C Flashcards
C2
Command and control
Servers that are centrally placed the hold control
instructions for illicitly managed hosts.
CA
Certificate Authority
This entity issues certificates. After verifying them, and
is the center of trust in PKI.
CAC
Common Access Card
A form of identification with photograph, barcode,
RFID and cryptographic storage of private key
information.
CAPTCHA
Completely Automated Public Turing to Tell
Computers and Humans Apart
This is intended to prevent rogue automated attempts at
access.
CAR
Corrective Action Report
A document generated when the defect or error has been
detected that has the goal of eliminating a reoccurrence.
CASB
Cloud Access Security
Broker
A software resource place between users and cloud
applications that monitors and enforces policy-based
access to cloud resources.
CBC
Cipher Block Chaining
Each plaintext block is XORed (see XOR) with the
immediately previous ciphertext block.
CBT
Computer-Based Training
Courseware or lessons that are delivered via a computer,
commonly used for at home and corporate training.
CCMP
Counter-Mode/CBC-Mac Protocol
Each plaintext block is XORed (see XOR) with the
immediately previous ciphertext block that includes a
message authentication code.
CCTV
Closed-circuit Television
Allows monitoring and recording of activities in an
area.
CER
Cross-over Error Rate
The point at which false acceptances are equal to false
rejection.
CER
Certificate
A generic term for a document that facilitates
authentication.
CERT
Computer Emergency Response Team
A multi-discipline group designated to handle IT
incidents.
CFB
Cipher Feedback
A mode of operation for a block cipher.
Chain of custody
Evidence control and management
The documentation of handling and protection of
evidence.
CHAP
Challenge Handshake Authentication Protocol
Commonly used by routers and has several derivatives
in use by Microsoft for authentication.
CIO
Chief Information Officer
The most senior official in an organization responsible
for the information technology and systems that support
enterprise.
CIRT
Computer Incident Response Team
A group that investigates and resolves IT security
problems.
CIS
Center for Internet Security
Its mission is to identify develop, promote, and lead the
world with regard to best practices for cybersecurity
solutions.
CMP
Change Management Policy
An organizational process designed to facilitate making
changes to organizational resources in such a way that
they are identifiable, auditable, and orderly.
CMS
Content Management System
These are applications that facilitate the creation,
editing, publishing and archival of web pages and
content.
CN
Common Name
An identifying name that may be applied to a directory
resource, such as a user, server, or other object.
COOP
Continuity of Operations Plan
Ensuring that vital and primary mission essential
functions continue to run, even in the face of
emergencies.
COPE
Corporate Owned, Personally Enabled
Smart phones owned by the organization, but approved
for personal use.
CP
Contingency Planning
Procedures to follow in the event of a catastrophic
incident, even though it may be unlikely.
CRC
Cyclical Redundancy Check
An error checking code, used in digital technology
primarily to identify accidental changes to data.
Crimeware
Cyber theft
A class of malware that automates malicious activity.
CRL
Certificate Revocation List
This is maintained by a certificate authority to identify
certificates associated with compromised or lost private
keys.
CSO
Chief Security Officer
This official is responsible for development, oversight,
mitigation and other risk strategies.
CSP
Cloud Service Provider
An organization that provides IaaS, PaaS or SaaS to an
array of customers.
An organization that provides cloud-based access to
infrastructure, storage and/or applications.
CSA
Cloud Security Alliance
A nonprofit organization that promotes best practices in
security for cloud-based computing.
CSIRT
Computer Security Incident Response Team
Information technology personnel whose purpose is to
prevent, manage and coordinate actions about security
incidents.
CSR
Certificate Signing Request
Created by an applicant seeking to gain a certificate
from an authority.
CSRF
Cross-site Request Forgery
An attack wherein a message is spoofed from a user to a
trusted site.
CSU
Channel Service Unit
A connecting device used to link an organization to
telco-based T-services
CTO
Chief Technology Officer
The executive person tasked with identifying useful
technology, IT strategies and partnerships.
CTOS
Centralized terminal operating system.
Legacy management.
CTR
Counter
This form of encryption is used by AES to perform
streaming encryption.
CVE
Common Vulnerabilities and Exposures
A database of known and published software flaws that
may impact security that is managed by MITRE.
CVSS
Common Vulnerability Scoring System
An empirical scheme for rating vulnerability severity
based upon specific aspects of the vulnerability,
environment, and nature of threats.
CYOD
Choose Your Own Device
In this mode of control and acquisition, an employee
chooses a device from a company provided list.
Ownership may be personal or organization.
