Glossary

Question 1

Access Control List

Answer 1

A list that specifies which users or system processes have access to a specific object, such as an application or a process, in addition to what operations users can perform.

Question 2

Active Directory

Answer 2

The core identity store and authentication, authorization, and accounting service for many Windows-centric organizations.

Question 3

Active Monitoring

Answer 3

A technique that reaches out to remote systems and devices to gather data about availability, routes, packet delay or loss, and bandwidth.

Question 4

Active Reconnaissance

Answer 4

A type of computer attack that uses host scanning tools to gather information about systems, services, and vulnerabilities.

Question 5

Advanced Persistent Threat

Answer 5

A threat actor who gains unauthorized access to a computer network and remains undetected for an extended period.

Question 6

Adverse Event

Answer 6

An event that has negative consequences, such as a malware infection on a system, a server crash, and users accessing a file, which they are not authorized to view.

Question 7

Analysis Utility

Answer 7

A utility that provides a number of useful capabilities that can offer insight into what occurred on a system, such as Windows Registry analysis, timelines of system changes, validation tools, and so on.

Question 8

Attrition

Answer 8

An attack that employs brute-force methods to compromise, degrade, or destroy systems, networks, or services.

Question 9

Authentication Metric

Answer 9

The Common Vulnerability Scoring System ( CVSS ) metric that describes a validation barrier, which is required to be removed by an attacker to exploit a vulnerability.

Question 10

Availability

Answer 10

A cybersecurity objective that ensures information and systems are accessible to authorized users at all times.

Question 11

Beaconing

Answer 11

An activity sent to a command and control system as part of a botnet or a malware remote control system and is sent as either a HTTP or HTTPS protocol.

Question 12

Buffer Overflow

Answer 12

An attack that occurs when an attacker manipulates a program into placing more data into an area of memory than is allocated for that program’s use.

Question 13

Clear

Answer 13

A media sanitization option that applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple noninvasive data recovery techniques

Question 14

Closed source intelligence

Answer 14

A finding that is obtained through private sources

Question 15

Common Platform Enumeration

Answer 15

The Security Content Automation Protocol standard that provides a standard nomenclature for describing product names and versions

Question 16

Common Vulnerability Scoring System

Answer 16

The Security Content Automation Protocol standard that provides a standardized approach for measuring and describing the severity of security-related software flaws

Question 17

Containerization

Answer 17

The technology that allows the virtualization of a runtime environment such that the cloud customer can install or operate an application without needing an entire virtual machine or operating system

Question 18

Control Objectives for Information and Related Technologies COBIT

Answer 18

A set of best practices for IT governance developed by the Information Systems Audit and Control Association ISACA

Question 19

Cross Site Scripting XSS

Answer 19

An attack in which an attacker embeds scripting commands on a website that will later be executed by an unsuspecting visitor accessing that website

Question 20

Degaussing

Answer 20

A form of purging that uses extremely strong magnetic fields to disrupt stored data on a device

Question 21

DMZ

Answer 21

A special network zone designed to house systems that receive connections from the outside world

Question 22

Diamond Model of Intrusion Analysis

Answer 22

A model that describes a sequence where an adversary deploys a capability targeted at the infrastructure against a victim

Question 23

Domain Keys Identified Mail

Answer 23

An email authentication method designed to detect forged sender addresses in emails

Question 24

Evidence production procedure

Answer 24

A procedure that describes how an organization will respond to subpoenas, court orders, and other legitimate requests to produce digital evidence

Question 25

Fagan inspection

Answer 25

A form of structured and formal code review intended to find a variety of problems during the development process of a product

Question 26

Federal Information Security Management Act

FISMA

Answer 26

An act that requires government agencies and other organizations operating systems on behalf of government agencies to comply with a series of security standards

Question 27

File Carving

Answer 27

A process of extracting data from a computer when that data has no associated file system metadata

Question 28

Fuzzing

Answer 28

An automated testing technique in which a range of inputs is provided to software to look for problems such as buffer overflows, crashes, unexpected behavior, and so forth

Question 29

Gramm-Leach-Bliley Act

GLBA

Answer 29

An act that governs how financial institutions may handle customer financial records

Question 30

Guideline

Answer 30

A principle that provides best practices and recommendations related to a given concept, technology, or task.

Question 31

Health Insurance Portability and Accountability Act

HIPAA

Answer 31

An act or regulation that includes security and privacy rules that affect healthcare providers, health insurers, and health information clearing houses

Question 32

Hypervisor

Answer 32

A piece of software that enables virtualization on a computer

Question 33

Incident Response

Answer 33

An organized approach to address and manage the aftermath of a security breach or cyberattack

Question 34

Information Technology Infrastructure Library

ITIL

Answer 34

A set of IT management practices for aligning IT services with the needs of the business

Question 35

Internet of Things

Answer 35

A general term for TCP/IP capable devices that provides limited sets of functions

Question 36

Kerberos

Answer 36

A computer network authentication protocol that uses tickets to allow nodes and users to communicate over an insecure network to prove their identity

Question 37

Nagios

Answer 37

A popular network and a system log monitoring tool that supports a broad range of plug-ins