Domain 3.3: Security Architecture and Engineering Flashcards

Question

# Define: Security Template

Answer 1

A predefined configuration file defining security settings that can be applied to systems to maintain consistent security. ## Footnote A predefined configuration file used to define and manage security settings on a network or within an organization. It includes configurations for various policies, user rights, and system services, which can be applied to systems to maintain consistency and facilitate easier management of security settings. Frequently utilized in environments using Microsoft Windows, these templates assist administrators in the deployment and enforcement of corporate security policies.

Answer 2

A storage device that automatically encrypts the data it stores, often using hardware-based encryption. ## Footnote A storage device that automatically encrypts the data it contains without requiring any action from the user. It employs hardware-based encryption, where the encryption key is never stored in the computer's operating system. Instead, the key is kept within the drive's controller. This feature offers significant protection against data breaches, especially in cases where physical drives are lost or stolen, as it renders the data unreadable without the correct encryption key. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Self-encrypting_drive).*

Answer 3

Certificates issued and signed by the entity that creates them. ## Footnote Self-signed certificates are digital certificates generated and signed by the organization or individual using them rather than by a trusted certificate authority. They enable encrypted communications and identity verification in controlled environments, such as development or internal networks, though they may trigger security warnings when used externally. Their validation relies entirely on the issuer's credibility rather than third-party oversight. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Self-signed_certificate).*

Answer 4

Security-Enhanced Linux (SELinux) is a Linux kernel security module that enforces mandatory access control policies, confining processes and limiting their privileges to mitigate exploits. ## Footnote Initially developed by the NSA, SELinux sets fine-grained rules dictating which resources each process can access, preventing breaches from escalating. Configuration can be complex, so administrators define policies carefully. When properly managed, SELinux thwarts privilege escalation and zero-day attacks. Many modern Linux distributions incorporate SELinux by default, offering robust protections against unauthorized file and system modifications. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/SELinux).*

Answer 5

Best practices for securing a server to protect it against vulnerabilities and attacks. ## Footnote The guidelines and best practices for securing a server and protecting it against potential vulnerabilities and attacks. They are used in the configuration and maintenance of servers in a network. Examples of server hardening guidelines include disabling unnecessary services, implementing firewalls and intrusion detection systems, and regularly updating software and patches. *For more information, view this lecture on [Asset Tracking and Hardware Hardening](https://courses.thorteaches.com/courses/take/cissp/lessons/20679155-asset-tracking-and-hardware-hardening).*

Answer 6

Attacks targeting vulnerabilities in server-side applications or services. ## Footnote Server side attacks exploit weaknesses in the applications, services, or configurations hosted on servers. These attacks can compromise sensitive data, disrupt operations, or provide unauthorized access by leveraging vulnerabilities such as injection flaws or misconfigurations, highlighting the importance of regular security updates and rigorous system hardening measures. *For more information, view this lecture on [Malware- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18684286-malware-part-2).*

Answer 7

Serverless computing abstracts away server management tasks, letting developers run code in ephemeral environments triggered by events, paying only for actual execution time. ## Footnote Providers handle infrastructure provisioning, capacity scaling, and patching, allowing teams to focus on application logic. Functions-as-a-Service platforms like AWS Lambda exemplify this model. While it simplifies deployments and can reduce costs, complexities arise in monitoring, debugging, and cold-start latency. Security responsibilities shift to managing identities, event triggers, and code integrity. Done well, serverless fosters rapid, highly scalable application deployments. *For more information, view this lecture on [Hardware Architecture- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18591307-hardware-architecture-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Serverless_computing).*

Answer 8

An architectural approach that enables the creation and combination of interoperable services within a system. ## Footnote A design approach that allows for the creation of independent, modular services that can be combined to create a larger application. It is used in software development to create scalable, flexible systems. Examples include Amazon's cloud services and the use of microservices in web applications. *For more information, view this lecture on [Web Architecture and Attacks](https://courses.thorteaches.com/courses/take/cissp/lessons/19148725-web-architecture-and-attacks). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Service-oriented_architecture).*

Answer 9

A cyber-attack exploiting session ID manipulation to gain unauthorized account access. ## Footnote A type of attack where an attacker manipulates the session identifier, or "session ID," of a user's session to gain unauthorized access to their account. It is often used in web-based attacks, where the attacker may trick a user into using a compromised session ID. For instance, an attacker may send a user a malicious link with a pre-set session ID, allowing the attacker to hijack the user's session. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Session_fixation).*

Answer 10

An attack intercepting and taking over a legitimate session between a user and a system. ## Footnote An attack where an intruder takes over a valid session between a user and a system. The attacker exploits vulnerabilities in the session management, such as weak session IDs or unprotected network traffic, to impersonate the user. Once control is gained, the attacker can perform actions as the authenticated user, potentially leading to unauthorized access to sensitive information or functionality. *For more information, view this lecture on [Attacks on Our Cryptography- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149711-attacks-on-our-cryptography-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Session_hijacking).*

Answer 11

A temporary key used to encrypt communication during a session, ensuring secure data transfer. ## Footnote A temporary encryption key used for secure communication between two parties during a single session. It is used in cryptography to provide secure communication without the need for long-term keys. Examples include the use of session keys in SSL/TLS communications and in SSH connections. *For more information, view this lecture on [The Encryption We Use Today](https://courses.thorteaches.com/courses/take/cissp/lessons/19215118-the-encryption-we-use-today). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Session_key).*

Answer 12

An older method of wireless network authentication using a pre-shared secret key. ## Footnote An outdated wireless authentication method where both the client and the access point must possess a pre-shared secret key. The protocol is vulnerable to several security issues and is no longer recommended for use in secure wireless environments, with modern protocols like WPA2 and WPA3 providing stronger security measures. *For more information, view this lecture on [The Encryption We Use Today](https://courses.thorteaches.com/courses/take/cissp/lessons/19215118-the-encryption-we-use-today).*

Answer 13

An arrangement where multiple users share infrastructure while keeping data separated. ## Footnote Shared Tenancy describes a model in which several organizations or users share the same physical or virtual infrastructure while maintaining isolated data environments. Commonly seen in cloud services, this approach optimizes resource utilization and cost efficiency. However, it requires stringent security measures to ensure that each tenant’s data remains protected and segregated from others, safeguarding confidentiality and integrity. *For more information, view this lecture on [Site Selection- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149825-site-selection-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Lease).*

Answer 14

An encryption method where the same key is used for both encryption and decryption. ## Footnote A type of encryption where the same secret key is used by both the sender and the receiver to encrypt and decrypt messages. It is often used in symmetric-key cryptography, where the same secret key is used by both parties to encrypt and decrypt messages. For instance, in a shared-secret encryption system, the sender and receiver may agree on a secret key and use that key to encrypt and decrypt messages sent between them. *For more information, view this lecture on [The Encryption We Use Today](https://courses.thorteaches.com/courses/take/cissp/lessons/19215118-the-encryption-we-use-today). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Symmetric-key_algorithm).*

Answer 15

A user interface for accessing an operating system's services, often command-line based. ## Footnote A command-line interface for accessing an operating system's services. It is used to perform tasks and manage system resources through the use of commands and scripts. Examples include the Bash shell on Linux systems and the PowerShell on Windows systems. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Shell_(computing)).*

Answer 16

A protective case that blocks electromagnetic interference to protect electronic equipment. ## Footnote A protective covering or enclosure that is designed to block electromagnetic interference (EMI). It is used in electrical and electronic systems to prevent EMI from affecting the operation of the system. Examples include shielded cables and enclosures for sensitive electronic equipment. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Faraday_cage).*

Answer 17

A skimming device inserted into card slots to steal data from chip-based credit or debit cards. ## Footnote A type of skimming device that is inserted into a card slot, such as those on ATMs or point-of-sale terminals, to read data from chip-based credit and debit cards. Unlike traditional skimmers, shimmers are thinner and target the chip instead of the magnetic stripe, making them harder to detect.

