Network Security Flashcards

1
Q

SIM

A

Subscriber Identity Module/SIM Card

  • Integrated circuit useed to securely store the data used to identify and authenticate mobile subscribers
  • SIM also stores personalized data, such as a telephone book and messages
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SATCOM

A

Satellite Communications or Communications Satellite

A method for mobile devices to connect to networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DMZ

A

Demilitarized Zone

A physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted usually larger network such as the Internet. The purpose of a DMZ is to add an additional layer of security to an organization’s local area network (LAN).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

CAN

A

Controller Area Network

Vehicle bus standard designed to allow microcontrollers and devices to communicate with each other’s applications without a host computer.

Used in the automotive industry, aircraft, and medical devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

GPS

A

Global Positioning System

A satellite-based radionavigation system created and maintained by the US government.

Provides free geolocation and time information to a GPS receiver anywhere on or near the Earth with is an unobstructed line of sight to four or more GPS satellites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CYOD

A

Choose Your Own Device

A mobile deployment model that allows employees to select a mobile device from a list of accepted devices to use for work purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

HDD

A

Hard Disk Drive

An electro-mechanical data storage device that stores and retrieves digital data using magnetic storage and one or more rigid rapidly rotating platters coated with magnetic material.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

UPS

A

Uninterruptible Power Supply

Increase power related fault tolerance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

CAPTCHA

A

Completely Automated Public Turing test to tell Computers and Humans Apart

A type of challenge–response test used in computing to determine whether or not the user is human.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

RAS

A

Remote Access Server

  • Server that provides a suite of services to remotely connected users over a network or the Internet.
  • Operates as a remote gateway or central server that connects remote users with an organization’s internal local area network (LAN).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

ICS

A

Industrial Control System

A networked system that controls critical infrastructure such as water electrical transportation and telecommunication services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DSL

A

Digital Subscriber Line

Used to transmit digital data over telephone lines.

The term DSL is widely understood to mean asymmetric digital subscriber line (ADSL) the most commonly installed DSL technology for Internet access.

DSL can be delivered simultaneously with wired telephone service on the same telephone line since DSL uses higher frequency bands for data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

UTM

A

Unified Threat Management

A group of security controls combined in a single solution. UTM appliances can inspect data streams for malicious content and block it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

WIPS

A

Wireless Intrusion Prevention System; An active inline security device that monitors suspicious network and/or system traffic on a wireless network and reacts in real time to block it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

VLSM

A

Variable Length Subnet Masking

A subnet design that uses more than one mask in the same network which means more than one mask is used for different subnets of a single class A, B, C or a network

It is used to increase the usability of subnets as they can be of variable size.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

GPG

A

Gnu Privacy Guard

A free open-source version of Symantec’s PGP crytographic software suite that provides equivalent encryption and authentication services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

TOS

A

Trusted Operating System

Operating system that meets a set of predetermined requirements with heavy empasis on authentication and authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

CASB

A

Cloud Access Security Broker

A software tool or service that enforces cloud-based security requirements.

It is placed between an organization’s resources and the cloud.

Monitors all network traffic and can enforce security policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

MDM

A

Mobile Device Management

A group of applications and/or technologies used to manage mobile devices.

MDM tools can monitor mobile devices to ensure security policy compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

VPN

A

Virtual Private Network

A method of extending a private network by tunneling though a public network such as the Internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

VDI

A

Virtual Desktop Infrastructure

A virtualization implementation that separates the personal computing environment from a user’s physical computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

NIPS

A

Network-based Intrusion Prevention System

An active inline security device that monitors suspicious network and/or system traffic and reacts in real time to block it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

ESN

A

Electronic Serial Number

Unique identifier for mobile devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

COPE

A

Corporate Owned Personally Enabled

A mobile device deployment model.

The organization purchases and issues devices to employees.

Employees to use them as if they were personally-owned notebook computers, tablets or smartphones.

Compare with BYOD and CYOD.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

URL

A

Universal Resource Locator

  • Commonly called web address
  • Reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it
  • Specific type of Uniform Resource Identifier (URI)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

SCAP

A

Security Content Automation Protocol

  • Standard used by vulnerability scanners
  • Utilizes the National Vulnerability Database (NVD), which includes:
    • Lists of common misconfigurations
    • Security-related software flaws
    • Impact ratings or risk scores
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

AP

A

Access Point

A networking hardware device that allows other Wi-Fi devices to connect to a wired network.

