Glossary G-H-I Flashcards
gait analysis
Biometric mechanism that identifies a subject based on movement pattern.
GCM (Galois/Counter Mode)
A mode of block chained encryption that provides message authenticity for each block.
GDPR (General Data Protection Regulation)
Provisions and requirements protecting the personal data of European Union (EU) citizens. Transfers of personal data outside the EU Single Market are restricted unless protected by like-for-like regulations, such as the US’s Privacy Shield requirements.
geofencing
The practice of creating a virtual boundary based on real-world geography.
geolocation
The identification or estimation of the physical location of an object, such as a radar source, mobile phone, or Internet-connected computing device.
GPO (Group Policy Object)
On a Windows domain, a way to deploy per-user and per-computer settings such as password policy, account restrictions, firewall status, and so on.
grep command
Linux command for searching and filtering input. This can be used as a file search tool when combined with ls.
group account
A group account is a collection of user accounts that are useful when establishing file permissions and user rights because when many individuals need the same level of access, a group could be established containing all the relevant users.
HA (high availability)
The property that defines how closely systems approach the goal of providing data availability 100 percent of the time while maintaining a high level of system performance.
hardening
The process of making a host or app configuration secure by reducing its attack surface, through running only necessary services, installing monitoring software to protect against malware and intrusions, and establishing a maintenance schedule to ensure the system is patched to be secure against software exploits.
hashcat
Command-line tool used to perform brute force and dictionary attacks against password hashes.
hashing
A function that converts an arbitrary length string input to a fixed length string output. A cryptographic hash function does this in a way that reduces the chance of collisions, where two different inputs produce the same output. Also known as message digest.
head command
Linux utility for showing the first lines in a file.
heat map
In a Wi-Fi site survey, a diagram showing signal strength at different locations.
heuristic analysis (heuristic)
A method that uses feature comparisons and likenesses rather than specific signature matching to identify whether the target of observation is malicious.
HMAC (hash-based message authentication code)
A method used to verify both the integrity and authenticity of a message by combining a cryptographic hash of the message with a secret key.
homomorphic encryption
Method that allows computation of certain fields in a dataset without decrypting it.
honeypot (honeynet)
A host, network, or file set up with the purpose of luring attackers away from assets of actual value and/or discovering attack strategies and weaknesses in the security configuration. Also known as honeyfile.
horizontal privilege escalation
When a user accesses or modifies specific resources that they are not entitled to.
host-based firewall
A software application running on a single host and designed to protect only that host. Also known as personal firewall.
hot site
A fully configured alternate network that can be online quickly after a disaster.
hot/cold aisle
Arrangement of server racks to maximize the efficiency of cooling systems. Also known as cold/hot aisle.
HOTP (HMAC-based One-time Password)
An algorithm that generates a one-time password using a hash-based authentication code to verify the authenticity of the message.
HSM (hardware security module)
An appliance for generating and storing cryptographic keys. This sort of solution may be less susceptible to tampering and insider threats than software-based storage.
HTML5 VPN
Using features of HTML5 to implement remote desktop/VPN connections via browser software (clientless).
hybrid cloud
A cloud deployment that uses both private and public elements.
IaaS (Infrastructure as a Service)
A computing method that uses the cloud to provide any or all infrastructure needs.
IaC (infrastructure as code)
A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration.
IAM (identity and access management)
A security process that provides identification, authentication, and authorization mechanisms for users, computers, and other entities to work with organizational assets like networks, operating systems, and applications.
ICS (industrial control system)
A network managing embedded devices (computer systems that are designed to perform a specific, dedicated function).
identity fraud
The invention of fake personal information or the theft and misuse of an individual’s personal information.
IdP (identity provider)
In a federated network, the service that holds the user account and performs authentication.
IDS (intrusion detection system)
A software and/or hardware system that scans, audits, and monitors the security infrastructure for signs of attacks in progress.
IEEE 802.1X
A standard for encapsulating EAP communications over a LAN (EAPoL) to implement port-based authentication.
IKE (Internet Key Exchange)
Framework for creating a Security Association (SA) used with IPSec. An SA establishes that two hosts trust one another (authenticate) and agree secure protocols and cipher suites to use to exchange data.
implicit deny
A basic principle of security stating that unless something has explicitly been granted access, it should be denied access.
incremental backup
A backup type in which all selected files that have changed since the last full or incremental backup (whichever was most recent) are backed up.
industrial camouflage
Methods of disguising the nature and purpose of buildings or parts of buildings.
inherent risk
Risk that an event will pose if no controls are put in place to mitigate it.
input validation
Any technique used to ensure that the data entered into a field or variable in an application is handled appropriately by that application.
insecure object reference
Coding vulnerability where unvalidated input is used to select a resource object, such as a file or database.
insider threat
A type of threat actor who is assigned privileges on the system that cause an intentional or unintentional incident.
integer overflow
An attack in which a computed result is too large to fit in its assigned storage space, which may lead to crashing or data corruption, and may trigger a buffer overflow. integrity The fundamental security goal of keeping organizational information accurate, free of errors, and without unauthorized modifications.
intelligence fusion
In threat hunting, using sources of threat intelligence data to automate detection of adversary IoCs and TTPs.
intranet
A private network that is only accessible by the organization’s own personnel.
IoC (indicator of compromise)
A sign that an asset or network has been attacked or is currently under attack.
IPAM (IP address management)
Software consolidating management of multiple DHCP and DNS services to provide oversight into IP address allocation across an enterprise network.
IPFIX (IP Flow Information Export)
Standards-based version of the Netflow framework.
IPS (intrusion prevention system)
An IDS that can actively block attacks.
IPSec(Internet Protocol Security)
A set of open, non-proprietary standards that are used to secure data through authentication and encryption as the data travels across the network or the Internet.
IRP (incident response plan)
Specific procedures that must be performed if a certain type of event is detected or reported.
ISA (interconnection security agreement)
Any federal agency interconnecting its IT system to a third-party must create an ISA to govern the relationship. An ISA sets out a security risk awareness process and commit the agency and supplier to implementing security controls.
ISAC (Information Sharing and Analysis Center)
Not-for-profit group set up to share sector-specific threat intelligence and security best practices amongst its members.
ISO/IEC 27K (International Organization for Standardization 27000 Series)
A comprehensive set of standards for information security, including best practices for security and risk management, compliance, and technical implementation.
ISO/IEC 31K (International Organization for Standardization 31000 Series)
A comprehensive set of standards for enterprise risk management.
IV attack (Initialization Vector Attack)
A wireless attack where the attacker is able to predict or control the IV of an encryption process, thus giving the attacker access to view the encrypted data that is supposed to be hidden from everyone else except the user or network.
