deck 0 Flashcards
6to4
A protocol that provides unicast IPv6/ IPv4 connectivity between IPv6 sites and hosts across the IPv4 Internet
802.11
A family of protocols developed by the IEEE for wireless LAN communication between wireless devices or between wireless devices and a base station.
802.1X
An IEEE standard used to provide a port- based authentication mechanism over a LAN or wireless LAN.
AAR
(after-action report) A document that includes an analysis of security events and incidents that can provide insight into directions you may take to enhance security for the future.
ACL
(access control list) A security mechanism that specifies which objects in a system have which permissions.
Active Directory
The LDAP-based directory service from Microsoft that runs on Microsoft Windows servers.
AES
(Advanced Encryption Standard) A symmetric 128-, 192-, or 256-bit block cipher based on the Rijndael algorithm developed by Belgian cryptographers Joan Daemen and Vincent Rijmen and adopted by the U.S. government as its encryption standard to replace DES.
agile method
A software development method that focuses on iterative and incremental development to account for evolving requirements and expectations.
AI
(artificial intelligence) A scientific discipline that encompasses human-like intelligence exhibited by non-living machines.
ALE
(annual loss expectancy) The total cost of a risk to an organization on an annual basis.
Android fragmentation
The condition in which users are running many different versions of the Android operating system as a result of original equipment manufacturers (OEM) and mobile carriers manufacturing Android devices that cannot easily upgrade to the latest versions of the operating system.
application blacklist
A list of apps that are blocked from accessing a host or working with the host in some way. Apps not on the list are allowed.
application permissions
The process of a mobile application asking the user for specific access privileges to the operating system.
application sandboxing
An app security technique used to segregate an application from other applications and data on a system.
application security framework
A framework that can be embedded into standard software development processes to make it easier to apply security throughout the lifecycle.
application streaming
The process of a server providing a thin client with access to as little of an application’s resources as it needs to do its work.
application whitelist
A list of apps that are allowed to access a host or work with the host in some way. Apps not on the list are blocked.
application wrapping
The process of adding a layer of control over one or more apps on a device.
AppLocker
A feature of Active Directory environments that enables an administrator to restrict what software users can run on their systems.
ARO
(annual rate of occurrence) How many times per year a particular loss is expected to occur.
ASLR
(address space layout randomization) An operating system security technique that randomizes where components of a running process are placed in memory.
asset management
The process of maintaining a detailed record of technology resources for periodic review by network and security administrators.
attestation
The technique of verifying that only the individuals who need certain access privileges have those privileges. Attestation is also the process of verifying that no tampering has occurred in a system protected by a TPM.
augmented reality
Technology that modifies one’s view of physical reality by enhancing certain elements of an environment or incorporating new ones.
authentication
The process of validating a particular entity or individual’s identity
authorization
The process of determining what rights and privileges a particular entity has after the entity has been authenticated.
availability
The fundamental security goal of ensuring that computer systems operate continuously and that authorized persons can access data that they need
baiting
A social engineering attack in which an attacker plants physical media in an area where someone will find it and then promptly use it.
bare metal
The physical (non-virtual) hardware of a host.
BAS
(building automation system) A system that monitors and controls various operational resources in a building, including lighting systems, power systems, ventilation, alarms, plumbing, and miscellaneous physical security systems
baseband processor
A component in a mobile device that handles radio frequency communication other than that which uses Wi-Fi and Bluetooth
BCP
(business continuity planning) The process of defining how normal day-to-day business will be maintained in the event of a business disruption or crisis
bcrypt
A key derivation function based on the Blowfish cipher algorithm.
behavioral analytics
The process of identifying the way in which an entity acts, and then reviewing future behavior to see if it deviates from the norm.
BGP
(Border Gateway Protocol) A network protocol that exchanges routing and reachability information between edge routers across the Internet.
BIA
(business impact analysis) A document that identifies present organizational risks and determines the impact to ongoing, business- critical operations if such risks actualize.
big data
Data collections that are so large and complex that they are difficult for traditional database tools to manage.
BIOS
(Basic Input/Output System) A firmware interface that initializes hardware for an operating system boot.
bitcoin
The first and most prominent cryptocurrency.
bitcoin mining
The process of performing mathematical operations to discover new blocks in the bitcoin blockchain.
black box test
A penetration test in which the tester is given little to no information regarding the systems or network being tested.
black hole routing
A network security technique that drops traffic before it reaches its intended destination, and without alerting the source of this.
block cipher
A type of symmetric encryption algorithm that encrypts data one block at a time, often in 64- bit blocks. It is usually more secure, but is also slower, than stream ciphers.
block-level encryption
Technology that encrypts blocks of stored data in fixed sizes.
blockchain
A concept in which an expanding list of transactional records is secured using cryptography.
bluejacking
A wireless attack where an attacker sends unwanted Bluetooth signals from a smartphone, mobile phone, tablet, or laptop to other Bluetooth-enabled devices.
bluesnarfing
A wireless attack where an attacker gains access to unauthorized information on a wireless device by using a Bluetooth connection.
Bluetooth
A short-range wireless radio network transmission medium normally used to connect two personal devices, such as a mobile phone and a wireless headset.
