Exam A Flashcards
Someone or something forges the sender’s information and pretends to be a legitimate source, for the purpose of gaining access to personal information, acquiring money, spreading malware, or stealing data. If a DNS server has been modified to hand out the IP address of a different server, then it’s ** the IP address of the attacker.
Spoofing
Attackers place themselves between two devices (often a web browser and a web server) and intercept or modify communications between the two. The attackers can then collect information as well as impersonate either of the two agents.
On-Path
When multiple third-parties work together to create a service outage.
DDoS (Distributed Denial of Service Attack)
When a service is unavailable due to the effects of a third-party.
DoS Denial of Service
Threat that seems real but doesn’t actually exist.
Hoax
Method that gathers information without direct interaction with the target system using search engines and social networking sites.
Passive Footprinting
Primary protocol used to send data between a web browser and a website. Encrypted in order to increase security data transfer and used for transmitting sensitive data such as login into a bank account, email service or health insurance provider.
HTTPS
When a pen- testing team is given only SOME information.
Partially Known environment (Gray Box)
Threat actor motivated by nationalism and tasked with gaining secrets from or disrupting other nations via cyber means.
Nation State Threat Actor
Involves splitting and distributing data across different partitions to enhance security and optimize performance.
Data partition
A system that provides a short term use for data storage.
Temporary File System
Single piece of hardware that combines several functionalities such as printing, scanning, copying, and sometimes faxing into one unit.
MFD (Multi-Function Device)
Refers to the network of physical objects or things embedded with sensors, software, and other technologies that enable them to connect and exchange data with other devices and systems over the internet.
IoT
OS designed to handle and respond to events or data within a strict time constraint.
RTOS (Real Time Operating Systems)
Integrated circuit that combines many high level functions of an electronic device onto a single chip instead of using separate components mounted to a motherboard.
SoC (System on a Chip)
international standard for privacy information management. It provides guidelines to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS).
ISO 27701 (International Organization for Standardization)
Set of technologies and practices that enable organizations to collect security threat data and alerts from various sources, automate incident response actions, and orchestrate workflows across different security tools and teams.
SOAR (Security Orchestration, Automation, and Response)
System that manages digital keys and digital certificates that verify authenticity of the entities on a network.
PKI (Public Key Infrastructure)
Way of linking different identity management systems together. Allows users from one organization to access resources of another organization without needing separate credentials.I.E. Using your gmail account to log into a different website.
Federation
Average time between component failures during operation. Used to predict the time between one failure and the next. Example: best to describe how often the firewall hardware is expected to fail between repairs.
MTBF - Mean Time Between Failures
Maximum acceptable amount of time to restore a system after failure. Time it takes to recover from an outage.
RTO - Recovery Time Objective
Average time until a component fails and is not repairable. Used primarily for non-repairable systems.
MTTF - Mean Time to Failure
Attackers target a specific group of individuals by compromising websites that the group is known to frequent.
Watering Hole Attack
Security solution that helps organizations manage and secure their use of cloud services. Two common functions are visibility into application use and data security policy use.
CASB - Cloud Access Security Broker
Occurs when two processes occur at similar times, usually with unexpected results
Race Condition
Method used by attackers to insert malicious code into a running application. Manipulates the library as the attack vector.
DLL Injection - Dynamic Link Library
Type of controls intended to discourage individuals from performing an unwanted activity by making them aware of the consequences.
Deterrent Controls
Control alternative measures put in place to meet security requirements when the primary control is not feasible.
Compensating Controls
Discussion-based session where the security team members meet to discuss their roles and responses during an emergency simulated disaster.
Tabletop Exercise
Describes the ongoing relationship between between the IT team and business customer.
Stakeholder management
Security measure for encrypting all data stored in a device.
FDE - Full Disk Encryption
Provides data protection of a storage device using full-disk encryption in the drive hardware.
SED - Self Encrypting Drive
Access control system that assigns labels to objects in an operating system.
MAC
Provides a centralized management system for all mobile devices. From this central control security administrators can set policies for many different types of mobile devices.
MDM - Mobile Device Manager
A device commonly purchased by the corporation and allows the use of the mobile device for both business and personal use.
COPE - Corporately Owned and Personally Enabled
Allows an organization to securely separate user data from company data.
Containerization
Separates the applications from the mobile device.
VDI (Virtual Desktop Infrastructure)
Test result that fails to detect an issue when one actually exists.
False Negative
Temporary, time-based code generated by an app on a user’s device. It changes every 30-60 seconds and is used as a second factor in two-factor authentication. This is an additional authentication control.
TOPT - Time-Based One-Time Password
Physical card with embedded integrated circuits used for secure authentication. Users insert the card into a reader and often enter a PIN to log in.
Smart Card
Network access control protocol that requires individual user authentication using a username and password (or other credentials). This is like each person having their own unique key to enter a building. Each user must prove their identity with a unique username and password.
802.1X
Uses a shared password for all users to access the network. Think of this like a shared secret handshake that everyone uses to join a club. Everyone knows the same handshake (password).
WPA2-PSK (Wi-Fi Protected Access 2 - Pre-Shared Key)
Simplified method for connecting devices to a Wi-fi network using a PIN or a physical button press. This is like pressing a button to get instant access, no unique keys required.
WPS (Wi-fi Protected Setup)
Refers to the encryption method used by WPA2 (Advanced encryption standard) and ensures that the data transmitted over the network is encrypted and secure but does not specify the authentication method. This is like using a strong lock on the door to keep the building secure, but it doesn’t determine how you prove you should be allowed in.
WPA2-AES
Command that will display information at the end of a file.
tail
Command that will retrieve a web page and display it as HTML at the command line.
curl
Command that can be use to search for a specific string through a file display in html on command line.
grep
Type of access control model that allows the owner of the resource to control who has access.
DAC - Discretionary Access Control
Type of access control model that combines many different parameters to determine if a user has access to a resource.
ABAC - Attribute-Access Control
Type of access control that assigns rights and permissions based on the role of a user. These roles are usually assigned by a group.
RBAC - Role-based access control
Social engineering attack that asks for personal information through SMS or text.
Smishing
