Glossary G-H-I

Question 1

gait analysis

Answer 1

Biometric mechanism that identifies a subject based on movement pattern.

Question 2

GCM (Galois/Counter Mode)

Answer 2

A mode of block chained encryption that provides message authenticity for each block.

Question 3

GDPR (General Data Protection Regulation)

Answer 3

Provisions and requirements protecting the personal data of European Union (EU) citizens. Transfers of personal data outside the EU Single Market are restricted unless protected by like-for-like regulations, such as the US’s Privacy Shield requirements.

Question 4

geofencing

Answer 4

The practice of creating a virtual boundary based on real-world geography.

Question 5

geolocation

Answer 5

The identification or estimation of the physical location of an object, such as a radar source, mobile phone, or Internet-connected computing device.

Question 6

GPO (Group Policy Object)

Answer 6

On a Windows domain, a way to deploy per-user and per-computer settings such as password policy, account restrictions, firewall status, and so on.

Question 7

grep command

Answer 7

Linux command for searching and filtering input. This can be used as a file search tool when combined with ls.

Question 8

group account

Answer 8

A group account is a collection of user accounts that are useful when establishing file permissions and user rights because when many individuals need the same level of access, a group could be established containing all the relevant users.

Question 9

HA (high availability)

Answer 9

The property that defines how closely systems approach the goal of providing data availability 100 percent of the time while maintaining a high level of system performance.

Question 10

hardening

Answer 10

The process of making a host or app configuration secure by reducing its attack surface, through running only necessary services, installing monitoring software to protect against malware and intrusions, and establishing a maintenance schedule to ensure the system is patched to be secure against software exploits.

Question 11

hashcat

Answer 11

Command-line tool used to perform brute force and dictionary attacks against password hashes.

Question 12

hashing

Answer 12

A function that converts an arbitrary length string input to a fixed length string output. A cryptographic hash function does this in a way that reduces the chance of collisions, where two different inputs produce the same output. Also known as message digest.

Question 13

head command

Answer 13

Linux utility for showing the first lines in a file.

Question 14

heat map

Answer 14

In a Wi-Fi site survey, a diagram showing signal strength at different locations.

Question 15

heuristic analysis (heuristic)

Answer 15

A method that uses feature comparisons and likenesses rather than specific signature matching to identify whether the target of observation is malicious.

Question 16

HMAC (hash-based message authentication code)

Answer 16

A method used to verify both the integrity and authenticity of a message by combining a cryptographic hash of the message with a secret key.

Question 17

homomorphic encryption

Answer 17

Method that allows computation of certain fields in a dataset without decrypting it.

Question 18

honeypot (honeynet)

Answer 18

A host, network, or file set up with the purpose of luring attackers away from assets of actual value and/or discovering attack strategies and weaknesses in the security configuration. Also known as honeyfile.

Question 19

horizontal privilege escalation

Answer 19

When a user accesses or modifies specific resources that they are not entitled to.

Question 20

host-based firewall

Answer 20

A software application running on a single host and designed to protect only that host. Also known as personal firewall.

Question 21

hot site

Answer 21

A fully configured alternate network that can be online quickly after a disaster.

Question 22

hot/cold aisle

Answer 22

Arrangement of server racks to maximize the efficiency of cooling systems. Also known as cold/hot aisle.

Question 23

HOTP (HMAC-based One-time Password)

Answer 23

An algorithm that generates a one-time password using a hash-based authentication code to verify the authenticity of the message.

Question 24

HSM (hardware security module)

Answer 24

An appliance for generating and storing cryptographic keys. This sort of solution may be less susceptible to tampering and insider threats than software-based storage.

Question 25

HTML5 VPN

Answer 25

Using features of HTML5 to implement remote desktop/VPN connections via browser software (clientless).

Question 26

hybrid cloud

Answer 26

A cloud deployment that uses both private and public elements.

Question 27

IaaS (Infrastructure as a Service)

Answer 27

A computing method that uses the cloud to provide any or all infrastructure needs.

Question 28

IaC (infrastructure as code)

Answer 28

A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration.