Answer 18

Exploits that use indirect information from a system to uncover sensitive data or keys. ## Footnote Security attacks that exploit indirect information gained from a system's implementation, such as power consumption or electromagnetic emissions, to compromise the system. While side-channel attacks can occur in various environments, including virtualized systems, they are not exclusive to virtualization and can affect physical hardware as well. *For more information, view this lecture on [Attacks on Our Cryptography- Part 3](https://courses.thorteaches.com/courses/take/cissp/lessons/19423096-attacks-on-our-cryptography-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Side-channel_attack).*

Answer 19

A cipher machine used by the U.S. during WWII for secure communications. ## Footnote SIGABA was a sophisticated encryption machine deployed by the United States during World War II. Its complex system of rotors and switching mechanisms provided robust and secure communication for military operations, ensuring that sensitive messages remained confidential against enemy decryption efforts. *For more information, view this lecture on [The History of Cryptography- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19215103-the-history-of-cryptography-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/SIGABA).*

Answer 20

Identifying threats by comparing attributes to a database of known malicious signatures. ## Footnote A method of identifying known threats or malicious software by comparing their characteristics, such as code or behavior, to a database of known signatures. It is commonly used in antivirus software and other security tools to quickly identify and remove known threats. Examples include signature detection, used to identify and remove malware from a computer, signature detection used to detect and block phishing emails; and signature detection, used to identify and block malicious websites. *For more information, view this lecture on [Malware- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18684286-malware-part-2).*

Answer 21

A rule in the Bell-LaPadula security model that restricts access based on security levels to protect data confidentiality. ## Footnote A term used in the Bell-LaPadula (BLP) security model, a formal model for maintaining confidentiality in a system. The Simple Security Property, also known as the no-read-up, no-write-down (NRU, NWD) rule, states that a subject (a user or a process operating on behalf of a user) cannot read an object (information or a resource) at a higher security level, nor write to an object at a lower security level. This is to prevent sensitive information from being accessed by unauthorized users or downgraded to a less secure level, hence ensuring the confidentiality of data. *For more information, view this lecture on [Security Models and Concepts - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/47772487-security-models-and-concepts-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Bell–LaPadula_model).*

Answer 22

The practice of labeling areas to designate zones and guide access within a site. ## Footnote Site Marking involves the application of visual indicators, such as signs, paint, or physical barriers, to clearly delineate different zones within a property. It is used to identify restricted areas, hazard zones, or operational sections, thereby enhancing security, safety, and organizational efficiency. Effective site marking helps prevent unauthorized access and aids in emergency management by providing clear navigational cues. *For more information, view this lecture on [Site Selection- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149825-site-selection-part-1).*

Answer 23

A device used to illicitly capture credit card information from card readers at points of transaction like ATMs or gas pumps. ## Footnote A device that is attached to a card reader, such as an ATM or gas pump, to steal credit card information. It is used in instances of credit card fraud. Examples include skimmers attached to gas pumps, ATMs, and point-of-sale systems. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Credit_card_fraud#Skimming).*

Answer 24

Continuous walls extending between building floors to provide support and fire resistance. ## Footnote Slab to Slab walls are structural elements that extend continuously from one floor slab to another, providing critical support, rigidity, and fire protection within a building. These walls help distribute loads evenly and act as barriers to the spread of fire and smoke. Their design is essential in modern construction, contributing both to the stability and safety of multi-story structures. *For more information, view this lecture on [Physical Security- Part 5](https://courses.thorteaches.com/courses/take/cissp/lessons/19149815-physical-security-part-5).*

Answer 25

A social engineering attack delivered via SMS messages, luring recipients into divulging personal information or clicking malicious links. ## Footnote Similar to phishing emails, attackers pose as trusted entities—banks, service providers, or government agencies. Victims may unknowingly reveal credentials, financial details, or install malware. Defensive measures include verifying message authenticity, avoiding unverified links, and enabling spam filters. Raising awareness about smishing helps users recognize suspicious texts and question urgent requests that might indicate an evolving cyber scam. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Phishing#SMS_phishing).

Answer 26

A cloud computing model where software applications are delivered online on a subscription basis. ## Footnote A type of cloud computing model where a provider delivers software applications to users over the internet on a subscription basis. It is commonly used by businesses to access software applications without the need to install and maintain them on their own premises. Examples of SaaS applications include email, customer relationship management, and enterprise resource planning. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 3](https://courses.thorteaches.com/courses/take/cissp/lessons/18591378-virtualization-cloud-and-distributed-computing-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Software_as_a_service).

Answer 27

Encryption executed via software algorithms to secure data on general-purpose hardware. ## Footnote Software encryption relies on algorithms and code running on standard hardware to protect data. Although flexible and easily updated, it can be slower than hardware solutions and may be more vulnerable to certain types of software exploits if not properly managed. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Encryption_software).*

Answer 28

The process of leveraging software vulnerabilities to compromise or control a system. ## Footnote The act of leveraging software vulnerabilities to gain unauthorized access or control over a system. By exploiting flaws, bugs, or design deficiencies, attackers can bypass security mechanisms, disrupt system functionality, steal sensitive data, or execute arbitrary commands. Effective strategies to counter software exploitation include regular updates and patches, rigorous testing, and security best practices during software development.

Answer 29

A security method using software to define and enforce security policies in an organization's network. ## Footnote An approach to security that uses software to define and enforce security policies across an organization's network. It is used to provide centralized, flexible, and scalable security management. Examples of SDS solutions include network security virtualization and software-defined perimeter. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Software-defined_protection).*

Answer 30

An ancient transposition cipher used by the Spartans for military communication. ## Footnote An ancient encryption tool used by the Spartans where a strip of parchment or leather is wound around a rod of a specific diameter to write a message. When unwound, the letters do not align, and the message appears garbled. The recipient, who has a rod of the same diameter, can read the message by winding the strip around the rod. It's an early example of a transposition cipher. *For more information, view this lecture on [The history of Cryptography - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149612-the-history-of-cryptography-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Scytale).*

Answer 31

A sharp increase in network traffic or system activity, often indicative of a cyber-attack or system issue. ## Footnote A sudden increase in traffic on a network or system, potentially causing it to crash or slow down. It is used in network analysis and monitoring to detect potential security threats or performance issues. Examples include a spike in web traffic during a cyber-attack or a spike in database queries during peak usage hours. *For more information, view this lecture on [Electricity](https://courses.thorteaches.com/courses/take/cissp/lessons/19149858-electricity). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Voltage_spike).*

Answer 32

A process where data is stored temporarily to be processed sequentially, such as in print spooling. ## Footnote A computing process where data is temporarily stored to be processed or output sequentially. Commonly associated with print spooling, it allows a computer to receive multiple print jobs at once, which are then queued and sent to the printer or another output device in the order they were received. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/SPOOL).*

Answer 33

Malicious software that secretly gathers information about a person or organization without their knowledge. ## Footnote A type of malicious software that covertly collects information about a user or organization without consent, often for personal or financial gain. Spyware can monitor and capture keystrokes, web browsing history, passwords, and other sensitive data. Anti-spyware tools and best practices in cybersecurity hygiene are essential to protect against such invasive software. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Spyware).*

