Card #51 - 100 Flashcards

1
Q

Authenticating

A

process of determining whether someone or something is who or what they declare to be, usually done by passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Authentication Header (AH)

A

a security mechanism used in authenticating the origins of datagrams, and in guaranteeing the integrity of the information that’s being send

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Authenticode

A

Microsoft standard for signing files and application including ActiveX controls and works with X.509 certificates and digital signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Authorization

A

process of giving someone permission to do or have something, occurs after Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Availability

A

data and services must be available when they are needed (availability is reached through methods such as redundancies and backups)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Back door

A

any method by which authorized and unauthorized users are able to get around normal security measures and gain high level user access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Backup

A

a copy of data and/or applications contained in the IT stored on magnetic media outside of the IT to be used in the event IT data are lost

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Backup power

A

UPS (uninterruptible power supply) gives power for a few minutes while generators are used for long-term power

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Bandwidth

A

relative speed of a network connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Behavior-based intrusion detection

A

references a baseline or learned pattern of normal system activity to identify active intrusion attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Biba security model

A

a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

BioAPI

A

standard being developed by IBM, Microsoft, Novell and others that will allow different manufacturers’ biometric software to interact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Biometrics

A

very secure type of authentication that uses anatomical and physiological characteristics to authenticate a user, “something you are”
ex. fingerprint, voice, palm, retina, iris, facial, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Birthday

A

a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Blended Threat

A

a sophisticated cyber attack that utilizes a mix of malicious code, computer viruses, worms or Trojan horses and exploits multiple software or hardware vulnerabilities known to the attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Blind FTP

A

allows a user to download files only if he or she knows the exact path and file name (user cannot browse the directory structure or list directory contents)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Blocking

A

the action or process of obstructing movement, progress, or activity in particular (block someone form your site)`

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Boot sector virus

A

virus that replicates itself into the master boot record of a flash drive or hard drive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Bots

A

remote control agents installed on your system, created to automatically perform specific operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Broadband

A

general term used to refer to high-speed network connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Browser hijacker

A

a malicious program that infects your Web browser and can change your home page or browser setting

22
Q

Browser setting

A

configuration strategy to manage the risk associated with active content while still enabling trusted sites

23
Q

Buffer Overflow

A

common type of denial-of-service attack that involves sending more traffic to a network address than the temporary data storage area is intended to hold, crashing the system

24
Q

Bug

A

a flaw produces an undesired outcome

25
Bystander
a person that witnesses bullying and does nothing about it
26
cable trap
a locking device that prevents unauthorized unplugging of cables from computer devices
27
Certificate
an electric document that typically contains a public key and personal user information
28
Certification
comprehensive evaluation of the technical and non-technical security features of an IT and other safeguards
29
Certification Authority (CA)
issues certificates to entities such as users, organizations, websites and other CAs. As long as CA can be considered a trustworthy authority, the certificates issued by it can be trusted as well
30
CGI (Common Gateway Interface)
an interface that allows communication between websites and applications
31
Chain of Custody
should be established as soon as evidence is collected and maintained throughout the lifetime of evidence
32
CHAP (Challenge-Handshake Authentication Protocol)
an identity checking protocol that periodically re-authenticates the user during an online session
33
CIA Triad
Confidentiality, Integrity, Availability
34
Ciphertext
what encryption algorithms, or ciphers, transform an original message into
35
Circuit-level firewall
operates on the transport layer of the OSI model. checks if the TCP and UDP messages used to established a connection meet certain criteria
36
Clear signing
digital signature is added to the messages as a separate attachment while the message itself remains in clear text
37
Coaxial
a type of shielded and insulated copper cable that is used in computer networks and to deliver cable TV services to end users. physically strong and rigid and provides relatively good shielding against EMI and crosstalk
38
Cognitive password
a form of knowledge-based authentication that requires a user to answer a question, presumably something they intrinsically know, to verify their identity.
39
Cold site
a backup facility that has the necessary electrical and physical components of a computer facility, but not physical computer equipments
40
Campanion viruses
an old type of virus that poses as a legitimate file by copying its file name but uses a different extension. doesn't modify files
41
Computer network
computers connected together for the purpose of sharing information and resources
42
computer virus
a software program capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer
43
Confidentiality
implemented to prevent the unauthorized disclosure of data. secret
44
Configuration management
process of keeping track of changes to the system
45
Contingency Plan
plan for emergency response, back up operations, and post-disaster recovery
46
Cookie
pieces of information generated by a Web server and stored in the user's computer, ready for future access. allow for user-side customization of Web information
47
Copyright
the exclusive legal rights given to an originator
48
Countermeasures
action, device, procedure, technique or other measure that reduces the vulnerability of an information system
49
Crackers
someone with malicious intentions who gains unauthorized access to network or software
50
CRAM (Challenge-Response Authentication Mechanism)
two-level scheme for authenticating network users that functions as part of the Web's Hypertext Transfer Protocol