate. A rate that identifies the percentage of times a biometric authentication system incorrectly rejects a valid match.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
168
Q

FTPS

A

File transfer protocol secure

An extension of FTP that uses TLS to encrypt FTP traffic. Some implementations of FTPS use TCP ports 989 and 990.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
169
Q

Full backup

A

A type of back up that backs up all the selected data. A full backup could be considered a normal backup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
170
Q

Full tunnel

A

An encrypted Connection used with VPNs. When a user is connected to a VPN, all traffic from the user is encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
171
Q

GCM

A

Galois/Counter Mode

A mode of operation used for encryption. It combines the counter mode (CTM) with hashing techniques for data authenticity and confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
172
Q

Geofencing

A

A virtual fence or a geographic boundary. It uses GPS to create a boundary. Apps can then respond when a mobile device is within the virtual fence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
173
Q

Geolocation

A

The location of a device identified by GPS. It can help locate a lost or stolen mobile device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
174
Q

GPO

A

Group Policy Object

A technology used within Microsoft windows to manage users and computers. It is implemented on a domain controller within a domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
175
Q

GPS

A

Global Positioning System

A satellite-based navigation system that identifies the location of a device or vehicle. Mobile devices often incorporate GPS capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
176
Q

GPS tagging

A

The process of adding geographical data to file such as pictures. It typically includes latitude and longitude coordinates with the location where the picture was taken or the file was created.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
177
Q

Gray box test

A

A type of penetration test

Testers have some knowledge of the environment prior to starting the test.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
178
Q

Group-based access control

A

A role-based access control method that uses groups as roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
179
Q

Guest account

A

A pre-created account and Windows systems. It is disabled by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
180
Q

Hacktivist

A

An attacker who launches attacks as part of an activist movement or to further a cause.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
181
Q

Hardware route of trust

A

A known secure starting points. TPMs have a private key burned into the hardware that provides a hardware route of trust.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
182
Q

Hash

A

A number created by executing a hashing algorithm against data, such as a file or message. Hashing is commonly used for integrity. Common hashing algorithms are MD5, SHA-one, and HMAC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
183
Q

Heuristic/behavioral

A

A type of monitoring on intrusion detection and intrusion prevention systems. It detects attacks by comparing traffic against a baseline it is also known as anomaly detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
184
Q

HIDS

A

Host-based intrusion detection system

Software installed on a system to detect attacks. It protects local resources on the host. They host-based intrusion prevention system HIPS is an extension of a HIDS. It is software installed on a system to detect and block attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
185
Q

High availability

A

A term that indicates a system or a component remains available close to 100% of the time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
186
Q

HMAC

A

Hash-based Message Authentication Code

Rehashing algorithm used to verify integrity and authenticity of a message with the use of a shared secret. It is typically combined with another hashing algorithm such as SHA.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
187
Q

Hoax

A

A message, often circulated through email, that tells of impending doom from a virus or other security threat that simply doesn’t exist.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
188
Q

Home automation

A

Smart devices used within the home that have IP address is. These are typically accessible via the Internet and are part of the Internet of things (IoT).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
189
Q

Honeypot

A

A server designed to attract an attacker. It’s typically has weakened security encouraging attackers to investigate it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
190
Q

Honeynet

A

A group of honeypots in a network. Honeynets are configured in virtual networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
191
Q

Hot and cold aisles

A

A method commonly used in data centers to keep equipment cool. Cool air flows from the front of the cabinets to the back, making the front aisle cooler and the back aisle warmer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
192
Q

HOTP

A

HMAC-based One-Time Password

An open standard used for creating one-time passwords. It combines a secret key and a counter, and then uses HMAC to create a hash of the result.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
193
Q

Hot site

A

An alternate location for operations. A hot site typically includes everything needed to be operational within 60 minutes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
194
Q

HSM

A

Hardware security module

A removable or external device that can generate, store and manage RSA keys used in asymmetric encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
195
Q

HTTPS

A

Hypertext transfer protocol secure

A protocol used to encrypt HTTP traffic. Which TTPS in crêpes traffic with TLS using TCP port 443.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
196
Q

HVAC

A

Heating, ventilation, and air conditioning

A physical security control that increases availability by regulating airflow within data centers and server rooms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
197
Q

IaaS

A

Infrastructure as a Service

A cloud computing model that allows an organization to rent access to hardware in a self-managed platform.

Compare with Paas and Saas.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
198
Q

ICS

A

Industrial Control System

A system that controls large systems such as power plants or water treatment facilities.

A SCADA system controls the ICS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
199
Q

Identification

A

The process that occurs when a user claims an identify, such as with a username.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
200
Q

IEEE 802.1x

A

An authentication protocol used in VPNs and wired and wireless networks. VPNs often implement it as a RADIUS server. Wired networks use it for port-based authentication. Wireless networks use it in Enterprise mode. It can be used with certificate-based authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
201
Q

ifconfig

A

A command-line tool used on Linux systems to show and manipulate settings on a network interface card (NIC). Similar to ipconfig on Windows systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
202
Q

IMAP4

A

Internet Message Access Protocol version 4

A protocol used to store and manage email on servers. IMAP4 uses TCP port 143. Secure IMAP4 uses TLS to encrypt IMAP4 traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
203
Q

Impact

A

The magnitude of harm related to a risk. It is the negative result of an event, such as the loss of confidentiality, integrity, or availability of a system or data.

Compare with likelihood of occurrence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
204
Q

Implicit deny

A

A rule in an ACL that blocks all traffic that hasn’t been explicitly allowed. The implicit rule is the last rule in an ACL.

205
Q

Incident response

A

The process of responding to a security incident. Organizations often create an incident response plan that outlines the procedures to be used when responding to an incident.

206
Q

IRP

A

Incident response plan

The procedures is documented in an incident response policy.

207
Q

Incident response process

A

The phases of incident response, including preparation, identification, containment, eradication, recovery, and lessons learned.