Answer 34

A type of memory used by the CPU to store temporary data, manage function calls, and control program execution flow. ## Footnote A type of memory used by a computer's central processing unit (CPU) to store and manage data. It is used in computer programming to store temporary data and manage function calls. Examples include storing local variables and function parameters and managing the order in which functions are executed. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Call_stack).*

Answer 35

Stalkerware is spyware installed on a device—often by someone known to the victim—that tracks location, messages, calls, and browsing activity without user consent. ## Footnote Abuse cases commonly occur in intimate partner violence, letting perpetrators monitor targets’ private lives. Stalkerware marketplaces mislead customers into believing they’re employing legitimate monitoring solutions, but it violates privacy and can be illegal. Security tools can detect or remove these applications, but detection may risk perpetrator retaliation. Awareness, strong device security, and protective legislation are crucial in combating stalkerware. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Stalkerware).*

Answer 36

A self-sufficient system or network that operates independently without relying on external connections. ## Footnote An independent system or network infrastructure that functions without the need for external networks or systems. It's designed to operate autonomously, often for reliability and security, such as an isolated network that does not connect to the internet.

Answer 37

The accumulation of electrical charge on surfaces, often due to friction or separation. ## Footnote Static Electricity occurs when materials build up excess electrical charge from friction, separation, or induction. This buildup can result in sudden discharges or sparks, posing risks to sensitive electronic components or flammable materials. Controlling static electricity through grounding and other preventative measures is essential in industrial, commercial, and consumer environments to avoid damage and ensure safety. *For more information, view this lecture on [Fire suppression and hot and cold aisles](https://courses.thorteaches.com/courses/take/cissp/lessons/19149912-fire-suppression-and-hot-and-cold-aisles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Static_electricity).*

Answer 38

A technique where attackers extract encryption keys to bypass cryptographic protection. ## Footnote Steal the Key describes an attack method in which adversaries retrieve encryption keys from a system via vulnerabilities or physical access. Once in possession of the key, attackers can decrypt data or authenticate maliciously, effectively nullifying encryption. This technique highlights the critical importance of secure key management and robust storage mechanisms in protecting sensitive information. *For more information, view this lecture on [Attacks on our cryptography- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149711-attacks-on-our-cryptography-part-1).*

Answer 39

Malicious software that conceals its presence to evade detection and maintain persistence in an infected system. ## Footnote A type of malicious software designed to avoid detection by security software and system monitoring tools. It uses various mechanisms such as obfuscation, encryption, and polymorphic techniques to disguise its presence within the infected system. By concealing itself and its activities, a stealth virus can compromise a system without alerting the user or triggering security protocols. *For more information, view this lecture on [Malware- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18684054-malware-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Stealth_virus).*

Answer 40

The practice of hiding secret messages within other, seemingly innocuous data or media to obscure communication. ## Footnote The practice of concealing information within another piece of information. It is often used to embed secret messages in images, audio files, or other data carriers in such a way that no one except the sender and intended recipient even realizes there is a hidden message. In a security context, steganography can be used both for legitimate purposes, such as covert communication, and malicious purposes, such as hiding malware or exfiltrating data. *For more information, view this lecture on [Emanations and Covert Channels](https://courses.thorteaches.com/courses/take/cissp/lessons/18591390-emanations-and-covert-channels). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Steganography).*

Answer 41

The art and science of concealing messages within other media. ## Footnote Stenography involves embedding hidden messages into various forms of media such as images, audio files, or text documents. This practice conceals the very existence of the message, offering an additional layer of security by masking communications and protecting sensitive information from unauthorized detection or scrutiny. *For more information, view this lecture on [Emanations and Covert Channels](https://courses.thorteaches.com/courses/take/cissp/lessons/18591390-emanations-and-covert-channels). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Steganography).*

Answer 42

An encryption method where plaintext is combined with a pseudorandom cipher stream for secure communication. ## Footnote A method of encryption where each bit or byte of plaintext is combined with a pseudorandom cipher digit stream, typically using a bitwise exclusive-or (XOR) operation. This encryption method provides high speed and hardware efficiency. However, because of the linearity of the XOR operation, it is critical that the same sequence is not used twice, making key management a crucial aspect of secure stream cipher operation. *For more information, view this lecture on [Symmetric encryption- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149624-symmetric-encryption-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Stream_cipher).*

Answer 43

A threat modeling framework for identifying and categorizing security threats in application and system design. ## Footnote A threat modeling methodology used to identify potential security risks associated with a system or application. The acronym STRIDE stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Each of these represents a class of threat that the model helps to identify, enabling the development of mitigation strategies and increasing the overall resilience of the system. *For more information, view this lecture on [Secure design principles](https://courses.thorteaches.com/courses/take/cissp/lessons/25340659-secure-design-principles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/STRIDE_(security)).*

Answer 44

In cryptography, it's a method where plaintext units are replaced with ciphertext units based on a fixed system. ## Footnote The process of replacing one element with another. In cryptography, substitution is a fundamental method used in various types of ciphers where units of plaintext are replaced with the corresponding units of ciphertext according to a fixed system. The "units" may be single letters, pairs of letters, triplets of letters, mixtures of the above, and so forth. *For more information, view this lecture on [The history of Cryptography - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149612-the-history-of-cryptography-part-1). Or view this lecture on [Introduction to Cryptography- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19121903-introduction-to-cryptography-part-2).*

Answer 45

A cryptographic technique where plaintext elements are systematically replaced with ciphertext elements. ## Footnote A type of cryptographic technique that replaces each letter in a message with a different letter or symbol based on a predetermined key. It is used for secure communication and to protect sensitive information from being intercepted. Examples include the Caesar cipher, the Vigenère cipher, and the Atbash cipher. *For more information, view this lecture on [The history of Cryptography - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149612-the-history-of-cryptography-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Substitution_cipher).*

Answer 46

A device protecting electronic equipment from voltage spikes, ensuring the safety and longevity of the devices. ## Footnote A device that protects electronic equipment from voltage spikes or surges. It is commonly used in homes and businesses to protect computers and other sensitive equipment from damage. Examples include a surge protector strip for a computer, a whole-house surge protector for a home's electrical system, and a surge protector for a commercial server room. *For more information, view this lecture on [Electricity](https://courses.thorteaches.com/courses/take/cissp/lessons/19149858-electricity). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Surge_protector).*

Answer 47

An encryption method using the same key for encrypting and decrypting data. ## Footnote A mathematical process used to encrypt and decrypt data. It uses the same secret key for both operations, making it fast and efficient for large amounts of data. Examples include the Advanced Encryption Standard (AES) and the Blowfish algorithm. *For more information, view this lecture on [Symmetric encryption- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149624-symmetric-encryption-part-1). View this lecture on [Symmetric encryption- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19215140-symmetric-encryption-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Symmetric-key_algorithm).*

Answer 48

A type of encryption using the same key for both encryption and decryption processes. ## Footnote A type of cipher that uses the same key for both encryption and decryption. It is a fundamental type of encryption technique that uses a single key to convert plaintext data into ciphertext, and the same key is used to convert the ciphertext back into the original plaintext. Examples of symmetric ciphers include DES (Data Encryption Standard), AES (Advanced Encryption Standard), and RC4. They are widely used due to their speed and efficiency but require secure key distribution and management. *For more information, view this lecture on [Symmetric encryption- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149624-symmetric-encryption-part-1). View this lecture on [Symmetric encryption- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19215140-symmetric-encryption-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Symmetric-key_algorithm).*

