Domain 5: Security Operations Flashcards
Learn about risk mitigation and security controls in the day to day.
Application Server
A computer responsible for hosting applications to user workstations. NIST SP 800-82 Rev.2
Asymmetric Encryption
An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext.
Checksum
A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.
Ciphertext
The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. In other words, it has been turned into a secret.
Classification
Classification identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an unauthorized person, process or organization. In short, classification is focused first and foremost on maintaining the confidentiality of the data, based on the data sensitivity.
Configuration management
A process and discipline used to ensure that the only changes made to a system are those that have been authorized and validated.
Cryptography
The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning.
Cryptanalyst
One who performs cryptanalysis which is the study of mathematical techniques for attempting to defeat cryptographic techniques and/or information systems security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the algorithm itself.
Data Loss Prevention (DLP)
System capabilities designed to detect and prevent the unauthorized use and transmission of information.
Decryption
The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key for decryption (which is the same for symmetric encryption, but different for asymmetric encryption). This term is also used interchangeably with the “deciphering.”
Degaussing
A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data.
Digital Signature
The result of a cryptographic transformation of data which, when properly implemented, provides the services of origin authentication, data integrity, and signer non-repudiation. NIST SP 800-12 Rev. 1
Egress Monitoring
Monitoring of outgoing network traffic.
Encryption
The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.
Encryption System
The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability.