Glossary C Flashcards
C&C (command and control)
An infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets. Also known as C2.
CA (certificate authority)
A server that guarantees subject identities by issuing signed digital certificate wrappers for their public keys.
cable lock
Devices can be physically secured against theft using cable ties and padlocks. Some systems also feature lockable faceplates, preventing access to the power switch and removable drives.
CAC (common access card)
A smart card that provides certificate-based authentication and supports two-factor authentication. A CAC is produced for Department of Defense employees and contractors in response to a Homeland Security Directive.
CAN bus (controller area network bus)
A serial network designed to allow communications between embedded programmable logic controllers.
CAPTCHA (completely automated public turing test to tell computers and humans apart)
An image of text characters or audio of some speech that is difficult for a computer to interpret. CAPTCHAs are used for purposes such as preventing bots from creating accounts on web forums and social media sites to spam them.
captive portal
A web page or website to which a client is redirected before being granted full network access.
capture the flag
Training event where learners must identify a token within a live network environment.
card cloning/skimming
Duplicating a smart card by reading (skimming) the confidential data stored on it. Also known as skimming.
carving
The process of extracting data from a computer when that data has no associated file system metadata.
CASB (cloud access security broker)
Enterprise management software designed to mediate access to cloud services by users across all types of devices.
cat command
Linux command to view and combine (concatenate) files.
CBC (cipher block chaining)
An encryption mode of operation where an exclusive or (XOR) is applied to the first plaintext block
CCMP (counter mode with cipher block chaining message authentication code protocol)
An encryption protocol used for wireless LANs that addresses the vulnerabilities of the WEP protocol.
CE (cryptographic erase)
A method of sanitizing a self-encrypting drive by erasing the media encryption key.
chain of custody
The record of evidence history from collection, to presentation in court, to disposal.
change control
The process by which the need for change is recorded and approved.
change management
The process through which changes to the configuration of information systems are implemented, as part of the organization’s overall configuration management efforts.
CHAP (Challenge Handshake Authentication Protocol)
Authentication scheme developed for dial-up networks that uses an encrypted three-way handshake to authenticate the client to the server. The challenge-response is repeated throughout the connection (though transparently to the user) to guard against replay attacks.
checksum
The output of a hash function. chmod Linux command for managing file permissions
CIA triad (confidentiality, integrity, and availability)
The three principles of security control and management. Also known as the information security triad. or AIC triad.
circuit-level stateful inspection firewall
A Layer 5 firewall technology that tracks the active state of a connection, and can make decisions based on the contents of network traffic as it relates to the state of the connection.
CIS (Center for Internet Security)
A not-for-profit organization (founded partly by SANS). It publishes the well-known “Top 20 Critical Security Controls” (or system design recommendations).
clean desk policy
An organizational policy that mandates employee work areas be free from potentially sensitive information; sensitive documents must not be left out where unauthorized personnel might see them.
cloud deployment model
Classifying the ownership and management of a cloud as public, private, community, or hybrid.
Cloud Security Alliance
Industry body providing security guidance to CSPs, including enterprise reference architecture and security controls matrix.
cloud service model
Classifying the provision of cloud services and the limit of the cloud service provider’s responsibility as software, platform, infrastructure, and so on. clustering A load balancing technique where a group of servers are configured as a unit and work together to provide network services.
CN (common name
An X500 attribute expressing a host or user name, also used as the subject identifier for a digital certificate.
COBO (corporate owned, business only)
Enterprise mobile device provisioning model where the device is the property of the organization and personal use is prohibited.
code of conduct
Professional behavior depends on basic ethical standards, such as honesty and fairness. Some professions may have developed codes of ethics to cover difficult situations; some businesses may also have a code of ethics to communicate the values it expects its employees to practice. Also known as ethics.
code reuse
Potentially unsecure programming practice of using code originally written for a different context.
code signing
The method of using a digital signature to ensure the source and integrity of programming code.
cold site
A predetermined alternate location where a network can be rebuilt after a disaster.
collector
A network appliance that gathers or receives log and/or state data from other network systems.
collision
In cryptography, the act of two different plaintext inputs producing the same exact ciphertext output
community cloud
A cloud that is deployed for shared use by cooperating tenants.
compensating control
A security measure that takes on risk mitigation when a primary control fails or cannot completely meet expectations.
confidentiality
The fundamental security goal of keeping information and communications private and protecting them from unauthorized access. containerization A type of virtualization applied by a host operating system to provision an isolated execution environment for an application.
content filter
A software application or gateway that filters client requests for various types of internet content (web, FTP, IM, and so on).
context-aware authentication
An access control scheme that verifies an object’s identity based on various environmental factors, like time, location, and behavior.
continuous delivery
Software development method in which app and platform requirements are frequently tested and validated for immediate availability.
continuous deployment
Software development method in which app and platform updates are committed to production rapidly.
continuous integration
Software development method in which code updates are tested and committed to a development or build server/code repository rapidly.
continuous monitoring
The technique of constantly evaluating an environment for changes so that new risks may be more quickly detected and business operations improved upon. Also known as continuous security monitoring or CSM.
control risk
Risk that arises when a control does not provide the level of mitigation that was expected.
COPE (corporate owned, personally enabled)
Enterprise mobile device provisioning model where the device remains the property of the organization, but certain personal use, such as private email, social networking, and web browsing, is permitted.
corrective control
A type of security control that acts after an incident to eliminate or minimize its impact. correlation Function of log analysis that links log and state data to identify a pattern that should be logged or alerted as an event.
counter mode (CTM)
An encryption mode of operation where a numerical counter value is used to create a constantly changing IV. Also referred to as CTM (counter mode) and CM (counter mode).
credential stuffing
Brute force attack in which stolen user account names and passwords are tested against multiple websites.
CRL (certificate revocation list)
A list of certificates that were revoked before their expiration date.
crossover error rate
Biometric evaluation factor expressing the point at which FAR and FRR meet, with a low value indicating better performance.
CSP (cloud service provider)
A vendor offering public cloud service models, such as PaaS, IaaS, or SaaS.
CSR (certificate signing request)
A Base64 ASCII file that a subject sends to a CA to get a certificate.
CTI (cyber threat intelligence)
The process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources. Also known as threat intelligence.
Cuckoo
Implementation of a sandbox for malware analysis
curl command
Utility for command-line manipulation of URL-based protocol requests
CVE (Common Vulnerabilities and Exposures)
Scheme for identifying vulnerabilities developed by MITRE and adopted by NIST.
CVSS (Common Vulnerability Scoring System)
A risk management approach to quantifying vulnerability data and then taking into account the degree of risk to different types of systems or information.
CYOD (choose your own device)
Enterprise mobile device provisioning model where employees are offered a selection of corporate devices for work and, optionally, private use.
