Domain 3: Security Architecture and Engineering

Question 1

Algorithm

Answer 1

A mathematical function used in the encryption and decryption processes. It may be quite simple or extremely complex. Also defined as the set of instructions by which encryption and decryption is done.

Question 2

Asymmetric Encryption

Answer 2

Process that uses different keys for encryption than it does for decryption, and in which the decryption key is computationally infeasible to determine given the encryption key itself, from plaintext and corresponding ciphertext, or from knowledge of the key generation or encryption algorithm.

Question 3

Block Mode Encryption

Answer 3

Using fixed-length sequences of input plaintext symbols as the unit of encryption.

Question 4

Ciphertext

Answer 4

The altered form of a plaintext message so as to be unreadable for anyone except the intended recipients. In other words, it has been turned into a secret.

Question 5

Collision

Answer 5

This occurs when a hash function generates the same output for different inputs. In other words, two different messages produce the same message digest.

Question 6

Crime Prevention Through Environmental Design (CPTED

Answer 6

An architectural approach to the design of buildings and spaces, which emphasizes passive features to reduce the likelihood of criminal activity

Question 7

Cryptanalysis

Answer 7

The study of techniques for attempting to defeat cryptographic techniques and, more generally, information security services.

Question 8

Cryptographic Hash, Cryptographic Hash Function

Answer 8

A process or function that transforms an input plaintext into a unique value called a hash (or hash value). These do not use cryptographic algorithms; the term “cryptographic” refers to the assertion that strong hash algorithms are one-way functions; that is, it is computationally infeasible to determine the input plaintext from the hash value and knowledge of the algorithm alone. Message digests are an example of the use of a cryptographic hash.

Question 9

Cryptography

Answer 9

The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning.

Question 10

Cryptosystem

Answer 10

The complete set of hardware, software, communications elements, and procedures that allows parties to communicate, store information, or use information that is protected by cryptographic means. The system includes the algorithm, key, and key management functions, together with other services that can be provided through cryptography.

Question 11

Cryptovariable

Answer 11

One or more parameters inherent to a particular cryptographic algorithm and its implementation in a cryptosystem. Block size, key length, and number of iterations (or rounds) are examples.

Question 12

Decoding

Answer 12

The reverse process of encoding, converting the encoded message back into its plaintext format.

Question 13

Decryption

Answer 13

The reverse process of encryption. It is the process of converting a ciphertext message back into plaintext using the cryptographic algorithm and appropriate key for decryption (which is the same for symmetric encryption, but different for asymmetric encryption). This term is also used interchangeably with “deciphering.”

Question 14

Encoding

Answer 14

The action of changing a message or other set of information into another format using a code. Unlike encryption, which obscures or hides the meaning, encoded information can still be read by anyone with knowledge of the encoding process.

Question 15

Encryption

Answer 15

The process and act of converting the message from its plaintext into ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.

Question 16

Encryption System

Answer 16

The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability.

Question 17

Frequency Analysis

Answer 17

A form of cryptanalysis that uses the frequency of occurrence of letters, words, or symbols in the plaintext alphabet as a way of reducing the search space.

Question 18

Hybrid Encryption System

Answer 18

A system that uses both symmetric and asymmetric encryption processes.

Question 19

In Band

Answer 19

Refers to transmitting or sharing control information, such as encryption keys and cryptovariables, over the same communications path, channel, or system controlled or protected by that information.

Question 20

Key

Answer 20

The input that controls the operation of the cryptographic algorithm. It determines the behavior of the algorithm and permits the reliable encryption and decryption of the message.

Question 21

Key Escrow

Answer 21

A process by which keys (asymmetric or symmetric) are placed in a trusted storage agent’s custody for later retrieval. The trustworthiness of the encryption system(s) being used is thus completely placed in the escrow agent’s control.