208
Q

Incremental backup

A

A type of backup that backs up all the data that has changed since the last fall or incremental backup.

209
Q

Injection attack

A

An attack that injects code or commands. Common injection attacks RDLL injection, command injection, and SQL injection attacks.

210
Q

Inline

A

A configuration that forces traffic to pass through a device. A NIPS is placed inline, allowing it to prevent malicious traffic from entering a network. Sometimes called in-band compare with out-of-band.

211
Q

Input validation

A

A programming process that verifies that it is valid before using it.

*Also helps with buffer overflow and Injections (SQL, DLL).

212
Q

Insider

A

An attacker who launch is a tax from within an organization, typically as an employee.

213
Q

Integer overflow

A

An application attack that attempts to use or create a numeric value that is too big for an application to handle. And put handling an air handling thwart the attack.

214
Q

Integrity

A

One of the three main goals of information security known as the CIA security triad integrity provides assurance that data or system configuration’s have not been modified. Audit logs and hashing are two methods used to ensure integrity.

215
Q

Intranet

A

An internal network.

People use an Internet to communicate and share contact with each other.

216
Q

IoT

A

Internet of things

The network of physical devices connected to the Internet. It typically refers to smart devices with an IP address, such as wearable technology and home automation systems.

217
Q

ip

A

A command-line tool used on Linux systems to show and manipulate settings on a network interface card (NIC). Developers created this to replace ifconfig.

218
Q

ipconfig

A

A command-line tool used on window systems to show the configuration settings on a NIC.

219
Q

IPSec

A

Internet protocol security

A suite of protocols used to encrypt data-in-transit that can operate in both tunnel mode and transport mode. But uses tunnel mode for VPN traffic and transport mode and private networks.

220
Q

IP spoofing

A

An attack that changes the source IP address.

221
Q

Iris scanner

A

Biometric systems scan the iris of an eye for authentication.

222
Q

ISA

A

Interconnection security agreement

An agreement that specifies technical and security requirements for connections between two or more entities.

223
Q

IV attack

A

Initialization vector

A wireless attacked at times to discover the IV. Legacy wireless security protocols are susceptible to IV attacks.

224
Q

Jailbreaking

A

The process of modifying an apple mobile device to remove software restrictions. It allows the user to install software from any third-party source.

225
Q

Jamming

A

A DoS attack against wireless networks. And transmits noise on the same frequency used by your wireless network.

226
Q

Job rotation

A

A process that ensures employees rotate through different jobs to learn the process and procedures in each job. It can sometimes detect fraudulent activity.

227
Q

KDC

A

Key distribution center

Also known as TGT server. Part of the Kerberos protocol used for network authentication. The KDC issues timestamp tickets that expire.

228
Q

Kerberos

A

A network authentication mechanism used with Windows activity directory domains and some UNIX environments known as realms. It uses a KDC to issue tickets.

229
Q

Kernel

A

The central part of the operating system. And container virtualization guests share the kernel

230
Q

Key escrow

A

The process of placing a copy of a private key in a safe environment.

231
Q

Keylogger

A

Software or hardware used to capture a users keystrokes. Keystrokes are stored in a file and can be manually retrieved or automatically sent to an attacker.

232
Q

Key stretching

A

A technique used to increase the strength of stored passwords. It adds additional bits (called salts) and can help thwart brute force and rainbow table attacks.

233
Q

Known plaintext

A

A cryptographic attack that decrease encrypted data. In this attack, the attacker knows the plane text used to create ciphertext.

234
Q

Labeling

A

The process of ensuring data is tagged clearly so that users know its classification. Labels can be physical labels, such as on backup tapes, or digital labels in bedded in files.

235
Q

LDAP

A

Lightweight directory access protocol

A protocol used to communicate with directories such as Microsoft active directory. It identifies objects with query strings using codes such as CN=users and DC=get certified get ahead.

236
Q

LDAPS

A

Light weight directory access protocol secure

A protocol used to encrypt LDAP traffic with TLS.

237
Q

Least functionality

A

A core principle of secure systems design. Systems should be deployed with only the applications, services, and protocol needed to meet their purpose.

238
Q

Least privilege

A

A security principle that specifies that individuals and processes are granted only the rights and permissions needed to perform assigned task or functions, but no more.

239
Q

Legal hold

A

A court order to maintain data for evidence.

240
Q

Likelihood of occurrence

A

The probability that something will occur. It is used with impact in a qualitative risk assessment.

241
Q

Load balancer

A

Hardware or software that balances to lose between two or more servers. Scheduling methods include source address IP affinity and round-robin.

242
Q

location-based policies

A

Policies that prevent users from logging on from certain locations, or require that they log on only from specific locations.

243
Q

Logic bomb

A

The type of malware that executes in response to an event. The event might be a specific day or time, or user action such as when a user launches a specific program.

244
Q

Loop prevention

A

A method of preventing switching loop or bridge loop problems. Both STP and RSTP prevent switching loops.

245
Q

MAC

Acronym not pertaining to bits

A

Mandatory access control

An access control model that uses sensitivity labels assigned to objects (files and folders) and subjects (users). MAC restricts access based on a need to know.

246
Q

MAC

Acronym pertaining to bits

A

Media access control

A 48-bit address used to identify network interface card’s. It is also called a hardware address or physical address.

247
Q

MAC filtering

A

A form of network access control to allow or block access based on the MAC address. It is configured on switches for port security or on APs for wireless security.

248
Q

MAC spoofing

A

An attack that changes the source MAC address.

249
Q

Mail gateway

A

A server that examines and processes all incoming and out going email. It typically includes a spam filter and DLP capabilities. Some gateways also provide encryption services.

250
Q

Malware

A

Malicious software. It includes a wide range of software that has malicious intent, such as viruses, worms, ransom ware, root kits, logic bombs, and more.