Answer 49

A single key used in symmetric encryption for both encrypting and decrypting messages. ## Footnote An encryption method using a single secret key for encrypting and decrypting messages. Both sender and receiver must share and safeguard the key. Symmetric key algorithms are fast and efficient, suitable for encrypting large amounts of data, but require secure key distribution methods to prevent interception. *For more information, view this lecture on [Symmetric encryption- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149624-symmetric-encryption-part-1). View this lecture on [Symmetric encryption- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19215140-symmetric-encryption-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Symmetric-key_algorithm).*

Answer 50

Cryptography using a single key for encryption and decryption, requiring secure key distribution. ## Footnote A form of cryptography that utilizes a single secret key for both encryption and decryption of data. The key is used to convert plaintext data into ciphertext, and the same key is used to convert the ciphertext back into the original plaintext. While this method provides a fast and efficient means of data encryption, securely distributing the key to the intended parties presents a unique challenge, as anyone who possesses the key can decrypt the information. *For more information, view this lecture on [Symmetric encryption- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149624-symmetric-encryption-part-1). View this lecture on [Symmetric encryption- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19215140-symmetric-encryption-part-2).*

Answer 51

A computer architecture with multiple processors that share a single memory, improving performance and reliability. ## Footnote A computer architecture that enables two or more identical processors to connect and share a single, coherent view of the main memory. SMP systems can process multiple tasks simultaneously, improving performance and reliability. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Symmetric_multiprocessing).*

Answer 52

Scripts simulating user interactions to monitor system performance and identify potential issues. ## Footnote Scripted actions that simulate user interactions with a system or application. These scripts mimic end-user behavior, such as logging in, navigating through an application, or completing a transaction, to proactively monitor and measure system performance and availability. Synthetic transactions are used in testing environments to identify potential issues before they impact end users, helping to maintain a high level of service availability and security. *For more information, view this lecture on [Domain 6 key concepts](https://courses.thorteaches.com/courses/take/cissp/lessons/19179910-domain-6-key-concepts). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Synthetic_data).*

Answer 53

The process of securing a system by reducing its attack surface through measures like disabling unnecessary services and applying patches. ## Footnote The process of strengthening a computer system's security by reducing its attack surface and vulnerabilities. This can involve disabling unnecessary services, applying security patches, and implementing security controls. Examples of system hardening measures include firewalls, intrusion detection systems, and access controls. *For more information, view this lecture on [Asset tracking and hardware hardening](https://courses.thorteaches.com/courses/take/cissp/lessons/20679155-asset-tracking-and-hardware-hardening). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Hardening_(computing)).*

Answer 54

An operating state where a system functions at maximum security settings typically used in sensitive or classified environments. ## Footnote A state in which a computer system operates at its highest level of security. It is used in military and government organizations to protect sensitive information from unauthorized access. Examples -a classified government database, a military communication network, and a secure online voting system. *For more information, view this lecture on [Security models and concepts- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18591282-security-models-and-concepts-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/System_high_mode).*

Answer 55

The assurance that a system is free from unauthorized access and has not been tampered with or corrupted. ## Footnote The state of a computer system being free from unauthorized access, tampering, or data corruption. This is a key aspect of computer security and is often ensured through the use of encryption, access controls, and backup systems. Examples of system integrity breaches include a hacker accessing sensitive data or a virus corrupting a database. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/System_Integrity).*

Answer 56

Gaining unauthorized access by following someone with legitimate access into a restricted area. ## Footnote The unauthorized access to a restricted area by following someone who has legitimate access. It is a common security risk, especially in physical security environments such as buildings and facilities. Examples include an unauthorized person following an employee into a secured office building, or a visitor following a resident into a gated community. *For more information, view this lecture on [Physical security- Part 4](https://courses.thorteaches.com/courses/take/cissp/lessons/19632100-physical-security-part-4). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Tailgating).*

Answer 57

A formal security model used to understand permission transfer based on take and grant rules. ## Footnote A formal model used to understand how permission and rights can be transferred between subjects in a system based on a set of rules for 'taking' and 'granting' these rights. While not typically deployed in practical systems, it aids in the conceptual understanding of access rights propagation. *For more information, view this lecture on [Security models and concepts- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18591282-security-models-and-concepts-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Take-grant_protection_model).*

Answer 58

Illegitimate alteration or damage to systems or devices, a serious security concern. ## Footnote The act of deliberately altering or damaging a system or device without authorization. It is a common security concern, especially in the context of information technology, where tampering can lead to data breaches or loss of integrity. Examples include modifying a computer program to gain unauthorized access to a system or tampering with a security camera to disable its surveillance capabilities. *For more information, view this lecture on [Secure design principles](https://courses.thorteaches.com/courses/take/cissp/lessons/25340659-secure-design-principles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Tampering).*

Answer 59

A set of components subject to security evaluation, defining the boundaries for testing. ## Footnote A set of software, firmware, and/or hardware components that are the subject of a security evaluation process. The TOE defines the boundaries of the product or system to be tested, including its security functions, interfaces, and implementation. By establishing a TOE, evaluators can systematically identify vulnerabilities, assess risks, and verify the effectiveness of security controls. *For more information, view this lecture on [Security evaluation models](https://courses.thorteaches.com/courses/take/cissp/lessons/18591287-security-evaluation-models). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Security_Target).*

Answer 60

TDE automatically encrypts database files at rest, securing stored data without requiring application-level changes or manual encryption routines. ## Footnote Enabling TDE ensures that files and backups remain unreadable if extracted from storage, thwarting offline attacks. Keys typically reside in a secure wallet or key management service. While TDE safeguards data on disk, it doesn’t protect data in transit or memory. Still, it’s a vital layer of defense for compliance and mitigating data breach impacts if physical media is compromised. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Transparent_data_encryption).*

Answer 61

Protection of systems and services that underpin an organization's IT environment against various threats. ## Footnote The protection of the underlying systems and services that support an organization's IT environment. This includes ensuring the security of servers, networks, databases, and other technical assets from threats such as malware, unauthorized access, and data breaches. Key elements of technical infrastructure security include patch management, secure configuration, access control, network security, and monitoring for signs of potential security incidents. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IT_infrastructure).*

Answer 62

The collective hardware, software, network resources, and services required for IT operations and management. ## Footnote The composite hardware, software, network resources, and services required for the operation, management, and delivery of IT services and solutions. This infrastructure supports the delivery and processing of information across an organization. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IT_infrastructure).*

Answer 63

A set of standards for limiting electromagnetic emissions to prevent eavesdropping on electronic equipment. ## Footnote An unofficial acronym for a set of standards for limiting electric or electromagnetic emissions emanating from electronic equipment. These standards help prevent eavesdropping on sensitive information through the interception of these emissions. Compliance with TEMPEST standards is an aspect of securing classified and sensitive information. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Tempest_(codename)).*

Answer 64

A security architecture model using layers that protect system components. ## Footnote The Ring Model is a layered security approach where each concentric ring provides a higher level of protection. This design limits access to critical components by enforcing strict boundaries between different security levels, making it more difficult for unauthorized users to compromise the core functions and data of a system. *For more information, view this lecture on [Secure system design concepts](https://courses.thorteaches.com/courses/take/cissp/lessons/18591293-secure-system-design-concepts). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Protection_ring).*

Answer 65

Unauthorized access or use of virtual resources, posing security risks. ## Footnote Unauthorized access, use, or transference of virtual resources. It can encompass a range of malicious activities, from stealing virtual machines, data, or processing power to misusing virtual networks for illicit activities. This form of theft is a particular concern due to the scalability and dynamism of virtual environments, as illicit activities can be easily replicated or hidden within the complex and often distributed virtual infrastructure.