Question 29

IAM (identity and access management)

Answer 29

A security process that provides identification, authentication, and authorization mechanisms for users, computers, and other entities to work with organizational assets like networks, operating systems, and applications.

Question 30

ICS (industrial control system)

Answer 30

A network managing embedded devices (computer systems that are designed to perform a specific, dedicated function).

Question 31

identity fraud

Answer 31

The invention of fake personal information or the theft and misuse of an individual’s personal information.

Question 32

IdP (identity provider)

Answer 32

In a federated network, the service that holds the user account and performs authentication.

Question 33

IDS (intrusion detection system)

Answer 33

A software and/or hardware system that scans, audits, and monitors the security infrastructure for signs of attacks in progress.

Question 34

IEEE 802.1X

Answer 34

A standard for encapsulating EAP communications over a LAN (EAPoL) to implement port-based authentication.

Question 35

IKE (Internet Key Exchange)

Answer 35

Framework for creating a Security Association (SA) used with IPSec. An SA establishes that two hosts trust one another (authenticate) and agree secure protocols and cipher suites to use to exchange data.

Question 36

implicit deny

Answer 36

A basic principle of security stating that unless something has explicitly been granted access, it should be denied access.

Question 37

incremental backup

Answer 37

A backup type in which all selected files that have changed since the last full or incremental backup (whichever was most recent) are backed up.

Question 38

industrial camouflage

Answer 38

Methods of disguising the nature and purpose of buildings or parts of buildings.

Question 39

inherent risk

Answer 39

Risk that an event will pose if no controls are put in place to mitigate it.

Question 40

input validation

Answer 40

Any technique used to ensure that the data entered into a field or variable in an application is handled appropriately by that application.

Question 41

insecure object reference

Answer 41

Coding vulnerability where unvalidated input is used to select a resource object, such as a file or database.

Question 42

insider threat

Answer 42

A type of threat actor who is assigned privileges on the system that cause an intentional or unintentional incident.

Question 43

integer overflow

Answer 43

An attack in which a computed result is too large to fit in its assigned storage space, which may lead to crashing or data corruption, and may trigger a buffer overflow. integrity The fundamental security goal of keeping organizational information accurate, free of errors, and without unauthorized modifications.

Question 44

intelligence fusion

Answer 44

In threat hunting, using sources of threat intelligence data to automate detection of adversary IoCs and TTPs.

Question 45

intranet

Answer 45

A private network that is only accessible by the organization’s own personnel.

Question 46

IoC (indicator of compromise)

Answer 46

A sign that an asset or network has been attacked or is currently under attack.

Question 47

IPAM (IP address management)

Answer 47

Software consolidating management of multiple DHCP and DNS services to provide oversight into IP address allocation across an enterprise network.

Question 48

IPFIX (IP Flow Information Export)

Answer 48

Standards-based version of the Netflow framework.

Question 49

IPS (intrusion prevention system)

Answer 49

An IDS that can actively block attacks.

Question 50

IPSec(Internet Protocol Security)

Answer 50

A set of open, non-proprietary standards that are used to secure data through authentication and encryption as the data travels across the network or the Internet.

Question 51

IRP (incident response plan)

Answer 51

Specific procedures that must be performed if a certain type of event is detected or reported.

Question 52

ISA (interconnection security agreement)

Answer 52

Any federal agency interconnecting its IT system to a third-party must create an ISA to govern the relationship. An ISA sets out a security risk awareness process and commit the agency and supplier to implementing security controls.

Question 53

ISAC (Information Sharing and Analysis Center)

Answer 53

Not-for-profit group set up to share sector-specific threat intelligence and security best practices amongst its members.

Question 54

ISO/IEC 27K (International Organization for Standardization 27000 Series)

Answer 54

A comprehensive set of standards for information security, including best practices for security and risk management, compliance, and technical implementation.

Question 55

ISO/IEC 31K (International Organization for Standardization 31000 Series)

Answer 55

A comprehensive set of standards for enterprise risk management.

Question 56

IV attack (Initialization Vector Attack)

Answer 56

A wireless attack where the attacker is able to predict or control the IV of an encryption process, thus giving the attacker access to view the encrypted data that is supposed to be hidden from everyone else except the user or network.