251
Q

Mandatory vacation

A

A policy that forces employees to take a vacation. The goal is to deter malicious activity, such as fraud and embezzlement, I detect malicious activity when it occurs.

252
Q

Man-in-the-browser

A

An attack that infects vulnerable web browsers. It can allow the attacker to capture browser session data, including keystrokes.

253
Q

MITM

A

Man-in-the-middle

An attack using active interception or eavesdropping. It uses a third computer to capture traffic sent between two other systems.

254
Q

Mantrap

A

A physical security mechanism designed to control access to a secure area. A mantra prevents tailgating.

255
Q

MD5

A

Message digest 5

A hashing function used to provide integrity. MD5creates 128-bit hashes, which are also referred to as MD5 checksums. Experts consider MD5 cracked.

256
Q

MDM

A

Mobile device management

A group of applications and/or technologies used to manage mobile devices. MDM tools can monitor mobile devices and ensure they are in compliance with security policies.

257
Q

Memory leak

A

An application flaw that consumes memory without releasing it.

258
Q

MFDs

A

Multi-function devices

Any device that performs multiple functions. As an example, many printers are MFDs Because they can print, scan, and copy documents. Many also include faxing capabilities.

259
Q

MMS

A

Multimedia Messaging Service

A method used to send text messages. It is an extension of SMS and support sending multi media content.

260
Q

MOU/MOA

A

Memorandum of understanding or memorandum of agreement.

A type of agreement that defines responsibilities with each party. Compare with ISA.

261
Q

MS-CHAPv2

A

Microsoft challenge handshake authentication protocol version 2.

Microsoft implementation of CHAP. MS-CHAPv2 provide some mutual authentication.

  • Compare with CHAP & PAP.
262
Q

MTBF

A

Mean time between failures.

A metric that provides a measure of a systems reliability and is usually represented in hours. The NTPS identifies the average time between failures.

263
Q

MTTR

A

Mean time to recover.

A metric that identifies the average time it takes to restore a field system. Organizations that have maintenance contract stocked and specified the MTTR as a part of the contract.

264
Q

Multifactor authentication

A

A type of authentication that uses methods from more than one factor of authentication.

265
Q

NAC

A

Network access control.

A system that inspects clients to ensure they are healthy. Agents inspect clients and agents can be permanent or dissolvable also known as (agentless)

266
Q

NAT

A

Network Address Translation

A service that translates public IP addresses to private IP address is and private IP addresses to public IP address.

267
Q

NDA

A

Non-disclosure agreement. That is designed to prohibit personnel from sharing proprietary data. It can be used with station and with other organizations.

268
Q

Netcat

A

A command-line tool used to connect to remote systems.

269
Q

Netstat

A

A command-line tool used to show network statistics on a system.

270
Q

Network mapping

A

A process used to discover devices on a network, including how they are connected.

271
Q

Network scanner

A

A tool used to discover devices on a network, including their IP addresses, their operating system, along with services and protocols running on the devices.

272
Q

NFC attack

A

An attack against mobile devices that use near field communication (NFC). NFC is a group of standards that allow mobile devices to communicate with nearby mobile devices.

273
Q

NIDS

A

Network-based intrusion detection system.

A device that detects attacks and raises alerts. A NIDS is installed on network devices, such as routers or firewalls, and monitors network traffic.

274
Q

NIPS

A

Network-based intrusion prevention system. A device that detects and stops attacks in progress. A NIPS is placed inline (also called in-band) with traffic so that it can actively monitor data streams.

275
Q

NIST

A

National Institute of Standards & Technology.

NIST is a part of the U.S. Department of Commerce, and it includes an Information Technology Laboratory (ITL).
The ITL publishes special publications related to security that are freely available to anyone.

276
Q

Nmap

A

A command-line tool used to scan networks. It is a type of network scanner.

277
Q

Nonce

A

A number used once. Cryptography elements frequently use a nonce to add randomness.

278
Q

Non-persistence

A

A method used in virtual desktops for changes made by a user are not saved. Most (or all) users have the same desktop. When users log off, the desktop reverts to its original state.

279
Q

Non-repudiation

A

The ability to prevent a party from denying an action. Digital signatures and access slots provide non-repudiation.

280
Q

Normalization

A

The process of organizing tables and columns in a database. Normalization reduces redundant data and improves overall database performance.

281
Q

nslookup

A

A command-line tool used to test DNS on Microsoft systems.

282
Q

NTLM

A

New technology LAN manager

A suite of protocols that provide confidentiality, integrity, and authentication with and Windows systems. Versions include NTLM, NTLMv2, and NTLM to session.

283
Q

OAuth

A

An open source standard used for authorization with Internet-based single sign-on solutions.

284
Q

Obfuscation

A

An attempt to make something unclear or difficult to understand. Steganography methods used obfuscation to hide data within data.

285
Q

OCSP

A

Online Certificate Status Protocol.

An alternative to using a CRL. It allows entities to query a CA with the serial number of a certificate. The CA answers with good, revoked, or unknown.

286
Q

onboarding

A

The process of granting individuals access to an organization’s computing resources after being hired. It typically includes giving the employee a user account with appropriate permissions.

287
Q

Open

A

A wireless mode that doesn’t use security.

288
Q

OpenID Connect

A

An open source standard used for identification on the Internet. It is typically used with OAuth and it allows clients to verify the identity of end users without managing their credentials.

289
Q

open-source intelligence

A

A method of gathering data using public sources, such as social media sites and news outlets.

290
Q

order of volatility

A

A term that refers to the order in which you should collect evidence. For example, data in memory is more volatile than data on a disk drive, so it should be collected first.

291
Q

out-of-band

A

A configuration that allows a device to collect traffic without the traffic passing through it. Sometimes called passive.

292
Q

P7B

A

PKCS#7

A common format for PKI certificates. They are DER-based (ASCII) and commonly used to share public keys.