Question 22

Symmetric cryptosystem

Answer 22

use a shared secret key available to all users of the cryptosystem

Question 23

Integrity

Answer 23

ensures that data is not altered without authorization

Question 24

Digital signatures

Answer 24

Message integrity is enforced through the use of encrypted message digests

a recipient can verify the message digest is valid and data not altered in transit

Question 25

Key space

Answer 25

the range of values that are valid for use as a key for a specific algorithm

Question 26

Kerckhoff’s Principle

Answer 26

that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge

Question 27

Cryptovariables

Answer 27

cryptographic keys

Question 28

One way function

Answer 28

hash, mathematical operation that easily produces output values for each possible combination of inputs but makes it impossible to retrieve the input values

Question 29

Nonce

Answer 29

is a random number that acts as a placeholder variable in mathematical functions

Question 30

Split knowledge

Answer 30

separation of duties and two-person control contained in a single solution

Question 31

Recovery agent

Answer 31

the third party in a split knowledge setup, that uses the key escrow

Question 32

Transposition Ciphers

Answer 32

uses an encryption algorithm to rearrange the letters of a plaintext message

Columnar transposition

Question 33

Substitution cipher

Answer 33

use the encryption algorithm to replace each character or bit of the plaintext message with a different character

Caesar Cipher, ROT13, Vigenere system

Question 34

One Time Pad

Answer 34

use a different substitution alphabet for each letter of the plaintext message.

1. must be randomly generated
2. must be physically protected against disclosure
3. each one-time pad must only be used once
4. the key must be as long as the message to be encrypted

Question 35

Block cipher

Answer 35

operate on chunks or blocks, of a message and apply the encryption algorithm to an entire message block at the same time

most modern encryption algorithms use a type of block cipher

Question 36

Stream cipher

Answer 36

operate on one character or bit of the message at a time

one-time pad, caesar cipher

Question 37

Hybrid cryptography

Answer 37

Combines both Symmetric and Asymmetric key encryptions because of the slow speed of operation for asymmetric.

Question 38

Hashing collision

Answer 38

Occurs when a hash function creates the same value for two different methods. Two messages create the same hash value

Question 39

Electronic Code Bock (ECB)

Answer 39

Least secure, encrypts blocks of 64 meaning encrypted blocks could repeat. More easy to break because of the less randomness

Question 40

Cipher block Chaining Mode (CBC)

Answer 40

each block of unencrypted test is XORed with the block of ciphertext immediately preceding it before it is encrypted

encryption blocks are chained together

Question 41

Cipher Feedback (CFB)

Answer 41

Streaming cipher version of CBC. Uses memory buffers in real time instead of blocks. bit by bit

Question 42

Output feedback mode (OFB)

Answer 42

Ciphers operate in almost the same fashion as they do in CFB, but instead of being XORed it XORs the plaintext with a seed value, no chaining functions and transmission errors do not propogate

Question 43

Counter Mode (CTR)

Answer 43

uses a stream cipher similar to that used in CFB and OFB Just uses a counter instead of a seed value

Question 44

Galois/Counter Mode (GCM)

Answer 44

same as CTR but includes authentication tags to the encryption process for more authenticity

Question 45

Data Encryption Standard (DES)

Answer 45

56-bit and operates in long series of XOR operations, lots of flaws, not secure anymore. Operates in all the cipher modes

Question 46

Triple DES

Answer 46

slightly stronger than DES, but 3 keys and longer 168-bit, flawed and should not be used

Question 47

Blowfish

Answer 47

Block cipher, 64-bit, key length 32-448 bits

Question 48

Skipjack

Answer 48

Block Cipher, 64-bit, 80-bit key

Question 49

Rivest cipher 4 (RC4)

Answer 49

Stream Cipher, 40-2048bits, key, no block size

Question 50

Rivest Cipher 5 (RC5)

Answer 50

block: 32, 64, 128 Key 0-2040

Question 51

Rivest Cipher 6 (RC6)

Answer 51

Block: 128, Key: 128, 192, 256

Question 52

Skipjack

Answer 52

Block Size: 64 Key 80

Question 53

3DES

Answer 53

Block size: 64 Key: 112 or 168

Question 54

CAST-128

Answer 54

Block: 64 Key: 40-128

Question 55

CAST-256

Answer 55

Block 128 Key: 128, 160,192, 224, 256

Question 56

Offline distribution

Answer 56

Physical exchanging of keys

Question 57

Public Key Encryption

Answer 57

Use of a public key to setup initial communication, once the link is established a secret key can be securely transferred over the public key link.

