Glossary G-H-I Flashcards

1
Q

gait analysis

A

Biometric mechanism that identifies a subject based on movement pattern.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

GCM (Galois/Counter Mode)

A

A mode of block chained encryption that provides message authenticity for each block.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

GDPR (General Data Protection Regulation)

A

Provisions and requirements protecting the personal data of European Union (EU) citizens. Transfers of personal data outside the EU Single Market are restricted unless protected by like-for-like regulations, such as the US’s Privacy Shield requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

geofencing

A

The practice of creating a virtual boundary based on real-world geography.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

geolocation

A

The identification or estimation of the physical location of an object, such as a radar source, mobile phone, or Internet-connected computing device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

GPO (Group Policy Object)

A

On a Windows domain, a way to deploy per-user and per-computer settings such as password policy, account restrictions, firewall status, and so on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

grep command

A

Linux command for searching and filtering input. This can be used as a file search tool when combined with ls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

group account

A

A group account is a collection of user accounts that are useful when establishing file permissions and user rights because when many individuals need the same level of access, a group could be established containing all the relevant users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

HA (high availability)

A

The property that defines how closely systems approach the goal of providing data availability 100 percent of the time while maintaining a high level of system performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

hardening

A

The process of making a host or app configuration secure by reducing its attack surface, through running only necessary services, installing monitoring software to protect against malware and intrusions, and establishing a maintenance schedule to ensure the system is patched to be secure against software exploits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

hashcat

A

Command-line tool used to perform brute force and dictionary attacks against password hashes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

hashing

A

A function that converts an arbitrary length string input to a fixed length string output. A cryptographic hash function does this in a way that reduces the chance of collisions, where two different inputs produce the same output. Also known as message digest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

head command

A

Linux utility for showing the first lines in a file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

heat map

A

In a Wi-Fi site survey, a diagram showing signal strength at different locations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

heuristic analysis (heuristic)

A

A method that uses feature comparisons and likenesses rather than specific signature matching to identify whether the target of observation is malicious.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

HMAC (hash-based message authentication code)

A

A method used to verify both the integrity and authenticity of a message by combining a cryptographic hash of the message with a secret key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

homomorphic encryption

A

Method that allows computation of certain fields in a dataset without decrypting it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

honeypot (honeynet)

A

A host, network, or file set up with the purpose of luring attackers away from assets of actual value and/or discovering attack strategies and weaknesses in the security configuration. Also known as honeyfile.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

horizontal privilege escalation

A

When a user accesses or modifies specific resources that they are not entitled to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

host-based firewall

A

A software application running on a single host and designed to protect only that host. Also known as personal firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

hot site

A

A fully configured alternate network that can be online quickly after a disaster.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

hot/cold aisle

A

Arrangement of server racks to maximize the efficiency of cooling systems. Also known as cold/hot aisle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

HOTP (HMAC-based One-time Password)

A

An algorithm that generates a one-time password using a hash-based authentication code to verify the authenticity of the message.

24
Q

HSM (hardware security module)

A

An appliance for generating and storing cryptographic keys. This sort of solution may be less susceptible to tampering and insider threats than software-based storage.

25
Q

HTML5 VPN

A

Using features of HTML5 to implement remote desktop/VPN connections via browser software (clientless).

26
Q

hybrid cloud

A

A cloud deployment that uses both private and public elements.

27
Q

IaaS (Infrastructure as a Service)

A

A computing method that uses the cloud to provide any or all infrastructure needs.

28
Q

IaC (infrastructure as code)

A

A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration.

29
Q

IAM (identity and access management)

A

A security process that provides identification, authentication, and authorization mechanisms for users, computers, and other entities to work with organizational assets like networks, operating systems, and applications.

30
Q

ICS (industrial control system)

A

A network managing embedded devices (computer systems that are designed to perform a specific, dedicated function).

31
Q

identity fraud

A

The invention of fake personal information or the theft and misuse of an individual’s personal information.

32
Q

IdP (identity provider)

A

In a federated network, the service that holds the user account and performs authentication.

33
Q

IDS (intrusion detection system)

A

A software and/or hardware system that scans, audits, and monitors the security infrastructure for signs of attacks in progress.

34
Q

IEEE 802.1X

A

A standard for encapsulating EAP communications over a LAN (EAPoL) to implement port-based authentication.

35
Q

IKE (Internet Key Exchange)

A

Framework for creating a Security Association (SA) used with IPSec. An SA establishes that two hosts trust one another (authenticate) and agree secure protocols and cipher suites to use to exchange data.

36
Q

implicit deny

A

A basic principle of security stating that unless something has explicitly been granted access, it should be denied access.

37
Q

incremental backup

A

A backup type in which all selected files that have changed since the last full or incremental backup (whichever was most recent) are backed up.

38
Q

industrial camouflage

A

Methods of disguising the nature and purpose of buildings or parts of buildings.

39
Q

inherent risk

A

Risk that an event will pose if no controls are put in place to mitigate it.

40
Q

input validation

A

Any technique used to ensure that the data entered into a field or variable in an application is handled appropriately by that application.

41
Q

insecure object reference

A

Coding vulnerability where unvalidated input is used to select a resource object, such as a file or database.

42
Q

insider threat

A

A type of threat actor who is assigned privileges on the system that cause an intentional or unintentional incident.

43
Q

integer overflow

A

An attack in which a computed result is too large to fit in its assigned storage space, which may lead to crashing or data corruption, and may trigger a buffer overflow. integrity The fundamental security goal of keeping organizational information accurate, free of errors, and without unauthorized modifications.

44
Q

intelligence fusion

A

In threat hunting, using sources of threat intelligence data to automate detection of adversary IoCs and TTPs.

45
Q

intranet

A

A private network that is only accessible by the organization’s own personnel.

46
Q

IoC (indicator of compromise)

A

A sign that an asset or network has been attacked or is currently under attack.

47
Q

IPAM (IP address management)

A

Software consolidating management of multiple DHCP and DNS services to provide oversight into IP address allocation across an enterprise network.

48
Q

IPFIX (IP Flow Information Export)

A

Standards-based version of the Netflow framework.

49
Q

IPS (intrusion prevention system)

A

An IDS that can actively block attacks.

50
Q

IPSec(Internet Protocol Security)

A

A set of open, non-proprietary standards that are used to secure data through authentication and encryption as the data travels across the network or the Internet.

51
Q

IRP (incident response plan)

A

Specific procedures that must be performed if a certain type of event is detected or reported.

52
Q

ISA (interconnection security agreement)

A

Any federal agency interconnecting its IT system to a third-party must create an ISA to govern the relationship. An ISA sets out a security risk awareness process and commit the agency and supplier to implementing security controls.

53
Q

ISAC (Information Sharing and Analysis Center)

A

Not-for-profit group set up to share sector-specific threat intelligence and security best practices amongst its members.

54
Q

ISO/IEC 27K (International Organization for Standardization 27000 Series)

A

A comprehensive set of standards for information security, including best practices for security and risk management, compliance, and technical implementation.

55
Q

ISO/IEC 31K (International Organization for Standardization 31000 Series)

A

A comprehensive set of standards for enterprise risk management.

56
Q

IV attack (Initialization Vector Attack)

A

A wireless attack where the attacker is able to predict or control the IV of an encryption process, thus giving the attacker access to view the encrypted data that is supposed to be hidden from everyone else except the user or network.