293
Q

P12

A

PKCS#12

A common format for PKI certificates. They are CER-based (binary) and often hold certificates with the private key. They are commonly encrypted.

294
Q

Paas

A

Platform as a Service

A cloud computing model that provides cloud customers with a preconfigured computing platform they can use as needed.

295
Q

PAP

A

Password Authentication Protocol

An older authentication protocol where passwords or PINs are sent across the network in a cleartext.

296
Q

Passive reconnaissance

A

A penetration testing method used to collect information. It typically uses open-source intelligence.

297
Q

Pass the hash

A

A password attack that captures and uses the hash of a password. It attempts to log on as a user with the cash and is commonly associated with the Microsoft NTLM protocol.

298
Q

Password cracker

A

The tool used to discover passwords.

299
Q

Patch management

A

The process used to keep systems up-to-date with current patches. It typically includes evaluating and testing patches before deploying them.

300
Q

PBKDF2

A

Password-based key derivation function 2

Achy stretching technique that adds additional bits to password as a salt. It helps prevent brute force and rainbow table attacks.

301
Q

PEAP

A

Protected extensible authentication protocol

An extension of EAP sometimes used with 802.1x. PEAP requires a certificate on the 802.1x server.

302
Q

PEM

A

Privacy enhanced mail

A common format PKI certificates. It can use either CER (ASCII) or DER (binary) formants and can be used for almost any type of certificates.

303
Q

Penetration testing

A

A method of testing targeted systems to determine if vulnerabilities can be exploited. Penetration tests are intrusive.

304
Q

Perfect forward secrecy

A

The characteristic of encryption keys ensuring that keys are random. Perfect forward secrecy methods do not use deterministic algorithms.

305
Q

Permanent agent

A

A NAC agent that is installed on a client. It checks the client for health.

  • Compare with dissolvable agent.
306
Q

Permission auditing review

A

An audit that analyzes to use her privileges. Identifies the privileges (rights & permissions) granted to users, in comparison against what the users need.

307
Q

PFX

A

Personal Information Exchange

A common format for PKI certificates. It is the predecessor to P12 certificates.

308
Q

PHI

A

Personal Health Information

PII that includes health information.

309
Q

Phishing

A

The practice of sending email to users with the purpose of tricking them into revealing personal information or clicking on a link.

310
Q

Physical Controls

A

Security controls that you can physically touch.

311
Q

PII

A

Personally Identifiable Information

Information about individuals that can be used to trace a person’s identity, such as full name, birthdate, biometric data, and more.

312
Q

Ping

A

A command-line tool used to test connectivity with remote systems.

313
Q

Pinning

A

A security mechanism used by some websites to prevent website and personation. Websites provide clients with a key hashes. Clients store the list and use it to validate the website.

314
Q

PIV

A

Personal identity verification card.

A specialized type of smart card used by U.S. federal agencies. It includes photo identification and provides confidentiality, integrity, indication, and non-repudiation.

315
Q

Pivot

A

One of the steps and penetration testing. After escalating privileges, the tester uses additional tools to gain additional information on the exploited computer or on the network.

316
Q

Plaintext

A

Text displayed in a readable format. Encryption converts plain text to ciphertext.

317
Q

Pointer dereference

A

A programming practice that uses a pointer to dereference a memory area. I failed do you reference operation can corrupt memory and sometimes even cause an application to crash.

318
Q

POP3

A

Post office protocol version 3

A protocol used to transfer email from mail servers to clients.

319
Q

Port mirror

A

A monitoring port on a switch. All traffic going through the switch is also sent to the port mirror.

320
Q

Preventative controls

A

Security controls that attempt to prevent a security incident from occurring.

321
Q

Privacy impact assessment

A

And assessment used to identify and reduce risks related to potential loss of PII.

322
Q

Privacy threshold assessment

A

An assessment used to help identify if a system is processing PII.

323
Q

Private data

A

Information about an individual that should remain private.

Personally identifiable information PII and personal health information PHI aretwo examples.

324
Q

Private key

A

Part of a matched key pair used in asymmetric encryption. The private key always stays private.

325
Q

Privilege escalation

A

The process of gaining elevated rights and permissions. Malware typically uses a variety of techniques to gain elevated privileges.

326
Q

Privileged account

A

An account with elevated privileges, such as an administrator account.

327
Q

Proprietary data

A

Data that is related to ownership. Common examples are information related to patents or trade secrets.

328
Q

Protocol analyzer

A

A tool used to capture off network traffic. Both professionals and attackers to use protocol analyzers to examine packets. A protocol analyzer can be used to view data sent in clear text.

329
Q

Proximity cards

A

Small credit card-sized cards that activate when they are in close proximity to a card reader. They are often used by authorized personnel to open doors.

330
Q

Proxy/proxies

A

A server (or servers) used to forward request for services such as HTTP or HTTPS.

A forward proxy server forwards internal clients to external servers. A reverse proxy accepts requests from the Internet and forwards them to an internal web server.
A transparent proxy does not modify request, but non-transparent Proxies include URL filters. An application proxy is used for a specific application, the most proxy servers are used for multiple protocols.

331
Q

PSK

A

Pre-shared key

A wireless mode that uses a pre-shared key (similar to a password or passphrase) for security.

332
Q

Public data

A

Data that is available to anyone. It might be in brochures, and press releases, or on websites.

333
Q

Public key

A

Part of a matched key pair used in asymmetric encryption. The public key is publicly available.

334
Q

PKI

A

Public key infrastructure

A group of technologies used to request, create, manage, store, distribute, and revoke digital certificates.

335
Q

Pulping

A

A process that is performed after shredding papers. It reduces the shredded paper to a mash or purée.

336
Q

Pulverizing

A

A process used to physically destroy items such as optical discs that aren’t erased by a degaussing.

337
Q

Purging

A

A general sanitation term indicating that all sensitive data has been removed from a device.

338
Q

Push notification services

A

The services that send messages to multiple devices.

