Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

intrusion detection > Chapter 1 key terms > Flashcards

Chapter 1 key terms Flashcards

1
Q

Ethical hacker

A

A person who hacks into a computer network in order to test or evaluate its security rather than with malicious or criminal intent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

vulnerability

A

A weakness in an information system or in system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

penetration testing

A

Security testing in which evaluators mimic real-world attacks in an attempt to identify ways to circumvent the security features of an application, a system, or a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

threat actor

A

A person or group who is responsible for a security incident. The main categories of threat actors are organized crime, insider threat, state sponsored, and hacktivist.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

insider threat

A

A threat that occurs when an entity has authorized access and could potentially harm an information system or enterprise through destruction, disclosure, modification of data, and/or DoS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Open Web Application Security Project (OWASP)

A

A nonprofit organization with local chapters around the world that provides significant guidance on how to secure applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

MITRE ATT&CK

A

A penetration testing framework/methodology.

Resource for learning about an adversary’s tactics, techniques, and procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

National Institute of Standards and Technology (NIST)

A

The National Institute of Standards and Technology, which is a part of the U.S. Department of Commerce that helps provide organizations with guidelines on planning and conducting information security testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Open Source Security Testing Methodology Manual (OSSTMM)

A

A document that lays out repeatable and consistent security testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Penetration Testing Execution Standard (PTES)

A

A penetration testing methodology standard/guidance document that provides information about types of attacks and methods and also provides information on the latest tools available to accomplish the testing methods outlined.
seven phases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Information Systems Security Assessment Framework (ISSAF)

A

A penetration testing methodology that consists of the following phases: information gathering, network mapping, vulnerability identification, penetration, gaining access and privilege escalation, enumerating further, compromising remote users/sites, maintaining access, and covering the tracks.
9 phases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

vulnerability scanning

A

A technique used to identify hosts or hosts’ attributes and associated vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

intrusion detection (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions