Ch 11- Key Terms

Question 1

Network assessment

Answer 1

Objective review of an organization’s network infrastructure in terms of functionality and security capabilities, used to establish a baseline for future audits

Question 2

Network audit

Answer 2

Objective periodic review of an organization’s network infrastructure against an established baseline

Question 3

Hardening

Answer 3

Ensuring that a system or network is configured in such a way that reduces the risk of attack from either internal or external resources

Question 4

Penetration testing

Answer 4

Process of evaluating network security with a simulated attack on the network from both external and internal attackers

Question 5

Vulnerability assessment

Answer 5

Process used to identify and quantify any vulnerabilities in a network environment

Question 6

Data classification

Answer 6

Practice of sorting data into discrete categories that help define the access levels and type of protection required for that set of data

Question 7

Data encryption

Answer 7

Algorithmic scheme that secures data by scrambling into a code that is not readable by unauthorized resources

Question 8

Public key infrastructure (PKI)

Answer 8

Hierarchy of trusted security certificates issued to users or computing devices

Question 9

Certificate of authority (CA)

Answer 9

Entity that issues digital certificates and makes its public keys available to the intended audience to provide proof of its authenticity

Question 10

Plaintext

Answer 10

Unencrypted data

Question 11

Cipher text

Answer 11

Data that has been encrypted using a mathematical algorithm

Question 12

Symmetric encryption

Answer 12

Encryption mechanism that uses a single key to both encrypt and decrypt data

Question 13

Asymmetric encryption

Answer 13

Encryption mechanism that uses 2 different keys to encrypt and decrypt data

Question 14

Public key

Answer 14

One-half of the keys used for asymmetric encryption, a public key is available to anyone and is used only for data encryption

Question 15

Private key

Answer 15

One-half of the keys used for asymmetric encryption, a private key is available only to the intended data user and is used only for data encryption

Question 16

Digital signature

Answer 16

Mathematical hash of a dataset that is encrypted by the private key and used to validate that dataset

Question 17

Block cipher

Answer 17

A method of converting plaintext to cipher text in bulk as opposed to one data bit at a time, either using a fixed secret key or by generating keys from each encrypted block

Question 18

Stream cipher

Answer 18

A method of converting plaintext to cipher text 1 bit at a time

Question 19

Role-based access control (RBAC)

Answer 19

Security mechanism in which all access is granted through predefined collections of permissions, called roles, instead of implicitly assigning access to users or resources individually

Question 20

Mandatory access control (MAC)

Answer 20

Security mechanism in which access is mandated by the operating system or application and not by data owners

Question 21

Discretionary access control (DAC)

Answer 21

Security mechanism in which the power to grant or deny permissions to resources lies with the data owner

Question 22

Multifactor authentication

Answer 22

Authentication of resources using proof from more than 1 of the 3 authentication categories: something you know, something you have, and something you are

Question 23

Single sign-on (SSO)

Answer 23

Authentication process in which the resource requesting access can enter 1 set of credentials and use those credentials to access multiple applications or datasets, even if they have separate authentication mechanisms

Question 24

Federation

Answer 24

Use of SSO to authenticate users or devices to many different protected network resources, such as file servers, websites, and database applications