Card #51 - 100

Question 1

Authenticating

Answer 1

process of determining whether someone or something is who or what they declare to be, usually done by passwords

Question 2

Authentication Header (AH)

Answer 2

a security mechanism used in authenticating the origins of datagrams, and in guaranteeing the integrity of the information that’s being send

Question 3

Authenticode

Answer 3

Microsoft standard for signing files and application including ActiveX controls and works with X.509 certificates and digital signatures

Question 4

Authorization

Answer 4

process of giving someone permission to do or have something, occurs after Authentication

Question 5

Availability

Answer 5

data and services must be available when they are needed (availability is reached through methods such as redundancies and backups)

Question 6

Back door

Answer 6

any method by which authorized and unauthorized users are able to get around normal security measures and gain high level user access

Question 7

Backup

Answer 7

a copy of data and/or applications contained in the IT stored on magnetic media outside of the IT to be used in the event IT data are lost

Question 8

Backup power

Answer 8

UPS (uninterruptible power supply) gives power for a few minutes while generators are used for long-term power

Question 9

Bandwidth

Answer 9

relative speed of a network connection

Question 10

Behavior-based intrusion detection

Answer 10

references a baseline or learned pattern of normal system activity to identify active intrusion attempts

Question 11

Biba security model

Answer 11

a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity

Question 12

BioAPI

Answer 12

standard being developed by IBM, Microsoft, Novell and others that will allow different manufacturers’ biometric software to interact

Question 13

Biometrics

Answer 13

very secure type of authentication that uses anatomical and physiological characteristics to authenticate a user, “something you are”
ex. fingerprint, voice, palm, retina, iris, facial, etc.

Question 14

Birthday

Answer 14

a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory

Question 15

Blended Threat

Answer 15

a sophisticated cyber attack that utilizes a mix of malicious code, computer viruses, worms or Trojan horses and exploits multiple software or hardware vulnerabilities known to the attacker

Question 16

Blind FTP

Answer 16

allows a user to download files only if he or she knows the exact path and file name (user cannot browse the directory structure or list directory contents)

Question 17

Blocking

Answer 17

the action or process of obstructing movement, progress, or activity in particular (block someone form your site)`

Question 18

Boot sector virus

Answer 18

virus that replicates itself into the master boot record of a flash drive or hard drive

Question 19

Bots

Answer 19

remote control agents installed on your system, created to automatically perform specific operations

Question 20

Broadband

Answer 20

general term used to refer to high-speed network connections

Question 21

Browser hijacker

Answer 21

a malicious program that infects your Web browser and can change your home page or browser setting

Question 22

Browser setting

Answer 22

configuration strategy to manage the risk associated with active content while still enabling trusted sites

Question 23

Buffer Overflow

Answer 23

common type of denial-of-service attack that involves sending more traffic to a network address than the temporary data storage area is intended to hold, crashing the system

Question 24

Bug

Answer 24

a flaw produces an undesired outcome

Question 25

Bystander

Answer 25

a person that witnesses bullying and does nothing about it

Question 26

cable trap

Answer 26

a locking device that prevents unauthorized unplugging of cables from computer devices

Question 27

Certificate

Answer 27

an electric document that typically contains a public key and personal user information

Question 28

Certification

Answer 28

comprehensive evaluation of the technical and non-technical security features of an IT and other safeguards

Question 29

Certification Authority (CA)

Answer 29

issues certificates to entities such as users, organizations, websites and other CAs. As long as CA can be considered a trustworthy authority, the certificates issued by it can be trusted as well

Question 30

CGI (Common Gateway Interface)

Answer 30

an interface that allows communication between websites and applications

Question 31

Chain of Custody

Answer 31

should be established as soon as evidence is collected and maintained throughout the lifetime of evidence

Question 32

CHAP (Challenge-Handshake Authentication Protocol)

Answer 32

an identity checking protocol that periodically re-authenticates the user during an online session

Question 33

CIA Triad

Answer 33

Confidentiality, Integrity, Availability

Question 34

Ciphertext

Answer 34

what encryption algorithms, or ciphers, transform an original message into

Question 35

Circuit-level firewall

Answer 35

operates on the transport layer of the OSI model. checks if the TCP and UDP messages used to established a connection meet certain criteria

Question 36

Clear signing

Answer 36

digital signature is added to the messages as a separate attachment while the message itself remains in clear text

Question 37

Coaxial

Answer 37

a type of shielded and insulated copper cable that is used in computer networks and to deliver cable TV services to end users. physically strong and rigid and provides relatively good shielding against EMI and crosstalk

Question 38

Cognitive password

Answer 38

a form of knowledge-based authentication that requires a user to answer a question, presumably something they intrinsically know, to verify their identity.

Question 39

Cold site

Answer 39

a backup facility that has the necessary electrical and physical components of a computer facility, but not physical computer equipments

Question 40

Campanion viruses

Answer 40

an old type of virus that poses as a legitimate file by copying its file name but uses a different extension. doesn’t modify files

Question 41

Computer network

Answer 41

computers connected together for the purpose of sharing information and resources

Question 42

computer virus

Answer 42

a software program capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer

Question 43

Confidentiality

Answer 43

implemented to prevent the unauthorized disclosure of data. secret

Question 44

Configuration management

Answer 44

process of keeping track of changes to the system

Question 45

Contingency Plan

Answer 45

plan for emergency response, back up operations, and post-disaster recovery

Question 46

Cookie

Answer 46

pieces of information generated by a Web server and stored in the user’s computer, ready for future access. allow for user-side customization of Web information

Question 47

Copyright

Answer 47

the exclusive legal rights given to an originator

Question 48

Countermeasures

Answer 48

action, device, procedure, technique or other measure that reduces the vulnerability of an information system

Question 49

Crackers

Answer 49

someone with malicious intentions who gains unauthorized access to network or software

Question 50

CRAM (Challenge-Response Authentication Mechanism)

Answer 50

two-level scheme for authenticating network users that functions as part of the Web’s Hypertext Transfer Protocol