339
Q

Qualitative risk assessment

A

A risk assessment that uses judgment to categorize risks. It is based on impact and likelihood of occurrence.

340
Q

Quantitative risk assessment

A

A risk assessment that uses specific monetary amounts to identify cost and asset value. It then uses the SLE and ARO to calculate the ALE.

341
Q

Race condition

A

The programming flaw that occurs when two sets of code attempt to access the same resource. The first one to access the resource wins, which can result in inconsistent results.

342
Q

RADIUS

A

Remote authentication dial-in user service

And authentication service that provides central authentication for remote access clients. Alternatives are TACACS+ and diameter.

343
Q

RAID

A

Redundant array of inexpensive disks

Multiple disks added together to increase performance or provide protection against faults common types include RAID-1, RAID-5, RAID-6, and RAID-10.

344
Q

Rainbow table

A

A file containing precomputed hashes for character combinations. Rainbow tables are used to discover passwords. PBKDF2 and Bcrypt thwart rainbow table attacks.

345
Q

Ransomware

A

A type of malware used to extort money from individuals and organizations. Ransomware typically encrypts the user’s data and demands a ransom before decrypting the data.

346
Q

RAT

A

Remote access Trojan

Malware that allows an attacker to take control of the system from a remote location.

347
Q

RC4

A

A symmetric stream cipher that can use between 40 and 2,048 bits. Experts consider it cracked and recommend using stronger alternatives.

348
Q

Record time offset

A

An offset used by recorders to identify times on recordings. If you know when the recording started, you can use the offset to identify the actual time at any point in the recording.

349
Q

Recovery site

A

An alternate location for business functions after a major disaster.

350
Q

Redundancy

A

The process of adding duplication to critical system components and networks to provide fault tolerance.

351
Q

Refactoring

A

A driver manipulation method. Developers rewrite the code without changing the driver’s behavior.

352
Q

Remote wipe

A

The process of sending a signal to a remote device to erase all data. It is useful when a mobile device is lost or stolen.

353
Q

Replay attack

A

An attack where the data is captured and replayed. Attackers typically modify data it before replaying it.

354
Q

Resource exhaustion

A

The malicious result of many DoS and DDoS attacks. The attack overloads a computers resources such as the processor and memory, resulting in service interruption.

355
Q

Retina scanners

A

Biometric systems that scan the retina of an eye for authentication.

356
Q

RFID attacks

A

Attacks against radio-frequency identification (RFID) systems. Some common RFID attacks are eavesdropping, replay and DoS.

357
Q

RIPEMD

A

RACE Integrity Primitives Evaluation Message Digest. A hash function used for integrity. It creates-fixed-length hashes of 128, 160, 256, or 320 bits.

358
Q

Risk

A

The possibility or likelihood of a threat exploiting a vulnerability resulting in a loss.

359
Q

Risk assessment

A

A process used to identify and prioritize risks. It includes quantitative risk assessments and qualitative risk assessments.

360
Q

Risk management

A

The practice of identifying, monitoring, and limiting risks to manageable levels. It includes risk response techniques, qualitative risk assessments, and quantitative risk assessments.

361
Q

Risk mitigation

A

The process of reducing risk by implementing controls. Security controls reduce risk by reducing vulnerability is associated with a risk, or by reducing the impact of a threat.

362
Q

Risk register

A

A document listing information about risks. It typically includes risk scores along with the recommended security controls to reduce the risk scores.

363
Q

Risk response techniques

A

Methods used to manage risks. Common risk response techniques are accept, transfer, avoid, and mitigate.

364
Q

rouge AP

A

An unauthorized AP. It can be placed by an attacker or an employee who hasn’t obtained permission to do so.

365
Q

role-BAC

A

Role-based access control. An access control model that uses rules based on jobs and functions to define access. It is often implemented with groups (providing group-based privileges).

366
Q

Root certificate

A

a PKI certificate identifying a root CA.

367
Q

rooting

A

The process of modifying an Android device, giving the user root-level, or administrator, access.

368
Q

rootkit

A

A type of malware that has system-level access to a computer. Root kits are often able to hide themselves from users and antivirus software.

369
Q

ROT13

A

A substitution cipher that uses a key of 13. To encrypt a message, you would rotate each letter 13 spaces. To decrypt a message, you would rotate each letter 13 spaces.

370
Q

Round-robin

A

A scheduling method used with load balancers. It redirects each client request to servers in a predetermined order.

371
Q

Router

A

A network device that connects multiple network segments together into a single network. They route traffic based on the Destination IP address is and do not pass broadcast traffic. Routers use ACLs.

372
Q

RPO

A

Recovery Point Objective

A term that refers to the amount of data you can afford to lose by identifying a point in time where data loss is acceptable. It is often identified in a BIA.

373
Q

RSA

A

Rivest, Shamir, and Adleman.

An asymmetric algorithm used to encrypt data and digitally sign transmissions.

It is named after its creators: Rivest, Shamir, and Adleman.

374
Q

RSTP

A

Rapid Spanning Tree Protocol

An improvement of STP to prevent switching loop problems.

375
Q

RTO

A

Recovery Time Objective

The maximum amount of time it should take to restore a system after an outage. It is derived from the maximum allowable outage time identified in the BIA.

376
Q

Rule-BAC

A

Rule-Based Access Control

An Access control model that uses rules to define access. Rule-based access control is based on a set of approved instructions, such as an access control list, or rules that trigger in response to an event, such as modifying ACL’s after detecting an attack.

377
Q

Runtime code

A

Code that is interpreted when it is executed.

378
Q

Saas

A

Software as a Service

A cloud computing model that provides applications over the Internet. Web mail is an example of a cloud-based topology.

  • compare with IaaS & PaaS
379
Q

salt

A

A random set of data added to a password when creating the hash.

PBKDF2 and bcrypt are two protocols that use salts.