Question 58

Hardware Security Module (HSM)

Answer 58

Dedicated hardware devices used to manage crypto keys. Expensive to implement

Question 59

Symmetric Key Exposure Formula

Answer 59

of keys = n(n-1) / 2

Question 60

Hashed Message Algorithm Code (HMAC)

Answer 60

implements a partial digital signature, guarantees the integrity of a message during transmissions

does not provide nonrepudiation

Question 61

Digital Certificates

Answer 61

provide communication parties with the assurance that the people they are communicating with truly are who they claim to be.

Question 62

Digital Certificate Standard

Answer 62

X.509 - which means they conform to the long list of data contained certificate.

serial number, issuer name, signature algorithm, validity period, public key, and more

Question 63

Certificate Authority

Answer 63

the glue that binds the public key infrastructure together, being a neutral organization that notarizes digital certificates.

Question 64

Registration Authorities

Answer 64

assist Certificate authorities by taking the burden of verifying user’s identities prior to issuing a digital certificate.

Question 65

Self-signed certificates

Answer 65

for use inside an organization, may be configured to trust the internal CA, saving some expense for obtaining it from a third party.

Question 66

Certificate Signing Request

Answer 66

after properly enrolling with a CA by identifying yourself, this request takes your public key and the CA creates an X.509 digital certificate registered to you

Question 66

S/MIME

Answer 66

x.509 certificate for exchanging keys. Uses RSA encryption algorithm standard for encrypted email

Question 66

Transport Layer Security (TLS)

Answer 66

Uses the exchange of digital certificates to negotiate encryption/decryption between the browser and web server.
Creates that secure communication between a user browsing a website

Question 66

Perfect forward secrecy

Answer 66

layers of encryption prevent nodes in the relay chain from reading anything other than the specific information they need to accept and forward the traffic

Question 67

Steganography

Answer 67

art of using cryptographic techniques to embed secret messages within another message

Question 68

Link Encryption

Answer 68

protects communication circuits by creating a secure tunnel between two points. Everything including the header, trailer, address, and routing data is encrypted

Question 69

End-to-End Encryption

Answer 69

protects communication between two parties and is performed independently of link encryption
Faster that link because it does not encrypt headers, addresses, routing data and therefor susceptible to eavesdropping

Question 70

IPsec

Answer 70

Provides complete infrastructure for secured network communications.

Question 71

Tunnel Mode

Answer 71

IPsec, entire packet including the header is encrypted in communication.

Question 72

Transport mode

Answer 72

only the packet payload is encrypted for end-to-end encryption

Question 73

Security Association

Answer 73

the session you create with IPsec, represents the communication session and records and configuration and status information about the connection.

Question 74

Homomorphic encryption

Answer 74

technology that allows you to perform computations on data that is encrypted,

Question 75

Analytic Attack

Answer 75

algebraic manipulation that attempts to reduce the complexity of the algorithm

Question 76

Implementation Attack

Answer 76

exploits weaknesses in the implementation of the cryptographic system. Exploiting software code

Question 77

Statistical Attack

Answer 77

attacks statistical weaknesses like floating point errors, and the inability to produce truly random numbers

Question 78

Fault Injection Attack

Answer 78

attackers attempt to compromise the integrity of the cryptographic device causing some internal error

Question 79

Side-Channel Attack

Answer 79

Attack the systems surrounding the cryptography to find changes in cpu, power consumption, etc.

Question 80

Timing Attack

Answer 80

Type of side channel attack that measures precisely how long it takes to encrypt something.

