Glossary C

Question 1

C&C (command and control)

Answer 1

An infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets. Also known as C2.

Question 2

CA (certificate authority)

Answer 2

A server that guarantees subject identities by issuing signed digital certificate wrappers for their public keys.

Question 3

cable lock

Answer 3

Devices can be physically secured against theft using cable ties and padlocks. Some systems also feature lockable faceplates, preventing access to the power switch and removable drives.

Question 4

CAC (common access card)

Answer 4

A smart card that provides certificate-based authentication and supports two-factor authentication. A CAC is produced for Department of Defense employees and contractors in response to a Homeland Security Directive.

Question 5

CAN bus (controller area network bus)

Answer 5

A serial network designed to allow communications between embedded programmable logic controllers.

Question 6

CAPTCHA (completely automated public turing test to tell computers and humans apart)

Answer 6

An image of text characters or audio of some speech that is difficult for a computer to interpret. CAPTCHAs are used for purposes such as preventing bots from creating accounts on web forums and social media sites to spam them.

Question 7

captive portal

Answer 7

A web page or website to which a client is redirected before being granted full network access.

Question 8

capture the flag

Answer 8

Training event where learners must identify a token within a live network environment.

Question 9

card cloning/skimming

Answer 9

Duplicating a smart card by reading (skimming) the confidential data stored on it. Also known as skimming.

Question 10

carving

Answer 10

The process of extracting data from a computer when that data has no associated file system metadata.

Question 11

CASB (cloud access security broker)

Answer 11

Enterprise management software designed to mediate access to cloud services by users across all types of devices.

Question 12

cat command

Answer 12

Linux command to view and combine (concatenate) files.

Question 13

CBC (cipher block chaining)

Answer 13

An encryption mode of operation where an exclusive or (XOR) is applied to the first plaintext block

Question 14

CCMP (counter mode with cipher block chaining message authentication code protocol)

Answer 14

An encryption protocol used for wireless LANs that addresses the vulnerabilities of the WEP protocol.

Question 15

CE (cryptographic erase)

Answer 15

A method of sanitizing a self-encrypting drive by erasing the media encryption key.

Question 16

chain of custody

Answer 16

The record of evidence history from collection, to presentation in court, to disposal.

Question 17

change control

Answer 17

The process by which the need for change is recorded and approved.

Question 18

change management

Answer 18

The process through which changes to the configuration of information systems are implemented, as part of the organization’s overall configuration management efforts.

Question 19

CHAP (Challenge Handshake Authentication Protocol)

Answer 19

Authentication scheme developed for dial-up networks that uses an encrypted three-way handshake to authenticate the client to the server. The challenge-response is repeated throughout the connection (though transparently to the user) to guard against replay attacks.

Question 20

checksum

Answer 20

The output of a hash function. chmod Linux command for managing file permissions

Question 21

CIA triad (confidentiality, integrity, and availability)

Answer 21

The three principles of security control and management. Also known as the information security triad. or AIC triad.

Question 22

circuit-level stateful inspection firewall

Answer 22

A Layer 5 firewall technology that tracks the active state of a connection, and can make decisions based on the contents of network traffic as it relates to the state of the connection.

Question 23

CIS (Center for Internet Security)

Answer 23

A not-for-profit organization (founded partly by SANS). It publishes the well-known “Top 20 Critical Security Controls” (or system design recommendations).

Question 24

clean desk policy

Answer 24

An organizational policy that mandates employee work areas be free from potentially sensitive information; sensitive documents must not be left out where unauthorized personnel might see them.

Question 25

cloud deployment model

Answer 25

Classifying the ownership and management of a cloud as public, private, community, or hybrid.

Question 26

Cloud Security Alliance

Answer 26

Industry body providing security guidance to CSPs, including enterprise reference architecture and security controls matrix.

Question 27

cloud service model

Answer 27

Classifying the provision of cloud services and the limit of the cloud service provider’s responsibility as software, platform, infrastructure, and so on. clustering A load balancing technique where a group of servers are configured as a unit and work together to provide network services.

Question 28

CN (common name

Answer 28

An X500 attribute expressing a host or user name, also used as the subject identifier for a digital certificate.