380
Q

SAML

A

Security Assertion Markup Language

An XML-based standard used to exchange authentication and authorization information between different parties. SAML provides SSO for web-based applications.

381
Q

sandboxing

A

The use of an isolated area on a system, typically for testing. Virtual machines are often used to test patches in an isolated sandbox. Application developers sometimes use the chroot command to change the root directory creating a sandbox.

382
Q

Sanitize

A

The process of destroying or removing all sensitive data from systems and devices.

Data sanitization methods include burning, shredding, pulping, pulverizing, degaussing, purging, and wiping.

383
Q

SATCOM

A

Satellite communications

A communication system that allows devices to connect to a satellite for communications. Many cars include satellite communication capabilities.

384
Q

SCADA

A

Supervisory control and data acquisition

A system used to control an ICS such as a power plant or water treatment facility.

Ideally a SCADA is within an isolated network.

385
Q

Screen filter

A

A physical security device used to reduce visibility of a computer screen. Screen filters help prevent shoulder surfing.

386
Q

Script kiddie

A

An attacker with little expertise or sophistication. Script kiddies use existing scripts to launch attacks.

387
Q

SDN

A

Software Defined Network

A method of using software and virtualization technologies to replace hardware routers. SDNs separate the data and control planes.

388
Q

secure boot

A

A process that checks and validated system files during the boot process. A TPM typically uses a secure boot process.

389
Q

secure DevOps

A

A software development process using an agile-aligned methodology. It considers security through the lifetime of the project.

390
Q

Security incident

A

An adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization’s information technology (IT) systems and data.

391
Q

SED

A

Self-encrypting Drive.

A drive that includes the hardware and software necessary to encrypt from controlling all the functions of a critical or sensitive process.

*It is designed to prevent fraud, theft, and errors.

392
Q

Service account

A

An account used by a service or application.

393
Q

Session hijacking

A

An attack that attempts to impersonate a user by capturing and using a session ID. Session IDs are stored in cookies.

394
Q

SFTP

A

Secure File Transfer Protocol

An extension of secure shell (SSH) used to encrypt FTP traffic. SFTP transmits data using TCP port 22.

395
Q

SHA

A

Secure Hash Algorithm

A hashing function used to provide integrity. Versions include SHA-1, SHA-2, and SHA-3.

396
Q

Shibboleth

A

An open source federated identity solution.

397
Q

Shimming

A

A driver manipulation method

It uses additional code to modify the behavior of a driver.

398
Q

Shoulder surfing

A

The practice of looking over someone’s shoulder to obtain information, such as on a computer screen.

*A screen filter placed over a monitor helps reduce the success of shoulder surfing.

399
Q

Shredding

A

A method of destroying data or sanitize media.

  • Cross-Cut paper shredders cut papers into fine particles.
  • File shredders remove all remnants of a file by overwriting the contents multiple times.
400
Q

Sideloading

A

The process of copying an application package to o a mobile device. It is useful for developers when testing apps, but can be risky if users side load unauthorized apps to their device.

401
Q

SIEM

A

Security Information & Event Management

A security system that attempts to look at security events throughout the organization.

402
Q

Signature-based

A

A type of monitoring used on intrusion detection and intrusion prevention systems. It detects attacks based on known attack patterns documented as attack signatures.

403
Q

Single point of failure

A

A component within a system that can cause the entire system to fail if the component fails.

404
Q

SLA

A

Service level agreement

An agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels.

405
Q

SLE

A

Single loss expectancy

The monetary value of any single loss. It is used to measure risk with ALE & ARO in a quantitative risk assessment.

the calculation is SLE x ARO = ALE .

406
Q

Smart card

A

A credit card-sized card that has an embedded microchip and a certificate. It is used for authentication in the something you have factor of authentication.

407
Q

S/MIME

A

Secure/multipurpose Internet mail extensions

A popular standard used to secure email.

  • provides confidentiality, integrity, authentication, and non-repudiation.
408
Q

SMS

A

Short message service

A basic text messaging service.

409
Q

Snapshot

A

A copy of a virtual machine VN at a moment in time. If you later have problems with the VM, you can revert it to the state it was in when you took this snapshot. Some back up programs also use snapshots to create a copy of data at a moment in time.

410
Q

SNMPv3

A

Simple network management protocol version 3

A protocol used to monitor and manage network devices such as routers and switches.

411
Q

SoC

A

System on a chip. An integrated circuit that includes a computing System within the hardware. Many mobile devices include an SoC.

412
Q

Social engineering

A

The practice of using social tactics to gain information. Social engineers attempt to gain information from people, or get people to do things they wouldn’t normally do.

413
Q

Something you are

A

In authentication factor using biometrics, such as a fingerprint scanner.

414
Q

Something you do

A

An authentication factor including action, such as gestures on a touchscreen.

415
Q

Something you have

A

An authentication factor using something physical, such as a smart card or token.

416
Q

Something you know

A

An authentication factor indicating knowledge, such as a password or PIN.

417
Q

Somewhere you are

A

An authentication factor indicating the location, often using Geo location technologies.

418
Q

Spam

A

Unwanted or unsolicited email. Attackers often launch attacks using spam.

419
Q

Spam filter

A

A method of blocking unwanted email. By blocking email, it often blocks malware.

420
Q

Spear phishing

A

The targeted form of phishing. Spear phishing attacks attempt to target specific groups of users, such as those within a specific organization, or even a single user.

421
Q

Split tunnel

A

An encrypted connection used with VPNs. A split tunnel only encrypts traffic going to private IP address is used in the private network.

422
Q

Spyware

A

Software installed on users systems without their awareness or consent. Its purpose is often to monitor the users computer and the users activity.

423
Q

SRTP

A

Secure real-time transport protocol

A protocol used to encrypt and provide authentication for real-time transport protocol RTP traffic. RTP is used for audio/video streaming

424
Q

SSH

A

Secure shell. A protocol used to encrypt network traffic. SSH encrypts a wide variety of traffic such as SFTP.