Answer 66

A lightweight computer that relies on remote servers for processing and storage. ## Footnote A Thin Client is a minimalistic computing device designed to perform basic input and output tasks while depending on a centralized server for processing power, data storage, and application execution. This architecture reduces hardware costs and simplifies maintenance while enhancing security through centralized management. Thin clients are ideal for environments requiring streamlined operations, such as virtual desktop infrastructures or remote work solutions. *For more information, view this lecture on [Secure Communications - Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/29462724-secure-communications-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Thin_client).*

Answer 67

Identifying and addressing potential threats in a systematic and prioritized manner. ## Footnote The process of identifying, understanding, and addressing potential threats in a prioritized way. It involves creating a conceptual model of the system or application, including data flow and connectivity, and then identifying assets, threats, and vulnerabilities within this model. The purpose is to mitigate possible security risks during the design phase of a system rather than after deployment. *For more information, view this lecture on [Secure design principles](https://courses.thorteaches.com/courses/take/cissp/lessons/25340659-secure-design-principles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Threat_model).*

Answer 68

Malicious code programmed to trigger a harmful event at a specific time or after a period. ## Footnote A malicious piece of code that has been programmed to activate at a specific time or under certain conditions. Unlike a logic bomb, which triggers when a particular event occurs, a time bomb is set to activate on a particular date or after a set amount of time has passed. These are typically used to cause disruption or damage to a system or network, and their delayed activation can make them difficult to detect before they execute. *For more information, view this lecture on [Malware- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18684286-malware-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Time_bomb_(software)).*

Answer 69

An attack that extracts sensitive information by analyzing the time it takes for a system to respond to inputs. ## Footnote A form of attack where the attacker learns information about the target system by observing the time it takes for the system to respond to inputs. The analysis of the time required to perform cryptographic operations can potentially reveal sensitive data, such as secret keys, especially in poorly implemented cryptographic systems. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Timing_attack).*

Answer 70

A framework for developing and managing enterprise information architecture. ## Footnote A framework that provides a comprehensive approach to the design, planning, implementation, and governance of an enterprise information architecture. It is designed to ensure that the resulting information system is aligned with business needs and is cost-effective, reliable, and scalable. The TOGAF standard includes a set of guiding principles, methods, and a supporting toolset for designing an enterprise architecture. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/The_Open_Group_Architecture_Framework).*

Answer 71

Converting sensitive data into non-sensitive equivalents, or tokens, to secure information. ## Footnote The process of converting sensitive data into a series of random, meaningless characters or tokens. It is used to protect data during transmission and storage. Examples -using tokenization to protect credit card information during online transactions and using tokenization to protect sensitive medical records in a healthcare database. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Tokenization_(data_security)).*

Answer 72

A standard for a hardware-based secure cryptoprocessor that safeguards sensitive information. ## Footnote TPM is a secure crypto-processor that is designed to carry out cryptographic operations. It is a hardware-based security feature that provides a secure environment for storing cryptographic keys, passwords, and digital certificates. It is used in computers, laptops, and other devices to securely store and manage sensitive information. Examples include using TPM for secure booting, user authentication, and data encryption. *For more information, view this lecture on [Hardware architecture- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/45831595-hardware-architecture-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Trusted_Platform_Module).*

Answer 73

Encryption of data in transit between systems or over networks to prevent unauthorized access and maintain confidentiality. ## Footnote A technique used to protect data in transit between systems or across networks, including the internet. It involves encrypting the data before transmission and then decrypting it upon arrival at its destination. Transport encryption is crucial for preventing unauthorized access to data as it travels across networks, guarding against interception, and preserving data integrity and confidentiality.

Answer 74

Cryptographic techniques involving the rearrangement of characters or bits in a message to encrypt data. ## Footnote In cryptography, transposition refers to rearranging the characters in a message, while permutation involves rearranging bits, bytes, or other parts of the message according to a specific system or rule. Both are techniques used to obscure the content of a message. *For more information, view this lecture on [Introduction to Cryptography- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19121903-introduction-to-cryptography-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Transposition_cipher).*

Answer 75

A transposition cipher rearranges the letters of the plaintext according to a systematic pattern, changing their positions without altering the actual characters used. ## Footnote Unlike substitution ciphers that replace letters, transposition simply reshuffles them. Classic examples include the rail fence cipher, where text is written in a zigzag pattern, then read row by row. Security stems from the difficulty of restoring the correct ordering. However, frequency analysis may assist skilled cryptanalysts. Modern cryptography surpasses transposition ciphers, but they illuminate foundational encryption principles. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Transposition_cipher).*

Answer 76

A mathematical function that is easy to compute in one direction but difficult to reverse without specific knowledge. ## Footnote A function that is easy to compute in one direction but believed to be difficult to compute in the opposite direction without special information, called a 'trapdoor'. These functions are essential in the construction of encryption algorithms, particularly public-key cryptosystems. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Trapdoor_function).*

Answer 77

Trojans are malicious software disguised as legitimate applications, tricking users into installation and opening a hidden backdoor or executing harmful payloads. ## Footnote Commonly delivered via email attachments, fake software downloads, or rogue links, Trojans establish attacker access to compromised systems. Attackers can steal data, install ransomware, or expand botnets. Defending against Trojans requires applying security patches, scanning for suspicious files, and training users to identify social engineering tactics. Vigilance and layered protections help detect and remove Trojan infections before serious damage occurs. *For more information, view this lecture on [Malware- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18684286-malware-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Trojan_horse_(computing)).*

Answer 78

A principle emphasizing the importance of trusting entities while also ensuring their actions are validated. ## Footnote A principle that emphasizes the importance of establishing confidence in entities while also validating their actions. It suggests that while one may trust an entity, their actions and activities should be independently checked for accuracy, reliability, and integrity, maintaining a balance between trust and security control. *For more information, view this lecture on [Secure design principles.](https://courses.thorteaches.com/courses/take/cissp/lessons/25340659-secure-design-principles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Web_of_trust).*

Answer 79

A framework outlining how trust is established and managed within a network or system. ## Footnote This outlines the approach to trust relationships within a network or between systems. It defines how trust is established, who or what can be trusted, and the extent to which trust is granted. Models can vary from simple (one trusted entity) to complex (hierarchical or web-of-trust models). *For more information, view this lecture on [Secure design principles.](https://courses.thorteaches.com/courses/take/cissp/lessons/25340659-secure-design-principles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Web_of_trust).*

Answer 80

A secure communication pathway that ensures data transmitted between parties is confidential and secure. ## Footnote A trusted channel is a secure communication pathway that ensures data is transmitted confidentially and securely between parties, preventing unauthorized access and ensuring that the data has not been altered or intercepted during transit. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Secure_channel).*

Answer 81

A system designed to enforce a security policy, offering a certain level of assurance in its operation. ## Footnote A system that is relied upon to enforce a specific security policy. It has been designed and configured to provide a certain level of assurance for maintaining the confidentiality, integrity, and availability of the information it processes. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Trusted_system).*

Answer 82

A DoD standard for assessing the security of computer systems. ## Footnote A United States Government Department of Defense standard that sets basic requirements for assessing the effectiveness of security controls built into a computer system. It provides a metric to evaluate and measure the security properties of a computer system. *For more information, view this lecture on [Security evaluation models.](https://courses.thorteaches.com/courses/take/cissp/lessons/18591287-security-evaluation-models). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria).*

Answer 83

Components critical to a system's security, ensuring it adheres to security policies and operates securely. ## Footnote The collection of all hardware, firmware, and software components within a system that are critical to its security. The TCB provides a foundation of trust for a system by ensuring that enforced security policies are adhered to and that the system operates in a predictable and secure manner. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Trusted_Computing_Base).*

Answer 84

A secure communication link ensuring a user's direct interaction with the legitimate system rather than an imposter. ## Footnote A secure route or channel between a user and the system, ensuring that the user is directly communicating with the legitimate system and not an imposter. This route is protected against interception, modification, or mimicry by unauthorized or malicious entities.