Question 29

COBO (corporate owned, business only)

Answer 29

Enterprise mobile device provisioning model where the device is the property of the organization and personal use is prohibited.

Question 30

code of conduct

Answer 30

Professional behavior depends on basic ethical standards, such as honesty and fairness. Some professions may have developed codes of ethics to cover difficult situations; some businesses may also have a code of ethics to communicate the values it expects its employees to practice. Also known as ethics.

Question 31

code reuse

Answer 31

Potentially unsecure programming practice of using code originally written for a different context.

Question 32

code signing

Answer 32

The method of using a digital signature to ensure the source and integrity of programming code.

Question 33

cold site

Answer 33

A predetermined alternate location where a network can be rebuilt after a disaster.

Question 34

collector

Answer 34

A network appliance that gathers or receives log and/or state data from other network systems.

Question 35

collision

Answer 35

In cryptography, the act of two different plaintext inputs producing the same exact ciphertext output

Question 36

community cloud

Answer 36

A cloud that is deployed for shared use by cooperating tenants.

Question 37

compensating control

Answer 37

A security measure that takes on risk mitigation when a primary control fails or cannot completely meet expectations.

Question 38

confidentiality

Answer 38

The fundamental security goal of keeping information and communications private and protecting them from unauthorized access. containerization A type of virtualization applied by a host operating system to provision an isolated execution environment for an application.

Question 39

content filter

Answer 39

A software application or gateway that filters client requests for various types of internet content (web, FTP, IM, and so on).

Question 40

context-aware authentication

Answer 40

An access control scheme that verifies an object’s identity based on various environmental factors, like time, location, and behavior.

Question 41

continuous delivery

Answer 41

Software development method in which app and platform requirements are frequently tested and validated for immediate availability.

Question 42

continuous deployment

Answer 42

Software development method in which app and platform updates are committed to production rapidly.

Question 43

continuous integration

Answer 43

Software development method in which code updates are tested and committed to a development or build server/code repository rapidly.

Question 44

continuous monitoring

Answer 44

The technique of constantly evaluating an environment for changes so that new risks may be more quickly detected and business operations improved upon. Also known as continuous security monitoring or CSM.

Question 45

control risk

Answer 45

Risk that arises when a control does not provide the level of mitigation that was expected.

Question 46

COPE (corporate owned, personally enabled)

Answer 46

Enterprise mobile device provisioning model where the device remains the property of the organization, but certain personal use, such as private email, social networking, and web browsing, is permitted.

Question 47

corrective control

Answer 47

A type of security control that acts after an incident to eliminate or minimize its impact. correlation Function of log analysis that links log and state data to identify a pattern that should be logged or alerted as an event.

Question 48

counter mode (CTM)

Answer 48

An encryption mode of operation where a numerical counter value is used to create a constantly changing IV. Also referred to as CTM (counter mode) and CM (counter mode).

Question 49

credential stuffing

Answer 49

Brute force attack in which stolen user account names and passwords are tested against multiple websites.

Question 50

CRL (certificate revocation list)

Answer 50

A list of certificates that were revoked before their expiration date.

Question 51

crossover error rate

Answer 51

Biometric evaluation factor expressing the point at which FAR and FRR meet, with a low value indicating better performance.

Question 52

CSP (cloud service provider)

Answer 52

A vendor offering public cloud service models, such as PaaS, IaaS, or SaaS.

Question 53

CSR (certificate signing request)

Answer 53

A Base64 ASCII file that a subject sends to a CA to get a certificate.

Question 54

CTI (cyber threat intelligence)

Answer 54

The process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources. Also known as threat intelligence.

Question 55

Cuckoo

Answer 55

Implementation of a sandbox for malware analysis

Question 56

curl command

Answer 56

Utility for command-line manipulation of URL-based protocol requests

Question 57

CVE (Common Vulnerabilities and Exposures)

Answer 57

Scheme for identifying vulnerabilities developed by MITRE and adopted by NIST.

Question 58

CVSS (Common Vulnerability Scoring System)

Answer 58

A risk management approach to quantifying vulnerability data and then taking into account the degree of risk to different types of systems or information.

Question 59

CYOD (choose your own device)

Answer 59

Enterprise mobile device provisioning model where employees are offered a selection of corporate devices for work and, optionally, private use.