*SSH uses TCP port 22

425
Q

SSID

A

Service set identifier

The name of a wireless network. SSIDs can be set to broadcast the service so users can easily see it. Disabling SSID broadcast hides it from casual users.

426
Q

SSL

A

Secure Sockets Layer

The predecessor to TLS. SSL is used to encrypt data-in-transit with the use of certificates.

427
Q

SSL descriptors

A

Devices used to create separate SSL (or TLS) sessions. They allow other security devices to examine encrypted traffic sent to and from the Internet.

428
Q

SSL/TLS accelerators

A

Devices used to handle TLS traffic. Service can off-load TLS traffic to improve performance.

429
Q

SSO

A

Single sign-on

An authentication method where users can access multiple resources on a network using a single account.

*SSO can provide central authentication.

430
Q

SOPs

A

Standard operating procedures

A document that provides step-by-step instructions on how to perform common tasks or routine operations.

431
Q

Stapling

A

The process of appending a digitally signed OCSP response to a certificate. It reduces the overall OCSP traffic sent to a CA.

432
Q

STARTTLS

A

A command (NOT an acronym) used to upgrade an unencrypted connection to an encrypted connection on the same port.

433
Q

Steganography

A

The practice of hiding data within data.

434
Q

Storage Segmentation

A

A method used to isolate data on mobile devices. It allows personal data to be stored in one location and encrypted corporate data to be stored elsewhere.

435
Q

Stored Procedures

A

A group of SQL statements that execute as a whole, similar to a mini-program. Developers use stored procedures to prevent SQL injection attacks.

436
Q

STP

A

Spanning Tree Protocol

A protocol enabled on most switches that protects against switching loops. A switching loop can be caused if two ports of a switch are connected.

437
Q

Substitution Cipher

A

An encryption method that replaces characters with other characters.

438
Q

Stream Cipher

A

An encryption method that encrypts data as a stream of bits or bytes.

439
Q

Supply Chain Assessment

A

An evaluation of the supply chain needed to produce and sell a product.

It includes raw materials and all the process required to create and distribute a finished product.

440
Q

Switch

A

A network device used to connect devices.

  • Layer 2 switches send traffic to ports based on their MAC addresses.
  • Layer 3 switches send traffic to ports based on their IP addresses and support VLANS.
441
Q

Symmetric Encryption

A

A type of encryption using a single key to encrypt and decrypt data.

442
Q

System Sprawl

A

A vulnerability that occurs when an organization has more systems than it needs, and systems it owns are underutilized.

443
Q

Tabletop Exercise

A

A discussion-based exercise where participants talk through an event while sitting at a table or in a conference room.

It is often used to test business continuity plans.

444
Q

TACACS+

A

Terminal Access Controller Access-Control System Plus

An authentication service that provides central authentication for remote access clients.

It can be used as an alternative to RADIUS

445
Q

Tailgating

A

A social engineering attack where one person follows behind another person without using credentials.

Mantraps helps prevent tailgating.

446
Q

Taps

A

Monitoring ports on a network device.

IDSs use taps to capture traffic.

447
Q

tcpdump

A

A command-line protocol analyzer. Administrators use it to capture packets.

448
Q

Technical Controls

A

Security controls implemented through technology.

449
Q

Tethering

A

The process of sharing an Internet connection from one mobile device to another.

450
Q

Thin AP

A

An AP that is managed by a controller.

Sometimes called a controller-based AP.

451
Q

Third-Party App Store

A

An App Store other than the primary source for mobile device apps.

It refers to an App Store other than the App Store or Google Play for Apple and Android devices, respectively.

452
Q

Threat

A

Any circumstance or event that has the potential to compromise confidentiality, integrity, or availability.

453
Q

Threat Assessment

A

An evaluation of potential threats.

Common types are:

  • Environmental
  • Manmade
  • Internal
  • External
454
Q

Time-of-Day restrictions

A

An account restriction that prevents users from logging on a certain times.

455
Q

TKIP

A

Temporal Key Integrity Protocol

A legacy wireless security protocol.

  • CCMP is the recommended replacement.
456
Q

ISAKMP

A

Internet Association & Key Management Protocol

Defines the framework for key exchange and authentication that is required for internet protocol security (IPSec).

457
Q

IKE/IKEv2

A

Internet Key Exchange Version 2

The protocol used by IPSec to exchange keys and establish and maintain SAs.

458
Q

ESP

A

Encapsulating Security Payloads

Is used to encrypt the data being transmitted.

459
Q

TLS

A

Transport Layer Security

Used to encrypt data-in-transit.

  • The replacement for SSL.
460
Q

Token

A

An authentication device or file.

  • A hardware token is a physical device used in the something you have factor of authentication.
  • A software token is a small file used by authentication services indicating a user has logged on.
461
Q

TOTP

A

Time-based One Time Password

An open source standard similar to HOTP. It used a time stamp instead of a counter.

  • One Time Passwords expire after 30 seconds.
462
Q

TPM

A

Trusted Platform Module

A hardware chip on the motherboard included with many laptops and some mobile devices. It provides full disk encryption.

463
Q

tracert

A

A command-line tool used to trace the route between two systems.

464
Q

Transitive Trust

A

An indirect trust relationship created by two or more direct trust relationships.

465
Q

Trojan

A

Malware aka Trojan Horse.

  • a Trojan often looks useful, but it’s malicious.
466
Q

Trusted Operating System

A

An operating system that is configured to meet a set of security requirements.

  • It ensures that only authorized personnel can access data based on permissions.
467
Q

Twofish

A

A symmetric key block cipher.

  • It encrypts data in 128-bit blocks and supports 128-, 192-, or 256-bit keys.
468
Q

Type I Hypervisors

A

A virtualization technology. They run directly on the system hardware. They don’t need to run within an operating system.