Answer 85

A verified procedure with elevated access to perform sensitive operations, crucial for system integrity. ## Footnote A procedure that has been vetted and authorized to access resources and information beyond the restrictions imposed on most processes. It has the necessary permissions to perform sensitive operations, making it crucial that its integrity and security are maintained.

Answer 86

A system with robust security measures ensuring reliable enforcement of security policies. ## Footnote A system that has been thoroughly reviewed, tested, and proven to reliably enforce security policies. The trust in these systems comes from their proven ability to protect the confidentiality, integrity, and availability of the data they handle, even in the presence of threats.

Answer 87

A physical barrier controlling individual entry, often integrated with authentication systems for security. ## Footnote A form of physical access control, turnstiles regulate individual entry to secure areas one person at a time, often requiring authentication like badges, tickets, or biometrics. They're used in various settings, from public transit to high-security buildings, to prevent unauthorized access and manage pedestrian traffic flow. *For more information, view this lecture on [Physical security- Part 4.](https://courses.thorteaches.com/courses/take/cissp/lessons/19632100-physical-security-part-4). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Turnstile).*

Answer 88

A symmetric key block cipher praised for security and performance, a finalist in the AES selection process. ## Footnote A symmetric key block cipher known for its simplicity and speed. It was one of the five finalists in the Advanced Encryption Standard (AES) contest, where it was praised for its high security, good performance, and ease of implementation. *For more information, view this lecture on [Symmetric encryption- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/19215140-symmetric-encryption-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Twofish).*

Answer 89

A security protocol requiring two individuals to perform sensitive tasks, preventing unauthorized or fraudulent actions. ## Footnote A security concept used to maintain high levels of safety and integrity by ensuring that two or more individuals are required to perform certain sensitive or high-risk tasks. This technique prevents a single individual from having sole authority or access and is often applied to prevent fraudulent activities or unauthorized actions. *For more information, view this lecture on [Physical security- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/19632079-physical-security-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Two-man_rule).*

Answer 90

A hypervisor running directly on host hardware, isolating operating systems for security and efficiency. ## Footnote A type of hypervisor that runs directly on a physical host machine's hardware, allowing multiple operating systems to be run on the same physical server. It is used in server virtualization and cloud computing environments. Examples include VMware ESXi and Microsoft Hyper-V. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18591372-virtualization-cloud-and-distributed-computing-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Hypervisor#Type-1_(native,_bare-metal)_hypervisors).*

Answer 91

A hypervisor that runs within a host operating system, allowing for multiple virtual environments. ## Footnote A type of hypervisor that runs within a host operating system, allowing multiple virtual machines to be run on the same physical host. It is used in desktop virtualization and personal cloud computing environments. Examples include VMware Workstation and Oracle VirtualBox. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18591372-virtualization-cloud-and-distributed-computing-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Hypervisor#Type-2_(hosted)_hypervisors).*

Answer 92

UAVs, often known as drones, are aircraft piloted remotely or autonomously, used for surveillance, delivery, photography, and various commercial or military operations. ## Footnote They vary in size and range, equipped with onboard cameras or sensors. Advanced models can navigate with GPS, computer vision, or AI-based guidance. Security concerns include unauthorized surveillance, hacking vulnerabilities, and potential collisions. Regulatory frameworks manage airspace usage, requiring operational licenses or restricted flight zones. Despite risks, UAVs revolutionize logistics, research, and emergency response with agility and cost-effectiveness. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Unmanned_aerial_vehicle).*

Answer 93

UEFI is a modern replacement for the traditional BIOS, providing a modular and extensible interface to initialize hardware and boot operating systems securely. ## Footnote UEFI supports features like Secure Boot, large disk partitions, and faster startup times. Its driver-based architecture allows advanced hardware management and updatable firmware. While improving flexibility, it also introduces potential attack surfaces. Vendors mitigate risks by cryptographically signing firmware updates and limiting privilege. UEFI fosters robust system initialization routines, offering performance gains and stronger security. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface).*

Answer 94

Ultrasonic sensors emit high-frequency sound waves to measure distance or detect motion by timing reflections, used in automation, robotics, and security systems. ## Footnote Often seen in parking assist systems, ultrasonic sensors can also trigger alarms if someone crosses a set threshold. They operate on short-range signals, unaffected by visual obstructions, though certain environments or materials absorb or scatter sound. Proper calibration avoids false positives. When integrated with broader security controls, ultrasonic sensors enhance perimeter or device sensing capabilities. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Ultrasonic_sensor).*

Answer 95

A backup power system providing temporary electricity to prevent data loss during power outages. ## Footnote A device that provides a consistent flow of electricity to connected systems for a short period of time when the primary power source is lost. In an environment where system availability is critical, a UPS can prevent system downtime, loss of data, or hardware damage due to power interruptions. *For more information, view this lecture on [Electricity.](https://courses.thorteaches.com/courses/take/cissp/lessons/19149858-electricity). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Uninterruptible_power_supply).*

Answer 96

A secure and stable operating system family used for multitasking and multi-user applications, like servers. ## Footnote A family of operating systems that are widely used in servers and other large-scale computing systems. It is known for its security and stability and its ability to handle multiple users and processes simultaneously. Examples include Linux, Solaris, and macOS. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Unix).*

Answer 97

The process of installing software patches, enhancements, or fixes to improve system security and functionality. ## Footnote The process of applying patches, bug fixes, or enhancements to a system or software. Regular updates are crucial for maintaining system security as they often contain fixes for known vulnerabilities that could otherwise be exploited. The updating process should be managed carefully to minimize the potential for introducing new vulnerabilities or disrupting system functionality. *For more information, view this lecture on [Change management.](https://courses.thorteaches.com/courses/take/cissp/lessons/19180365-change-management).*

Answer 98

An organization specializing in the certification and standardization of data center reliability and performance. ## Footnote An organization that provides standards and certifications for data center reliability and efficiency. Their guidelines focus on both physical and logical components of data center operations, and adherence to their standards can significantly enhance the reliability and security of data center services. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Uptime_Institute).*

Answer 99

A connection interface for transferring data and connecting various devices with potential security implications. ## Footnote A standard type of connection interface used for transferring data and connecting devices. USBs can pose a security risk due to their ability to carry and transmit data and malware. Proper management, including limiting usage, disabling unnecessary ports, and scanning for malware, can mitigate these risks. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/USB).*

Answer 100

A restricted operating state limiting software application access to critical system resources. ## Footnote An operating state in modern computer systems that limits the access rights of software applications, preventing them from directly interacting with hardware or system resources. This mode maintains system stability and security by restricting application access to sensitive areas of the operating system. *For more information, view this lecture on [Secure system design concepts.](https://courses.thorteaches.com/courses/take/cissp/lessons/18591293-secure-system-design-concepts). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Privilege_level).*

Answer 101

A form or version of something slightly different from the original, like altered versions of malware. ## Footnote A version or form of something that is slightly different from the original. In the context of malware, for instance, a variant refers to a version of the malicious software that has been slightly altered from its original form, often to avoid detection by security measures or to adapt to different environments.