Question 81

Replay Attack

Answer 81

Capturing the encrypted message, and then ‘replays’ that message to initiate a session

Question 82

Closed System

Answer 82

designed to work well with a narrow range of other systems

Question 83

Open system

Answer 83

designed using agreed-upon industry standards, much easier to integrate with out manufacturers.

Question 84

Fail-Securely

Answer 84

it will fail in a secured manner by default if there is a system crash, reducing potential data exposure and other security risks

Question 85

Fail-Soft

Answer 85

Allows a system to keep running after a component fails

Question 86

Fail-Safe

Answer 86

When a failure occurs, the system will revert back to a point that protects the health and safety of people.

Emergency door must open always, despite the risk

Question 87

Don’t Repeat Yourself

Answer 87

Eliminate redundancy by not having the same code in multiple places

Question 88

Computing Minimalism

Answer 88

Craft code to use the least necessary hardware.

Question 89

Worse is Better

Answer 89

quality of software does not necessarily get better with more capabilities or functions.

Question 90

Zero Trust

Answer 90

nothing inside the organization is automatically trusted.

Every request for access or activity is assumed to be from an unknown or untrusted location. everything is always verified

Assume a breach has already occured

Question 91

Privacy by Design

Answer 91

guideline to integrate privacy protections into products during the early design phase rather than tacking it on later.

Question 92

Trusted Computing Base

Answer 92

design principle that is the combination of hardware, software, and controls hat work together to form a trusted base to enforce your security policy .

Question 93

State Machine Model

Answer 93

Describes a system in which is always secure no matter the state it is in.

Question 94

Secure state machine

Answer 94

system always boots in a secure state, maintains a secure state across all transitions

Question 95

Information Flow Model

Answer 95

Focuses on controlling the flow of information, based on the state model, Look at how information flows and whether or not its secure

Question 96

Bell-LaPadula Model

Answer 96

Dept of Def, clearance levels and need to know,

Can’t read a higher clearance level, and you can’t write DOWN to a lower clearance level.

Question 97

Biba Model

Answer 97

Opposite of Bell-LaPadula, More about the modification of objects and data. Designed to address integrity issues of objects

Lacks confidentiality and availability

Question 98

Clark-Wilson Model

Answer 98

Multifaceted approach to enforcing data integrity where the formal state machine limits modification to a system through a limited or controlled intermediary program or interface

Restricted Interface Model

Enforces separation of duties

Question 99

Brewer and Nash Model

Answer 99

permits access controls to change dynamically based on user’s previous activities.

Question 100

Goguen–Meseguer model

Answer 100

An integrity model based on predetermining the set or domain of objects that a subject can access.

Foundation of noninterference model

Question 101

noninterference model

Answer 101

A model loosely based on the information flow model. The noninterference model is concerned with the actions of one subject affecting the system state or actions of another subject.

Question 102

Sutherland model

Answer 102

An integrity model that focuses on preventing interference in support of integrity.

Question 103

Graham–Denning model

Answer 103

A security model focused on the secure creation and deletion of both subjects and objects.

Question 104

Harrison–Ruzzo–Ullman (HRU) model

Answer 104

A security model that focuses on the assignment of object access rights to subjects as well as the resilience of those assigned rights. It is an extension of the Graham–Denning model.

Question 105

Common Criteria (CC)

Answer 105

The loosely used phrase for the combination of the Common Criteria for IT Security Evaluation (CC) and the Common Methodology for IT Security Evaluation (CEM). Together these form the Common Criteria Recognition Agreement (CCRA). Simplified, this provides a means via the Common Criteria certification process for independently evaluating products in licensed labs and providing a level of assurance regarding product security. Defined in ISO/IEC 15408.

Question 106

authorization to operate (ATO)

Answer 106

Often related to government or military agencies or contractors, an ATO is the formal approval to perform business functions once compliance with a contract, standard, framework, or regulation is confirmed. An ATO is often issued for a limited period of time and can be lost or canceled by the approving authority at any time based on any significant change to the environment.