  • aka bare-metal hypervisors
469
Q

Type II Hypervisors

A

A virtualization technology. They run as a software within a host operating system. The Microsoft Hyper-V hypervisor runs within a Microsoft operating system to host VMs.

470
Q

Typo Squatting

A

The purchase of a domain name that is close to a legitimate domain name. Attackers often try to trick users who inadvertently use the wrong name.

  • aka URL hijacking
471
Q

UAVs

A

Unmanned aerial vehicle

Flying vehicles piloted by remote control or onboard computers.

472
Q

UEFI

A

Unified Extensible Firmware Interface

A method used to boot systems and intended to replace Basic Input/Output System (BIOS) firmware.

473
Q

URL Hijacking

A

The purchase of a domain name that is close to a legitimate domain name. Attackers often try to trick users who inadvertently use the wrong domain name.

  • aka typo squatting
474
Q

USB OTG

A

Universal Serial Bus On-The-Go

A cable used to connect mobile devices to other devices. It is one of many methods that you can use to connect to a mobile device to external media.

475
Q

Use Case

A

A methodology used in system analysis and software engineering to identify and clarify requirements to achieve a goal.

476
Q

UTM

A

Unified Threat Management

A group of security controls combined in a single solution.

  • UTM appliances can inspect data streams for malicious content and block it.
477
Q

VDI/VDE

A

Virtual Desktop Infrastructure / Virtual Desktop Environment

Users access a server hosting virtual desktops and run the desktop operating system from the server.

478
Q

Vendor Diversity

A

The practice of implementing security controls from different vendors to increase security.

479
Q

Version Control

A

A method of tracking changes to software as it is updated.

480
Q

Virtualization

A

A technology that allows you to host multiple virtual machines on a single physical system. Different types include Type I, Type II, and application cell/ container virtualization.

481
Q

Virus

A

Malicious code that attaches itself to a host application. The host application must be executed to run, and the malicious code executed when the host application is e executed.

482
Q

VLAN

A

Virtual Local Area Network

A method of segmenting traffic. A VLAN logically groups several different computers together without regard to their physical location.

483
Q

VM escape

A

An attack that allows an attacker to access the host system from within a virtual machine.

*The primary protection is to keep hosts and guests up to date with current patches.

484
Q

VM Sprawl

A

A vulnerability that occurs when an organization has many VMs that aren’t properly managed. Unmanaged VMs are not kept up to date with current patches.

485
Q

Voice Recognition

A

A biometric method that identifies who is speaking using speech recognition methods to identify different acoustic features.

486
Q

VPN

A

Virtual Private Network

A method that provides access to a private network over a public network such as the Internet.

  • VPN Concentrators are dedicated devices used to provide VPN access to large group of users.
487
Q

Vulnerability

A

A weakness.

It can be a weakness in the hardware, the software, the configuration, or even the users operating the system.

488
Q

Vulnerability Scanner

A

A tool used to detect vulnerabilities.

A scan typically identifies vulnerabilities, misconfigurations, and a lack of security controls. It PASSIVELY tests security controls.

489
Q

Warm Site

A

An alternate location for operations. A compromise between an expensive hot site and a cold site.

490
Q

Waterfall

A

A software development life cycle model using a top-down approach. It uses multiple stages with each stage starting after the previous stage is complete.

491
Q

Watering Hole Attack

A

An attack method that infects web sites that a group is likely to trust and visit.

492
Q

Wearable Technology

A

Smart devices that a person can wear or have implemented.

493
Q

Web Application Firewall (WAF)

A

A firewall specifically designed to protect a web application, such as a web server. A WAF inspects the contents of traffic to a web server and can detect malicious content, such as code used in a cross-scripting attack, and block it.

494
Q

Whaling

A

A form of spear phishing that attempts to target high-level executives. When successful, attackers gain confidential company information that they might not be able to get anywhere else.

495
Q

White Box Test

A

A type of penetration test.

Testers HAVE FULL KNOWLEDGE of the environment prior to starting the test.

496
Q

WI-FI Direct

A

A standard that allows devices to connect without a wireless access point.

497
Q

Wildcard Certificate

A

A certificate that can be used for multiple domains with the same root domain.

  • It starts with an asterisk ( * )
498
Q

Wiping

A

The process of completely removing all remnants of data on a disk. A bit-level overwrite writes patterns of 1s & 0s multiple times to ensure data on a disk is unreadable.

499
Q

Wireless Scanners

A

A network scanner that scans wireless frequency bands. Scanners can help discover rogue APs and crack passwords by wireless APs.

500
Q

Worm

A

Self-replicating malware that travels through a network.

Worms DON’T need user interaction to execute.

501
Q

WPA

A

Wi-Fi Protected Access

A legacy wireless security protocol. It has been superseded by WPA2.

502
Q

WPA2

A

Wi-Fi Protected Access II

A wireless security protocol. It supports CCMP for encryption, which is based on AES.
It can use Open mode, a pre-shared key, or Enterprise mode.

503
Q

WPS

A

Wi-Fi Protected Setup

A method that allows users to easily configure a wireless network, often by using only a PIN.

WPS brute force attacks can discover the PIN.

504
Q

WPS attack

A

An attack against an AP.

A WPS attack discovers the eight-digit WPS PIN and uses it to discover the AP passphrase.

505
Q

XML

A

Extensible Markup Language

A language used by many databases for inputting or exporting data. XML uses formatting rules to describe the data.

506
Q

XOR

A

A logical operation used in some encryption schemes.

XOR operations compare two inputs.

  • If the two inputs are the same, it outputs True.
  • If the two inputs are different, it outputs False.
507
Q

Zero-Day Vulnerability

A

A vulnerability of bug that is unknown to trusted sources but can be exploited by attackers.

Zero-day attacks take advantage of zero-day vulnerabilities.

508
Q

MAC

acronym pertaining to email programs

A

Message authentication code

Provides integrity similar to how a hash is used.