Answer 102

A situation where a customer becomes dependent on a single cloud provider's infrastructure. ## Footnote A situation where a customer using cloud services becomes dependent on a single cloud provider's infrastructure and tools, making it difficult or costly to migrate to another service. This can be due to proprietary technologies, custom APIs, or data transfer costs. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Vendor_lock-in).*

Answer 103

A strategy where a cloud provider excludes competitors from integrating with its platform. ## Footnote A strategy where a cloud service provider may exclude competitors' services or products from integrating with its own platform, enforcing a form of ecosystem control that can limit customer choice and interoperability between different cloud services. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Vendor_lock-in).*

Answer 104

Vertical scalability, also known as scaling up, involves increasing the capacity of a single system (e.g., adding CPU, RAM) to handle higher workloads. ## Footnote Compared to horizontal scaling, it doesn’t require coordinating multiple servers. While simpler to implement initially, hardware limitations and potential single points of failure can hamper long-term growth. Vertical scaling might mean upgrading to more powerful machines or leveraging virtualization for resource management. Balancing cost, downtime, and performance makes vertical scalability an option, though massive workloads may benefit from combined or horizontal strategies. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Scalability).*

Answer 105

The use of cameras and other devices to observe and record activities for security purposes. ## Footnote The use of cameras and other visual recording devices to monitor and record activities within a specific area. It is used for security purposes, to identify potential threats or incidents, and to provide evidence of criminal activity. Examples include CCTV cameras in a shopping mall or security cameras in a parking lot. *For more information, view this lecture on [Physical security- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19149796-physical-security-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Closed-circuit_television).*

Answer 106

The Vigènere cipher is a classic polyalphabetic substitution cipher that shifts letters by different amounts based on a repeating keyword, obscuring frequency patterns. ## Footnote Users align plaintext and key characters to determine each ciphertext character. Although stronger than simple Caesar ciphers, it’s vulnerable to Kasiski examination or frequency analysis if the key length is known. Historically popular, it was once deemed “le chiffrage indéchiffrable” (the indecipherable encryption). Though outdated for modern applications, the Vigènere cipher remains an instructive example of cryptographic evolution. *For more information, view this lecture on [The history of Cryptography - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149612-the-history-of-cryptography-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Vigen%C3%A8re_cipher).*

Answer 107

A breach where an attacker escapes a VM's isolation to interact with the host system. ## Footnote The instance where an attacker successfully breaches a virtual machine's confines to interact with the host system. By exploiting vulnerabilities within the virtual machine environment, attackers may breach the separation boundary, leading to the compromise of other virtual machines hosted on the same physical system. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18591372-virtualization-cloud-and-distributed-computing-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Virtual_machine_escape).*

Answer 108

Simulations of physical computers that run independently on a host machine, providing security through isolation. ## Footnote Software-based representations of physical computers, capable of executing applications and processes like their physical counterparts. VMs operate on a physical host machine, allowing multiple virtual machines to operate simultaneously and independently, which can enhance resource efficiency, scalability, and isolation of processes, potentially enhancing overall security. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18591372-virtualization-cloud-and-distributed-computing-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Virtual_machine).*

Answer 109

A method that uses hardware and software to allow a computer to compensate for physical memory shortages. ## Footnote A memory management technique that provides an idealized abstraction of the storage resources that are actually available on a system. It creates an illusion to users of a very large (main) memory by using the hard disk as an extension of the RAM, enhancing system performance and isolation of processes. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Virtual_memory).*

Answer 110

An isolated environment within a public cloud that offers enhanced privacy and control for network resources. ## Footnote A virtual network that provides a private and isolated environment in a public cloud infrastructure. It offers an organization control over network configurations, including IP address ranges, subnets, route tables, and network gateways, enabling it to launch resources in a defined virtual network, enhancing the organization's data privacy and security. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Amazon_Virtual_Private_Cloud).*

Answer 111

The creation of virtual versions of hardware, software, or networks to optimize resource utilization and security. ## Footnote The process of creating a software-based (or virtual) representation of something rather than a physical one. It can apply to applications, servers, storage, and networks and is the backbone of cloud computing, enabling more efficient utilization of physical computer hardware and offering flexibility, scalability, and potential cost savings. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18591372-virtualization-cloud-and-distributed-computing-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Virtualization).*

Answer 112

Malicious software that replicates by inserting its code into other programs, potentially causing harm and security breaches. ## Footnote A type of malicious software that, when executed, replicates itself by modifying other computer programs and inserting its own code. Viruses can have harmful side effects, causing harm to system software by corrupting or destroying data, slowing down system performance, or giving attackers access to system resources. *For more information, view this lecture on [Malware- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18684054-malware-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Computer_virus).*

Answer 113

A database used by antivirus software to identify known viruses based on their unique patterns. ## Footnote A file that contains the definitions and characteristics of known viruses, used by antivirus software to identify and block viruses. Virus signature files are used to protect computers and networks from virus attacks. Examples of virus signature files include virus definition files and virus pattern files. *For more information, view this lecture on [Malware- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18684286-malware-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Computer_virus#Read_request_intercepts).*

Answer 114

A threat modeling approach that simplifies the analysis of security risks in system design. ## Footnote An approach to threat modeling that emphasizes simplicity, collaboration, and integration with Agile development processes. VAST promotes visualization of threats and vulnerabilities in system design, which enables team-wide understanding and continuous iteration of threat models alongside system development.

Answer 115

A security breach where an attacker gains unauthorized access to the host system from within a virtual machine. ## Footnote A security breach in which the attacker breaks out of a virtual machine and interacts directly with the host operating system. This can be a serious issue as it can give the attacker access to the host environment and other virtual machines running on the same host, potentially compromising the entire system. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18591372-virtualization-cloud-and-distributed-computing-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Virtual_machine_escape).*

Answer 116

An open-source virtualization software enabling multiple operating systems to run on one hardware platform. ## Footnote VM VirtualBox is a free virtualization tool that allows users to install and run multiple guest operating systems on a single host machine. It provides a secure, isolated environment ideal for testing, development, and running legacy applications, while offering extensive configuration options and cross-platform support for diverse computing environments. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/VirtualBox).*

Answer 117

A security technique that monitors virtual machine states from outside to detect unusual behavior. ## Footnote A technique used to monitor the runtime state of a system-level virtual machine. From outside the virtual machine, it inspects the machine's operations, such as memory and disk activity, to spot any unusual or suspicious behavior. This method provides a way of maintaining a high level of security and integrity within the operational environment. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Virtual_machine_introspection).*

Answer 118

Simulated computing systems that run on physical hardware, providing efficiency and isolation. ## Footnote Emulations of computer systems. They mimic actual computers by replicating the same functionality, enabling them to run applications and programs like a physical machine. This approach allows for more efficient resource utilization by allowing multiple virtual machines to run simultaneously on a single physical host. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/18591372-virtualization-cloud-and-distributed-computing-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Virtual_machine).*

Answer 119

An exploit targeting cryptographic algorithms that exhibit vulnerabilities when certain 'weak' keys are used. ## Footnote An attack on cryptographic algorithms where specific keys, known as weak keys, lead to patterns or simplifications in the encrypted data. This can make decryption without the intended key more feasible and hence compromise the effectiveness of the cryptographic protection. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Weak_key).*

