chap 4 Flashcards

1
Q

A set of routines, standards, protocols, and tools for building software applications to access a web-based software application or web tool.

A

Application programming interface (API)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model.

A

Bit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Broadcast transmission is a one-to-many (one-to-everyone) form of sending internet traffic.

A

Broadcast

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The byte is a unit of digital information that most commonly consists of eight bits.

A

Byte

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A system in which the cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy and compliance considerations). It may be owned, managed and operated by one or more of the organizations in the community, a third party or some combination of them, and it may exist on or off premises. NIST 800-145

A

Community cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. NIST 800-145

A

Cloud computing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The opposite process of encapsulation, in which bundles of data are unpacked or revealed.

A

De-encapsulation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.) Source: NIST SP 800-27 Rev A

A

Denial-of-Service (DoS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

This acronym can be applied to three interrelated elements: a service, a physical server and a network protocol.

A

Domain Name Service (DNS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Enforcement of data hiding and code hiding during all phases of software development and operational use. Bundling together data and methods is the process of encapsulation; its opposite process may be called unpacking, revealing, or using other terms. Also used to refer to taking any set of data and packaging it or hiding it in another data structure, as is common in network protocols and encryption.

A

Encapsulation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The internet protocol (and program) used to transfer files between hosts.

A

File Transfer Protocol (FTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

In a fragment attack, an attacker fragments traffic in such a way that a system is unable to put data packets back together.

A

Fragment attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The physical parts of a computer and related devices.

A

Hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A combination of public cloud storage and private cloud storage where some critical data resides in the enterprise’s private cloud while other data is stored and accessible from a public cloud storage provider.

A

Hybrid cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The provider of the core computing, storage and network hardware and software that is the foundation upon which organizations can build and then deploy applications. IaaS is popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used.

A

Infrastructure as a Service (IaaS)

17
Q

An IP network protocol standardized by the Internet Engineering Task Force (IETF) through RFC 792 to determine if a particular service or host is available.

A

Internet Control Message Protocol (ICMP)

18
Q

Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks. CNSSI 4009-2015

A

Internet Protocol (IPv4)

19
Q

An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them. Source: NISTIR 7711

A

Man-in-the-Middle

20
Q

Part of a zero-trust strategy that breaks LANs into very small, highly localized zones using firewalls or similar technologies. At the limit, this places firewall at every connection point.

A

Microsegmentation

21
Q

Purposely sending a network packet that is larger than expected or larger than can be handled by the receiving system, causing the receiving system to fail unexpectedly.

A

Oversized Packet Attack

22
Q

Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model.

A

Packet

23
Q

The primary action of a malicious code attack

A

Payload

23
Q

An information security standard administered by the Payment Card Industry Security Standards Council that applies to merchants and service providers who process credit or debit card transactions.

A

Payment Card Industry Data Security Standard (PCI DSS)

24
Q

The web-authoring or application development middleware environment that allows applications to be built in the cloud before they’re deployed as SaaS assets.

A

Platform as a Service (PaaS)

25
Q

The phrase used to describe a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department. A private cloud is designed to offer the same features and benefits of cloud systems, but removes a number of objections to the cloud computing model, including control over enterprise and customer data, worries about security, and issues connected to regulatory compliance.

A

Private Cloud

26
Q

A set of rules (formats and procedures) to implement and control some type of association (that is, communication) between systems. NIST SP 800-82 Rev. 2

A

Protocols

27
Q

The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. NIST SP 800-145

A

Public Cloud

28
Q

The standard communication protocol for sending and receiving emails between senders and receivers.

A

Simple Mail Transport Protocol (SMTP)

29
Q

Computer programs and associated data that may be dynamically written or modified during execution. NIST SP 80–37 Rev. 2

A

Software

30
Q

The cloud customer uses the cloud provider’s applications running within a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. Derived from NIST 800-145

A

Software as a Service (SaaS)

31
Q

Faking the sending address of a transmission to gain illegal entry into a secure system. CNSSI 4009-2015

A

Spoofing

32
Q

Internetworking protocol model created by the IETF, which specifies four layers of functionality: Link layer (physical communications), Internet Layer (network-to-network communication), Transport Layer (basic channels for connections and connectionless exchange of data between hosts), and Application Layer, where other protocols and user applications programs make use of network services.

A

Transport Control Protocol/Internet Protocol (TCP/IP) Model

33
Q

A virtual local area network (VLAN) is a logical group of workstations, servers, and network devices that appear to be on the same LAN despite their geographical distribution.

A

VLAN

34
Q

A virtual private network (VPN), built on top of existing networks, that can provide a secure communications mechanism for transmission between networks.

A

VPN

35
Q

A wireless area network (WLAN) is a group of computers and devices that are located in the same vicinity, forming a network based on radio transmissions rather than wired connections. A Wi-Fi network is a type of WLAN.

A

WLAN

36
Q

The graphical user interface (GUI) for the Nmap Security Scanner, an open-source application that scans networks to determine everything that is connected as well as other information.

A

Zenmap

37
Q

Removing the design belief that the network has any trusted space. Security is managed at each possible level, representing the most granular asset. Microsegmentation of workloads is a tool of the model.

A

Zero Trust