C Flashcards
CAM Table
Maps MAC addresses to IP address, allowing a switch to send traffic to the correct port.
Capture The Flag
An exercise that pits technologists against one another in an attempt to attack a system and achieve a specific goal, such as stealing a sensitive file. 8
Card Cloning Attack
A kind of attack that focuses on capturing information from cards like RFID and magstripe cards often used for entry access. 8
Carrier unlocking
Allows mobile phones to be used with other cellular providers. 8
CCMP (Counter Mode With Cipher Block Chaining Message Authentication Code Protocol)
Encryption technology used in the WPA2 protocol. It implements AES (Advanced Encryption Standard) with a 128- bit key as a stream cipher. 8
Cellular
A kind of wireless connection that provides connectivity for mobile devices like cell phones by dividing geographic areas into “cells”, with tower coverage allowing wireless communications between devices and towers or cell sites. 8
Center For Internet Security (CIS)
An industry organization that publishes hundreds of benchmarks for commonly used platforms. 8
Centralized
Centralized approach to commuting places a significant portion of an organization’s infrastructure within a Single environment. 8
Centralized Proxy
Traffic is routed through the device. 9
Certificate
Certificates can be stored on a system or paired with a storage device or security token and are often used to identify systems or devices as well as individuals. 9
Certificate Authorities (CA)
CA are the glue that binds the public key infrastructure together. These neutral organizations offer notarization services for digital certificates. 9
Certificate Chaining
The use of a series of intermediate CAs in the certificate authority trust model. 9
Certificate Revocation List (CRL)
Used to ensure that the certificate was not revoked. 9
Certificate Signing Request (CSR)
Provides your public key to the certificate authority to create an X.509 digital certificate containing your identifying information and a copy of your public key. The CA then digitally signs the certificate using the CA’s private key and provides you with a copy of your signed digital certificate.
Certificate Stapling
This is an extension to the Online Certificate Status Protocol (OCSP) that relieves some of the burden placed upon certificate authorities by the original protocol. The web server contacts the OCSP server itself and receives a signed and timestamped response from the OCSP server, which it then attaches to the digital certificate. 9
Certification
The comprehensive evaluation, made in support of the accreditation process, of the technical and nontechnical security features of an IT system and other safeguards to establish the extent to which a particular design and implementation meets a set of specified security requirements.9
Chain of Custody
The process by which investigators document the handling of evidence from collection through use in court. 9
Challenge Handshake Authentication Protocol (CHAP)
A protocol that challenges a user or system to verify its identity without sending a secrete key over the network. 9
Change Management
Process that defines how the organization will review, approve, and implement proposed changes to information systems in a manner that manages both Cybersecurity and operational risk.9
Choose Your Own Device (CYOD)
The organization owns the device but allows the user to select and maintain it.
Chosen Plain Text
The attacker obtains the ciphertexts corresponding to a set of plain texts of their own choosing.
CIA Triad
The 3 essential security principles of confidentiality, integrity, and availability. 9
Cipher
A system that hides the true meaning of a message. Ciphers use a variety of techniques to alter and/or rearrange the characters or words of a message to achieve confidentiality. 9
Clean Desk Policy
A policy used to instruct workers how and why to clean off their desks at the end of each work period. In relation to security, such a policy has a primary goal of reducing disclosure of sensitive information. 10