E-L Flashcards

1
Q

Eavesdropping

A

Listening on a private communication without permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Egress

A

Network communications going out

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Elliptical curve cryptography (ECC)

A

An algorithm that combines plane geometry with algebra to achieve stronger authentication with smaller keys compared to traditional methods, such as RSA, which primarily use algebraic factoring. Smaller keys are more suitable to mobile devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Encapsulation security payload (ESP)

A

Protocol, which is designed to provide a mix of security services in IPv4 and IPv6. ESP can be used to provide confidentiality, data origin authentication, connectionless integrity, and anti-replay service and limited traffic flow confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Encryption key

A

piece of digital information, used by an encryption algorithm to convert the plaintext to the ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Eradication

A

when containment measures have been deployed after an incident occurs, the root cause of the incident must be identified and removed from the network. Eradication methods include; restoring backups to achieve a clean state of the system, removing the root cause, improving defenses and performing vulnerability analysis to find further potential damage form the same root cause.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Event

A

Something that happens at a specific place or time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Exploit

A

Full use of a vulnerability for the benefit of an attacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

File Transfer Protocol (FTP)

A

A protocol used to transfer files over a transmission control protocol/ Internet protocol (TCP/IP) network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Firewall

A

A system or combination of systems that enforces a boundary between two or more networks, typically forming a barrier between a secure and an open environment such as the Internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Gateway

A

device (router, firewall) on a network that services as an entrance to another network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

governance

A

ensures that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives. conditions can include the cost of capital, foreign exchange rates, etc. Options can include shifting manufacturing to other locations, subctontracting portions of the enterprise to third parties, selecting a product mix from many available choices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Guideline

A

A description of a particular way of accomplishing something that is less prescriptive than a procedure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Hash function

A

An algorithm that maps or translate one set of bits into another so that a message yields the same result every time the algorithm is executed using the same message as input. It i computationally infeasible for a message to be derived or reconstituted from the result produced by the algorithm or to find 2 different messages that produce the same hash result using the same algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Hash total

A

total of any numeric data field in a document or computer file. This total is checked against a control total of the same field to facilitate accuracy of processing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Hashing

A

Using a hash function (algorithm) to create hash valued or checksums that validate message integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Honeypot

A

specially configured server, also known as a decoy server, designed to attract and monitor intruders in a manner such that their actions do not affect production systems. Also known as “decoy server”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Horizontal defense in depth

A

Controls are placed in various places in the path to access an asset

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Hubs

A

A common connection point for devices in a network, hubs are used to connect segments of a local area network (LAN). A hub contains multiple ports. When a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Hypertext Transfer Protocol (HTTP)

A

communication protocol used to connect to servers on the WWW. It is primary function is to establish a connection with a web server and transmit hypertext markup language (HTML), extensible markup language (XML) or other pages to client browsers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

IEEE (Institute of Electrical and Electronic Engineers)

A

an organization composed of engineers, scientists and students

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

IEEE 802.11

A

A family of specifications developed by the IEEE for wireless local area network (WLAN) technology. 802.11 specifies an over-the-air interface between a wireless client and a base station or between 2 wireless clients.

23
Q

Imaging

A

A process that allows one to obtain a bit-for-bit copy of data to avoid damage of original data or information when multiple analyses may be performed.

24
Q

Impact

A

Magnitude of loss resulting from a threat exploiting a vulnerability

25
Q

Impact Analysis

A

A study to prioritize the criticality of information resources for the enterprise base on costs of adverse events. In an impact analysis, threats to asset are identified and potential business losses determined for different time periods. This assessment is used to justify the extent of safeguards that are required and recovery time frames

26
Q

Incident

A

any event that is not part of the standard operations of a service and that causes, or may cause, an interruption to, or a reduction in, the quality of that service

27
Q

incident response

A

may include: evacuation of a facility, initiating a disaster recovery plan (DRP), performing damage assessment, and any other measures necessary to bring an enterprise to a more stable status.