Answer 120

A decentralized trust model based on mutual endorsements among users. ## Footnote The Web of Trust is a security model wherein individuals validate each other's identities through mutual endorsements rather than relying on a central certificate authority. Commonly used in PGP systems, it builds a network of trust where users decide on whom to trust based on personal connections and recommendations. This approach promotes decentralized verification, allowing for flexible and community-driven security validations. *For more information, view this lecture on [IPSec and PGP](https://courses.thorteaches.com/courses/take/cissp/lessons/19149746-ipsec-and-pgp). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Web_of_trust).*

Answer 121

A fire sprinkler system in which the pipes always contain pressurized water. ## Footnote A Wet Pipe system is a type of automatic fire suppression setup where water continuously fills the pipes, ensuring immediate discharge upon activation by a sprinkler head. Widely used in buildings, these systems offer rapid response to fires. However, their design requires careful installation to prevent accidental discharge and to maintain system integrity under various environmental conditions. *For more information, view this lecture on [Fire suppression- Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19149928-fire-suppression-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Fire_sprinkler_system#Wet_pipe).*

Answer 122

Encrypting an entire virtual machine or cloud instance to protect all contained data and applications. ## Footnote The process of encrypting an entire virtual machine or cloud instance, including all data and applications. It is used in the field of cloud computing to protect data and ensure compliance with regulations. For example, encrypting a virtual machine running on a public cloud platform or encrypting a database in a cloud environment.

Answer 123

Digital certificates that secure all subdomains under a single domain. ## Footnote Wildcard certificates allow one certificate to secure a primary domain and all its subdomains, streamlining management and reducing costs. They are widely used in dynamic web environments where multiple subdomains require uniform security. While providing operational efficiency, careful management is necessary because any compromise of the certificate can potentially affect all associated subdomains. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Wildcard_certificate).*

Answer 124

Windows is Microsoft’s widely used operating system offering a graphical interface, extensive application support, and enterprise management capabilities for desktops, servers, and embedded devices. ## Footnote Evolving from command-line DOS roots, Windows includes features like Active Directory, Group Policy, and integrated security tools. Regular updates patch vulnerabilities and expand functionality. Although it’s a popular target for malware, security can be strengthened through best practices—such as enabling antivirus, applying patches, and configuring firewalls. Windows powers a significant share of global computing across personal, business, and government environments. *For more information, view this lecture on [Secure operating systems and software architecture](https://courses.thorteaches.com/courses/take/cissp/lessons/18591315-secure-operating-systems-and-software-architecture). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Microsoft_Windows).*

Answer 125

Windows group policy is a centralized feature of Active Directory that defines rules and settings for user accounts and computers across a Windows domain. ## Footnote Administrators enforce security guidelines, deploy software, and manage system configurations without manually adjusting individual PCs. Configurations span from password complexity to desktop restrictions, enabling uniform compliance and simpler administration. Group Policy supports hierarchical application, from domain-wide down to specific organizational units. Properly designed policies reduce misconfigurations, promote standardization, and align with business or regulatory requirements. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Group_Policy).*

Answer 126

A hierarchical database on Windows operating systems storing low-level settings for applications and the system. ## Footnote A database of system settings and configurations in the Microsoft Windows operating system. It is used to store information such as software installation paths, user preferences, and hardware settings. Examples of registry keys include the HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER keys. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Windows_Registry).*

Answer 127

The estimated effort required to break a cryptographic system, a measure of its security. ## Footnote A measure of the effort required to perform a certain task or to break a certain system. It is used in cryptography to determine the security of a cryptographic system. Examples of work factors include the time required to brute-force a password or the amount of memory required to perform a certain cryptographic operation. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Encryption#Limitations).*

Answer 128

A network-connected computer used for professional tasks, requiring security measures to protect network access and data. ## Footnote A computer that is connected to a network and is used for tasks like data processing, data analysis, and other professional applications. Workstations can be individually targeted in network attacks due to their access to valuable data or network resources. Thus, security measures such as antivirus software, firewalls, and user access controls are crucial to protect the data and network resources accessible from a workstation. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Workstation).*

Answer 129

Self-replicating malware that spreads across networks, exploiting vulnerabilities to infect systems without user interaction. ## Footnote A type of malware that self-replicates to spread to other computers. Unlike viruses, worms do not need to attach themselves to a host program. They often exploit network vulnerabilities to infect systems and can cause widespread damage without user intervention. *For more information, view this lecture on [Malware- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18684286-malware-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Computer_worm).*

Answer 130

An attack that inserts malicious XML input into a system, potentially compromising XML processing applications. ## Footnote An attack where malicious XML code is inserted into a system, exploiting insecure processing of XML input by an application. This can affect the logic of XML parsers, leading to unauthorized access, data exposure, or service disruption. It's distinct from other injection attacks by specifically targeting XML parser vulnerabilities. *For more information, view this lecture on [Web architecture and attacks](https://courses.thorteaches.com/courses/take/cissp/lessons/19148725-web-architecture-and-attacks). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Code_injection#XML_injection).*

Answer 131

A logical operation used in many computing and cryptography applications for data manipulation and encryption. ## Footnote A logical operation that outputs true only when one of the inputs is true. It is commonly used in computer science and cryptography to perform logical operations and encrypt data. Examples include binary XOR, bitwise XOR, and Boolean XOR. *For more information, view this lecture on [Introduction to Cryptography- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/19121903-introduction-to-cryptography-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Exclusive_or).*

Answer 132

An enterprise architecture framework categorizing and organizing architectural components for planning and design. ## Footnote A system for categorizing and organizing the components of an enterprise architecture. It is used by organizations to help plan, design, and implement complex information systems and to ensure alignment with business goals and strategies. Examples of Zachman framework components include data, function, network, people, and time. *For more information, view this lecture on [Security models and concepts- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/18591282-security-models-and-concepts-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Zachman_Framework).*

Answer 133

An endpoint device with no local processing, entirely dependent on a remote system. ## Footnote A Zero Client is an ultra-simplified computing device that has no onboard storage, operating system, or data processing capabilities. It connects directly to a remote desktop or virtualized environment, where all processing is performed on a server. This design enhances security and reduces maintenance efforts, making zero clients suitable for high-control and resource-optimized deployments. *For more information, view this lecture on [Secure Communications - Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/29462724-secure-communications-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Zero_client).*

Answer 134

A cryptographic method allowing one party to prove knowledge of information without revealing the information. ## Footnote A mathematical proof that allows one party to prove to another party that they know a certain piece of information without revealing the information itself. It is used in cryptography and secure communication protocols to verify the authenticity of a user or device without exposing sensitive information. Examples of zero-knowledge proofs include the Schnorr signature algorithm and the Fiat-Shamir heuristic. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Zero-knowledge_proof).*

Answer 135

A security model that does not automatically trust any user or device, requiring stringent verification for access. ## Footnote A security model that assumes no user or device can be trusted by default, regardless of its location (inside or outside the network) or whether it has previously been verified. Instead, every request for access to resources must be authenticated and authorized. This approach minimizes the potential for unauthorized access and reduces the attack surface by limiting access to only what is needed for a specific task, even if a user's credentials or device has been compromised. *For more information, view this lecture on [Secure Access Service Edge](https://courses.thorteaches.com/courses/take/cissp/lessons/54398562-new-2024-sase-secure-access-service-edge). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Zero_trust_security).*

Domain 3.3: Security Architecture and Engineering Flashcards

Learn essential terms related to secure system design, hardware, and cryptographic principles.