E-L Flashcards
Eavesdropping
Listening on a private communication without permission
Egress
Network communications going out
Elliptical curve cryptography (ECC)
An algorithm that combines plane geometry with algebra to achieve stronger authentication with smaller keys compared to traditional methods, such as RSA, which primarily use algebraic factoring. Smaller keys are more suitable to mobile devices.
Encapsulation security payload (ESP)
Protocol, which is designed to provide a mix of security services in IPv4 and IPv6. ESP can be used to provide confidentiality, data origin authentication, connectionless integrity, and anti-replay service and limited traffic flow confidentiality.
Encryption key
piece of digital information, used by an encryption algorithm to convert the plaintext to the ciphertext
Eradication
when containment measures have been deployed after an incident occurs, the root cause of the incident must be identified and removed from the network. Eradication methods include; restoring backups to achieve a clean state of the system, removing the root cause, improving defenses and performing vulnerability analysis to find further potential damage form the same root cause.
Event
Something that happens at a specific place or time
Exploit
Full use of a vulnerability for the benefit of an attacker.
File Transfer Protocol (FTP)
A protocol used to transfer files over a transmission control protocol/ Internet protocol (TCP/IP) network
Firewall
A system or combination of systems that enforces a boundary between two or more networks, typically forming a barrier between a secure and an open environment such as the Internet
Gateway
device (router, firewall) on a network that services as an entrance to another network
governance
ensures that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives. conditions can include the cost of capital, foreign exchange rates, etc. Options can include shifting manufacturing to other locations, subctontracting portions of the enterprise to third parties, selecting a product mix from many available choices.
Guideline
A description of a particular way of accomplishing something that is less prescriptive than a procedure
Hash function
An algorithm that maps or translate one set of bits into another so that a message yields the same result every time the algorithm is executed using the same message as input. It i computationally infeasible for a message to be derived or reconstituted from the result produced by the algorithm or to find 2 different messages that produce the same hash result using the same algorithm.
Hash total
total of any numeric data field in a document or computer file. This total is checked against a control total of the same field to facilitate accuracy of processing.
Hashing
Using a hash function (algorithm) to create hash valued or checksums that validate message integrity.
Honeypot
specially configured server, also known as a decoy server, designed to attract and monitor intruders in a manner such that their actions do not affect production systems. Also known as “decoy server”
Horizontal defense in depth
Controls are placed in various places in the path to access an asset
Hubs
A common connection point for devices in a network, hubs are used to connect segments of a local area network (LAN). A hub contains multiple ports. When a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.
Hypertext Transfer Protocol (HTTP)
communication protocol used to connect to servers on the WWW. It is primary function is to establish a connection with a web server and transmit hypertext markup language (HTML), extensible markup language (XML) or other pages to client browsers
IEEE (Institute of Electrical and Electronic Engineers)
an organization composed of engineers, scientists and students