Question 107

Authorizing Official (AO)

Answer 107

An authorized entity who can evaluate an IT/IS system, its operations, and its risks, and potentially issue an ATO. Aka designated approving authority (DAA), Approving Authority (AA), Security Control Assessor (SCA), and Recommending Official (RA).

5 years

Question 108

Trusted Platform Module (TPM)

Answer 108

A specification for a cryptoprocessor as well as the chip in a mainboard supporting this function. A TPM chip is used to store and process cryptographic keys for the purposes of a hardware- supported/implemented hard drive encryption system.

Question 109

constrained interface

Answer 109

An access control used in applications that restrict what users can do or see based on their assigned privileges. Subjects with restricted privileges have limited access. Aka restricted interface.

Question 110

fault tolerance

Answer 110

The ability of a system to suffer a fault but continue to operate and/or without losing data. Fault tolerance is achieved by adding redundant components such as additional disks within a redundant array of independent disks (RAID) or additional servers within a failover clustered configuration.

Question 111

Multitasking

Answer 111

A system handling two or more tasks simultaneously

Question 112

Multicore

Answer 112

A CPU chip containing two, four, eight, dozens, or more independent execution
cores that can operate simultaneously and/or independently. There are even some specialty
chips with over 10,000 cores.

Question 113

Multiprogramming

Answer 113

The pseudo-simultaneous execution of two tasks on a single processor
coordinated by the operating system for the purpose of increasing operational efficiency.
Multiprogramming is considered a relatively obsolete technology and is rarely found in use
today except in legacy systems.

Question 114

Multithreading

Answer 114

A process that allows multiple users to use the same process without interfering with each other

Question 115

Protection Rings

Answer 115

A security design that organizes code and components in an operating system
(as well as applications, utilities, or other code that runs under the operating system’s control) into
concentric rings, each having increasing or decreasing levels of capabilities and access

Ring 0: OS Kernel/Memory
Ring 1: Other OS Components
Ring 2: Drivers, protocols
Ring 3: User-level programs

Question 116

Privileged Mode

Answer 116

The mode designed to give the operating system access to the full range
of instructions supported by the CPU. Aka kernel mode. See also protected mode.

Ring 0-2

Question 117

Mediated-access model

Answer 117

When a process that runs in a higher-numbered ring must ask a
handler or a driver in a lower-numbered ring for services they need. Aka system call.

Question 118

electrically erasable programmable read-only memory (EEPROM)

Answer 118

A version of ROM
that can be erased with an electrical signal. EEPROMs can be erased without removal from
the computer, giving them much greater flexibility than standard PROM and EPROM chips.
Sometimes referred to incorrectly as electronically erasable PROM (EEPROM).

Question 119

Read-only memory

Answer 119

Memory that can be read but cannot be written to.

Question 119

programmable read-only memory (PROM)

Answer 119

A PROM chip that does not have its contents
“burned in” at the factory as is done with standard ROM chips. Instead, special functionality
is installed that allows the end user to burn in the contents of the chip.

Question 120

Flash memory

Answer 120

A concept derived from EEPROM. It is a nonvolatile form of storage
media that can be electronically erased and rewritten. The primary difference between
EEPROM and flash memory is that EEPROM must be fully erased to be rewritten whereas
flash memory can be erased and written in blocks or pages. The most common type of flash
memory is NAND flash. It is widely used in memory cards, thumb drives, mobile devices,
and SSDs (solid-state drives).

Question 121

Random Access Memory (RAM)

Answer 121

Readable and writable memory that contains information
the computer uses during processing. RAM retains its contents only when power is continuously supplied to it.

Question 122

Cache RAM

Answer 122

A process that takes data from slower devices and temporarily stores it in
higher-performance devices when its repeated use is expected.

Question 123

Register

Answer 123

A limited amount of onboard memory in a CPU.

Question 124

register address

Answer 124

The address of a register, which is a small memory location directly on the CPU. When the CPU needs information from one of those registers to complete an operation, it can simply use the register address (for example, “register one”) to access the information.

Question 125

immediate addressing

Answer 125

A way of referring to data that is supplied to the CPU as part of an instruction.

Question 126

memory addressing

Answer 126

The means of referring to various locations in memory. See register addressing, immediate addressing, direct addressing, indirect addressing, and base+offset addressing.

Question 127

direct addressing

Answer 127

A process by which the CPU is provided with the actual address of the memory location to be accessed.

Question 128

indirect addressing

Answer 128

The memory address that is supplied to the CPU as part of the instruction and doesn’t contain the actual value that the CPU is to use as an operand. Instead, the memory address contains another memory address (perhaps located on a different page). The CPU then retrieves the actual operand from that address.

Question 129

base+offset addressing

Answer 129

An addressing scheme that uses a value stored in one of the CPU’s registers as the base location from which to begin counting. The CPU then adds the offset supplied with the instruction to that base address and retrieves the operand from the computed memory location.

Question 130

secondary memory

Answer 130

Magnetic/optical media and other storage devices that contain data not immediately available to the CPU.

Question 131

swap file, pagefile, paging file

Answer 131

A special storage file used when virtual memory is enabled to use space on a storage device to expand the addressable memory space of a system.

Question 132

virtual memory

Answer 132

A special type of secondary memory that is managed by the operating system in such a manner that it appears to be real memory.

Question 133

primary storage

Answer 133

The RAM that a computer uses to keep necessary information readily available.

Question 134

secondary storage

Answer 134

Data repositories that include magnetic and optical media, such as tapes, disks, hard drives, and CD/DVD storage.

Question 135

volatile storage

Answer 135

A storage medium, such as RAM, that loses its contents when power is removed from the resource.

Question 136

nonvolatile storage

Answer 136

A storage system that does not depend on the presence of power to maintain its contents, such as magnetic/optical media and nonvolatile RAM (NVRAM).

Question 137

random access storage

Answer 137

Devices, such as RAM and hard drives, that allow the operating system to request contents from any point within the media.

Question 138

sequential storage

Answer 138

Devices that require that you read (or speed past) all of the data physically stored prior to the desired location. A common example of a sequential storage device is a magnetic tape drive.

Question 139

data remnants, data remanence

Answer 139

Data that remains on media after the data has been supposedly removed. Sanitization methods attempt to ensure that all data is removed from media without any data remnants/remanence remaining.

Question 140

emanations

Answer 140

Electromagnetic or radio frequency signals that may contain data that can be intercepted through eavesdropping on those signals.

Question 141

TEMPEST

Answer 141

The study and control of electronic signals produced by various types of electronic hardware, such as computers, televisions, phones, and so on. Its primary goal is to prevent EM and RF radiation from leaving a strictly defined area so as to eliminate the possibility of external radiation monitoring, eavesdropping, and signal sniffing.

Question 142

Unified Extensible Firmware Interface (UEFI)

Answer 142

A replacement or improvement to the basic input/output system (BIOS) that provides support for all of the same functions as BIOS with many improvements, such as support for larger hard drives (especially for booting), faster boot times, enhanced security features, and even the ability to use a mouse when making system changes (BIOS was limited to keyboard control only). See measured boot.

Question 143

BIOS (Basic Input/Output System)

Answer 143

The basic low- end firmware or software embedded in the hardware’s electrically erasable programmable read- only memory (EEPROM). See also Unified Extensible Firmware Interface (UEFI).

Question 144

applet

Answer 144

Code objects sent from a server to a client to perform some action. Applets are self- contained miniature programs that execute independently of the server that sent them.

Question 145

parallel data systems, parallel computing

Answer 145

A computation system designed to perform numerous calculations simultaneously. Parallel data systems often go far beyond basic multiprocessing capabilities. They often include the concept of dividing up a large task into smaller elements and then distributing each subelement to a different processing subsystem for parallel computation. This implementation is based on the idea that some problems can be solved efficiently if they are broken into smaller tasks that can be worked on concurrently. Aka large- scale parallel data systems.

