Domain 5 Flashcards
Security Operations
Application Server
computer responsible for hosting applications to user workstations
Asymmetric Encryption
algorithm that uses one key to encrypt & different key to decrypt input plaintext
each person would need to have 2 different keys, one to encrypt & one to decrypt, totalling to 4 keys
Checksum
digit representing the sum of the correct digits in a piece of stored/transmitted digital data, against which later comparisons can be made to detect errors in data
Ciphertext
altered form of a plaintext that makes it unreadable
Classification
maintaining confidentiality of data based on sensitivity
Configuration Management
process/discipline that ensures only authorized & validated changes are made
Cryptanalyst
performs cryptanalysis, study of mathematical techniques to to defeat cryptographic techniques
Cryptography
securing/protecting the meaning/context of messages, files, etc through disguise, obscuration, etc
hiding/disguising of information to prevent unauthorized access
Data Loss Prevention
system capabilities designed to detect or prevent unauthorized transmission of information
Decryption
reverse process from encryption (cipher to plaintext). “Deciphering”
Degaussing
technique of erasing data on disk/tape that ensures insufficient magnetic remanence to reconstruct data
Digital Signature
cryptographic transformation of data that provides origin authentication, data integrity, & signer non-repudiation
Egress Monitoring
monitoring of outgoing network traffic
Encryption
converting plaintext to ciphertext. “Enciphering”
Encryption System
total set of algorithms, processes, hardware, software, & procedures that provide an encryption/decryption capability
Hardening
process of applying secure configurations to reduce attack surface. Based on Center for Internet Security (CIS) guidelines/benchmarks
Hash Function
algorithm computes a numerical (hash) value on data file/electronic message used as identifier (“fingerprint”)
Hashing
process of using Hash Function to represent data/file/etc
Information Sharing
requirements set by the IT System/apps for information transfers
Ingress Monitoring
monitoring of incoming network traffic
Message Digest
digital signature that will change if the data is altered
hash function that protects the integrity of the associated data
Operating System
“master control application” software that runs the computer
Patch
software component that directly modifies files/device settings related to another component
Patch Management
systematic notification, identification, deployment, installation, & verification of OS & application software code revisions
“patches”, “hot fixes”, & “service packs”