28
Q

incident response plan

A

operational component of incident management. The plan includes documented procedures and guidelines for defining the criticality of incidents, reporting and escalation process, and recovery procedures

29
Q

Information security

A

Ensures that within the enterprise, information is protected against disclosure to unauthorized users (confidentiality), improper modification (integrity), and nonaccess when required (availability).

30
Q

Infrastructure as a Service (IaaS)

A

Offers the capability to provision processing, storage, networks, and other fundamental computing resources, enabling the customer to deploy and run arbitrary software, which can include operating system (OSs) and applications

31
Q

Ingestion

A

a process to convert information extracted to a format that can be understood by investigators

32
Q

Ingress

A

Network communications coming in

33
Q

Inherent risk

A

risk level or exposure without taking into account the actions that mgmt has taken or might take

34
Q

Injection

A

a general term for attack types which consist of injecting code that is then interpreted/ executed by the application

35
Q

Integrity

A

guarding against improper information modification/ destruction, and includes ensuring information repudiation and authenticity.

36
Q

Internet Assigned Numbers Authority (IANA)

A

Responsible for the global coordination of the DNS root, IP addressing, and other Internet protocol resources

37
Q

Internet Control Message Protocol (ICMP)

A

A set of protocols that allow systems to communicate information about the state of service on other systems. For example, ICMP is used in determining whether systems are up, maximum packet sizes on links, whether a destination host/network/port is available.

38
Q

Internet Protocol (IP)

A

Specifies the format of packets and the addressing scheme.

39
Q

Internet Protocol (IP) packet spoofing

A

attack using packets with the spoofed source Internet packet (IP) addresses. This technique exploits applications that use authentication based on IP addresses.

40
Q

Internetwork Packet Exchange/ Sequenced Packet Exchange (IPX/ SPX)

A

IPX is layer 3 of the open systems interconnect (OSI) model network protocol; SPX is layer 4 transport protocol. The SPX layer sits on the op of IPX layer and provides connection-oriented services between 2 nodes on the network.

41
Q

interrogation

A

used to obtain prior indicators or relationships, including personal information, from extracted data

42
Q

Investigation

A

collection and analysis of evidence with the goal to identifying the perpetrator of an attack or unauthorized use or access

43
Q

IP Authentication Header (AH)

A

Protocol used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays. Ah ensures data inegrity with a checksum that a message authentication code, such as MD5, generates. To ensure data origin authentication, AH includes a secret shared key in the algorithm that it uses for authentication. To ensure replay protection, AH uses a sequence number field within the IP authentication header.

44
Q

IP Security (IPSec)

A

A set of protocols developed by the Internet Engineering Task Force (IETF) to support the secure exchange of packets.

45
Q

IT Governance

A

The responsibility of executives and the BoD, consist of the leadership organization structures and processes that ensure that the enterprise’s IT sustains and extends the enterprise’s strategies and objectives

46
Q

Kernel mode

A

used of execution of privileged instruction for the internal operations of the system. No protections from errors or malicious activity and all parts of the system and memory are accessible

47
Q

Key risk indicator (KRI)

A

subset of risk indicators that are highly relevant and posses a high probability of predicting or indicating important risk.

48
Q

Keylogger

A

Software used to record all keystrokes on a computer

49
Q

Latency

A

Time it takes a system and network delay to respond. More specifically, system latency is the time a system takes to retrieve data. Network latency is the time it takes for a packet to travel from source to the final destination.

50
Q

Layer 2 switches

A

Data link level devices that can divide and interconnect network segments and help to reduce collision domains in Ethernet-based network

51
Q

Layer 3 and 4 switches

A

switchese with operating cabilities at layer 3 and layer 4 of the open systems interconnect (OSI) model. These switches look at the incoming packet’s network protocol and then compare the designation IP address to the list of addresses in their tables, to actively calculate the best way to send packet to its destination.

52
Q

Layer 4-7 switches

A

used for load balancing among groups of servers. Also known as content-switches, content services switches, web-switches or application-switches

53
Q

Local area network (LAN)

A

Communication network that serves several users within a specified geographic area. A personal computer LAN functions as a distributed processing system n which each computer in the network does its own processing and manages some of its data. Shared data are stored in a file server that acts a a remote disk drive for all users in the network.