BPA
(business partnership agreement) An agreement that defines how a business partnership will be conducted
brand damage
The devaluation of a company’s image after the company fails to meet customer expectations, especially if it mishandles personal information.
buffer overflow
A vulnerability that occurs when an application copies data into an allocated memory buffer that is not large enough to accommodate it.
BYOD
(bring your own device) An emerging phenomenon in which employees use their personal mobile devices in the workplace.
CA
(certificate authority) A server that can issue digital certificates and the associated public/ private key pairs
canary
In programming, a technique used to alert an app to the possible overwriting of a buffer and a resulting overflow condition
CASB
(cloud access security broker) A security gateway provided by SECaaS vendors that sits between the organization’s on-premises network and the cloud network, ensuring that traffic both ways complies with policy.
CBA
(cost–benefit analysis) The process of weighing the benefit of using a solution against the cost to implement, use, and maintain it.
CC
(Common Criteria) A set of standards developed by a group of governments working together to create a baseline of security assurance for a trusted operating system.
CERT
(computer emergency response team) A team of security professionals that provide incident response services to the private and public sectors.
certificate pinning
A method of trusting digital certificates that bypasses the CA hierarchy and chain of trust to minimize man-in-the-middle attacks.
certificate-based authentication
An authentication method in which identity is verified through the use of digital certificates.
chain of custody
The record of evidence handling from collection, to presentation in court, to disposal.
change monitoring
The process by which some mechanism watches a system for any alterations to a configured baseline, and then logs, audits, and alerts the proper personnel to this change.
CHAP
(Challenge Handshake Authentication Protocol) An encrypted remote access authentication method.
CIA triad
(confidentiality, integrity, availability) The three basic principles of security control and management. Also known as the information security triad or triple.
CIS
(Center for Internet Security) A non-profit organization that provides security resources and information to various industries
clickjacking
A web application attack in which an attacker tricks a client into clicking on a web page link that is different from where they had intended to go.
client-side processing
The set of activities performed within a browser or on a client computer as part of the interaction with the web application and data set for the application that are resident on the server.
CMDB
(configuration management database) A database that contains information on each component within an enterprise’s IT environment.
CMS
(content management system) A system that enables an enterprise to integrate documentation and other content into a centralized, easy-to-use solution
COBIT 5
(Control Objectives for Information and Related Technologies version 5) A framework for IT management and governance created by ISACA.
code review
An examination of the source code of an application to identify potential vulnerabilities.
code signing
A form of digital signature that guarantees that source code and application binaries are authentic and have not been tampered with.
cold boot attack
An attack in which an attacker with physical access to a computer with an encrypted disk tries to retrieve encryption keys after starting the computer from its off state.
collision resistance
A goal of strong hash functions that states that it should not be possible to produce two different plaintext input values that have the same resulting hash.
color team exercise
A method of simulating a threat scenario where personnel are divided into teams assigned a certain color, where each color has a specific meaning and defines the role that an individual tester will play during the simulation.
confidentiality
The fundamental security goal of keeping information and communications private and protected from unauthorized access.
configuration lockdown
The process of preventing configurations from being altered.
container-based virtualization
A method of virtualization that runs isolated systems inside individual containers on a host operating system.
content filtering
A technique that restricts what types of content a user is allowed to access.
context-aware authentication
An authentication method in which identity is verified based on various characteristics about the entity’s environment.
continuous monitoring and improvement
The technique of constantly evaluating an environment for changes so that new risks may be more quickly detected and business operations improved upon.
cookie hijacking
An attack in which an attacker takes over a session cookie by injecting malicious code into it.
cookie poisoning
An attack in which an attacker modifies the contents of a cookie to exploit web app vulnerabilities
COOP
(continuity of operations plan) The collection of processes that outlines how an organization will maintain operations if a major adverse event were to occur. Similar to a business continuity plan (BCP).
COPE
(corporate-owned, personally enabled) A mobile deployment model in which the organization chooses which devices they want employees to work with, while still allowing the employee some freedom to use the device for personal activities.
COSO
(Committee of Sponsoring Organizations of the Treadway Commission) An industry standard that provides guidance on a variety of governance-related topics including fraud, controls, finance, and ethics.
critical infrastructure
Resources that, if damaged or destroyed, would cause significant negative impact to the economy, public health and safety, or security of a society.
CRL
(certificate revocation list) A list of certificates that were revoked before their expiration date.
CRM
(customer relationship management) The process of enabling an organization to more easily work with customers and data about customers.
crowdsourcing
The act of outsourcing work and services to a group of people, such as an online community, who aren’t internal employees of the organization.
cryptocurrency
An alternative digital currency that is secured through cryptography, typically by using a blockchain.
cryptographic module
Any software or hardware solution that implements one or more cryptographic concepts, such as different encryption and decryption algorithms.
CSIRT
(cybersecurity incident response team) A collection of personnel who work together to identify and manage information security incidents.
CSP
(Cryptographic Service Provider) A cryptographic module that implements Microsoft’s CryptoAPI.
CVE
(Common Vulnerabilities and Exposures) A dictionary of vulnerabilities maintained by the MITRE Corporation
CVSS
(Common Vulnerability Scoring System) A risk management approach to quantifying vulnerability data and then taking into account the degree of risk to different types of systems or information.
CYOD
(choose your own device) A mobile deployment model in which the employee is essentially responsible for their device and may even be considered the owner of the device.