Question 146

symmetric multiprocessing (SMP

Answer 146

A type of system in which the processors share not only a common operating system but also a common data bus and memory resources. The collection of processors also works collectively on a single task, code, or project.

Question 147

asymmetric multiprocessing (AMP)

Answer 147

A form of multiprocessing where the processors are often operating independently of each other. Usually each processor has its own OS and/or task instruction set. Under AMP, processors can be configured to execute only specific code or to operate on specific tasks (or vice versa, where specific code or tasks are allowed to run only on specific processors; this might be called affinity in some circumstances).

Question 148

grid computing

Answer 148

A form of parallel distributed processing that loosely groups a significant number of processing nodes toward the completion of a specific processing goal.

Question 149

industrial control system (ICS

Answer 149

A form of computer- management device that controls industrial processes and machines. ICSs are used across a wide range of industries, including manufacturing, fabrication, electricity generation and distribution, water distribution, sewage processing, and oil refining. There are several forms of ICS, including distributed control systems (DCSs), programmable logic controllers (PLCs), and supervisory control and data acquisition (SCADA).

Question 150

SCADA (Supervisory Control and Data Acquisition)

Answer 150

A type of industrial control system (ICS). An ICS is a form of computer- management device that controls industrial processes and machines.

Question 151

High-performance Computing

Answer 151

Computing platforms designed to perform complex calculations or data manipulations at extremely high speeds. Supercomputers and MPP solutions are common examples of HPC systems. HPC systems are used when real- time or near- real- time processing of massive data is necessary for a particular task or application. These applications can include scientific studies, industrial research, medical analysis, societal solutions, and commercial endeavors.

Question 152

real- time operating system (RTOS)

Answer 152

An OS designed to process or handle data as it arrives on the system with minimal latency or delay. An RTOS is usually stored on read- only memory (ROM) and is designed to operate in a hard real- time or soft real- time condition.

Question 153

Industrial Internet of Things (IIoT)

Answer 153

A derivative of IoT that focuses more on industrial, engineering, manufacturing, or infrastructure level oversight, automation, management, and sensing. IIoT is an evolution of ICS and DCS that integrates cloud services to perform data collection, analysis, optimization, and automation.

Question 154

edge computing

Answer 154

A computation architecture that is part of the Industrial Internet of Things (IIoT). In edge computing, the intelligence and processing are contained within each device, which is at or near the edge of the network. See fog computing.

Question 155

embedded system

Answer 155

A computer implemented as part of a larger system. The embedded system is typically designed around a limited set of specific functions in relation to the larger product of which it’s a component. It may consist of the same components found in a typical computer system, or it may be a microcontroller (an integrated chip with on- board memory and peripheral ports).

Question 156

static system, static environment

Answer 156

A set of conditions, events, and surroundings that don’t change. In theory, once understood, a static environment doesn’t offer new or surprising elements. A static IT environment is any system that is intended to remain unchanged by users and administrators. The goal is to prevent or at least reduce the possibility of a user implementing change that could result in reduced security or functional operation.

Question 157

network-enabled devices

Answer 157

Any type of device (whether mobile or stationary) that has native network capabilities. This generally assumes the network in question is a wireless type of network, primarily that provided by a mobile telecommunications company. However, it can also refer to devices that connect to Wi- Fi (especially when they can connect automatically), devices that share data connectivity from a wireless telco service (such as a mobile hot spot), and devices with RJ- 45jacks to receive a standard Ethernet cable for a wired connection.

Question 158

cyberphysical system, cyber- physical system

Answer 158

A computer system that can interact with the real world, such as take measurements with a sensor, control lights, open doors, turn on motors, and so forth. See Internet of Things (IoT) and industrial control system (ICS).

Question 159

multifunction devices (MFDs)

Answer 159

Devices that are combinations of several products into one, such as a combined printer, scanner, and fax machine. Aka all- in- one device. See multifunction printers (MFPs).

