Chapter 0 Random Terms Flashcards
Security Engineering
Security Engineering is focused on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption, ranging from natural disasters to malicious acts.
You want to have the ability to think “outside the box” and envision new strategies & potential attacks before they are used against you.
Engineer
Someone who builds, designs, & maintains engines, machines, or structures
Information Systems
bridges business & computer science (study & use of computers). It encompasses systems, people, & processes that create, store, & distribute information
Network
a group of 2 or more computers joined together to communicate by exchanging information & sharing resources
Internet
global communiation NW used to connect & share information between billions of computers worldwide
Information Technology
a subet of Information Systems. It is the study, design, implementation, & support of computer-based information systems
Difference between IS & IT
IS is a large umbrella and IT falls under that umbrella, It has nothing to do with systems per say, IT deals with the technology involved in the sytems themselves, the study, design, implementation, & support of those technologies. So an analology would be taking a paper & pencil. The two objects themselves are tools or information technologies, if we combine them into a system for writing, it becomes an information system.
IP
The internet protocol is the protocol by which data is sent from one computer to another on the internet; Each computer is known as a host on the internet & has at least one IP address that uniquely identifies it from all other computers on the internet
Kernel
a computer program that manages I/O requests from SW, and translates them into data processing instructiosn for the CPU (brain) & other electronics of a computer
Why is what you do important? + Hacker + the old joke
an attacker may gather sensitive information of organization if the security is not strong. He or she may then use that sensitive information to hack or break into the organizatoin’s NW. If an attacker breaks into the organization, then the organization potentially faces huge losses in terms of information, service, and finance
The term hacker is the most misunderstood & overused term in security industry, it is almost equivalent to the boogeyman, in which most people fear or choose to ignore.
The old joke is that companies & governments build vault doors on tents & the best exploits ignore the door & go in the back of the tent & we as pen testers and security engineers want to be able to stop that.
VPN
a NW that uses public telecommunication infrastructure such as the internet to provide individual users or remote offices secure access to their organization’s NW
Subdomain
is a domain that is a child of a parent domain.
i.e. support.oriyano.com is subdomain of oriyano.com
useful bc they can clue in to projects or other stuff goign on
Extranet
a computer network that allows controlled access from outside of an organization’s intranet. Extranets are used for specific use cases including business-to-business (B2B).
MAC address
unique identifier for NW interfaces for communication on physical NW segment
RPC
Remote Procedure Call - a protocol used to request a servuce from a program located on another computer