Question 160

wrapper

Answer 160

Something used to enclose or contain something else. Wrappers are well known in the security community in relation to Trojan horse malware. A wrapper of this sort is used to combine a benign host with a malicious payload. Wrappers are also used as encapsulation solutions. Some static environments may be configured to reject updates, changes, or software installations unless they’re introduced through a controlled channel or wrapper.

Question 161

micro-services, micro-API, microservices

Answer 161

An emerging feature of web- based solutions that derives from service- oriented architecture (SOA). A micro- service is simply one element, feature, capability, business logic, or function of a web application that can be called upon or used by other web applications.

Question 162

service- oriented architecture (SOA)

Answer 162

A means to construct new applications or functions out of existing but separate and distinct software services.

Question 163

infrastructure as code (IaC)

Answer 163

Infrastructure as code is a change in how hardware management is perceived and handled. Instead of seeing hardware configuration as a manual, direct hands- on, one- on- one administration hassle, it is viewed as just another collection of elements to be managed in the same way that software and code are managed under DevOps

Question 164

virtualization

Answer 164

A technology used to host one or more operating systems within the memory of a single host computer. This mechanism allows practically any operating system to operate on any hardware. Aka virtualization technology.

Question 165

hypervisor

Answer 165

The component of virtualization that creates, manages, and operates the virtual machines. The computer running the hypervisor is known as the host and the OSs running within a hypervisor- supported virtual machine are known as guest OSs. Aka virtual machine monitor (VMM) and virtual machine manager (VMM).

Question 166

type 1 hypervisor

Answer 166

A native or bare- metal hypervisor. In this configuration, there is no host operating system (OS); instead, the hypervisor installs directly onto the hardware where the host OS would normally reside.

Question 167

type 2 hypervisor

Answer 167

A hosted hypervisor. In this configuration, a standard regular operating system (OS) is present on the hardware, and then the hypervisor is installed as another software application.

Question 168

virtual application

Answer 168

A software product deployed in such a way that it is fooled into believing it is interacting with a full host OS. A virtual (or virtualized) application has been packaged or encapsulated so that it can execute but operate without full access to the host OS or platform. Aka guest application and virtual software.

Question 169

containerization

Answer 169

The next step in the evolution of the virtualization trend for both internally hosted systems and cloud providers and services. Containerization is based on the concept of eliminating the duplication of OS elements and removing the hypervisor altogether. Instead, each application is placed into a container that includes only the resources needed to support the enclosed application. There are many different technological solutions that are grouped into the concept of containerization. Some refer to the application instances as containers, zones, cells, virtual private servers, partitions, virtual environments, virtual kernels, or jails. Aka OS virtualization.

Question 170

unified endpoint management (UEM

Answer 170

A type of software tool that provides a single management platform to control mobile, PC, IoT, wearables, ICS, and other devices. It replaces mobile device management (MDM) and enterprise mobility management (EMM) products.

Question 171

mobile application management (MAM)

Answer 171

A software product similar to a mobile device management (MDM) product, but it focuses on app management rather than the entire mobile device.

Question 172

geofencing

Answer 172

The designation of a specific geographical area that is then used to implement features on mobile devices. A geofence can be defined by GPS coordinates, wireless indoor positioning systems, or presence or lack of a specific wireless signal.

Question 173

process isolation

Answer 173

One of the fundamental security procedures put into place during system design. Basically, using process isolation mechanisms (whether part of the operating system or part of the hardware itself) ensures that each process has its own isolated memory space for storage of data and the actual executing application code itself

Question 174

covert timing channel

Answer 174

A channel that conveys information by altering the performance of a system component or modifying a resource’s timing in a predictable manner.

Question 175

covert storage channel

Answer 175

A channel that conveys information by writing data to a common storage area where another process can read it.

Question 176

covert channel

Answer 176

The means by which data can be communicated outside of normal, expected, or detectable methods. See covert storage channel and covert timing channel.