AKA Wireless Access Point (WAP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

FDE

A

Full Disk Encryption

  • Entire hard drive is encrypted
  • Several software applications such as Veracrypt can do this
  • Hardware-based full disk encryption also available
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

IPS

A

Intrusion Protection System

  • Device or software application that can detect, react to, and prevent attacks.
  • Placed inline with traffic
  • Has protocol analyzing capabilities
  • Reacts to attacks in progress and prevents them from reaching systems and networks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

HIDS

A

Host-based Intrusion Detection System

A type of IDS that monitors all traffic on a single host systems like a server or workstation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

EFS

A

Encrypted File System

A technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.

It is used in Microsoft Windows NTFS-based public key encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

IDS

A

Intrusion Detection System

  • Device or software application that monitors a network or systems for malicious activity or policy violations
  • Monitors network traffic but traffic doesn’t go through the IDS (out-of-band)
  • Has protocol analyzing capabilities.
  • Can identify and respond to an attack but only after it has already started
  • 2 types of detection:
    • Signature-based, like an AV program, uses database of known vulnerabilities
    • Heuristic/Behavioral-based identifies normal behavior and creates a baseline. Then detects deviations from baseline.
33
Q

VMLM

A

Virtual Machine Lifecycle Management

A collection of processes designed to help administrators oversee the implementation delivery operation and maintenance of VMs over the course of their existence

34
Q

RTOS

A

Real-Time Operating System

  • OS that reacts to inputs within a specified time
  • Processing must be completed within the specified constraints or system doesn’t process the data and typically reports an error
35
Q

CRC

A

Cyclical Redundancy Check

Function used to produce a checksum in order to detect errors in data storage or transmission.

36
Q

CMS

A

Content Management System

Computer software used to manage the creation and modification of digital content.

Typically used for enterprise and web content management.

37
Q

BYOD

A

Bring Your Own Device

A policy of permitting employees to bring personally owned devices (laptops, tablets, smartphones, etc.) to work and to use those devices to access privileged company information and applications.

38
Q

EOL

A

End of Life

A product that is at the end of its useful life. At this stage a vendor stops the marketing selling or provision of parts services or software updates for the product.

39
Q

WIDS

A

Wireless Intrusion Detection System;

A type of NIDS that scans the radio frequency spectrum for possible threats to the wireless network primarily rogue access points

40
Q

UAT

A

User Acceptance Testing

Process of verifying that a solution works for the end user

41
Q

TPM

A

Trusted Platform Module

  • A hardware chip on the motherboard included with many laptops and some mobile devices
  • It provides full disk encryption
  • Compare with HSM
42
Q

SoC

A

System on Chip

An embedded systems component that consolidates the functionality of a CPU memory module and peripherals

43
Q

DNAT

A

Destination Network Address Translation

  • Technique for transparently changing the destination IP address of an end route packet and performing the inverse function for any replies.
  • Commonly used to publish a service located in a private network on a publicly accessible IP address.
  • AKA port forwarding.
44
Q

SDN

A

Software Defined Network

Approach to networking that uses software-based controllers or application programming interfaces (APIs) to communicate with underlying hardware infrastructure and direct traffic on a network

45
Q

VDE

A

Virtual Desktop Environment

Users access a server hosting virtual desktops and run the desktop operating system from the server.

46
Q

UEFI

A

Unified Extensible Firmware Interface

  • Method used to boot some systems
  • Performs many of same functions as BIOS but includes some enhancements
  • Intended to replace BIOS firmware
  • Can be upgraded using flashing
47
Q

WAF

A

Web Application Firewall

A firewall specifically designed to protect a web application like a web server.

It inspects the content of web server traffic and can detect malicious content.

48
Q

VTC

A

Video Teleconferencing

Provides live, interactive communications for collaborative meetings, instructional courses, and informational presentations.

Feedback between participating groups is live and real-time.

A VTC is like a conference call that includes a visual element.

49
Q

loT

A

Internet of Things

Network of physical objects (things) that are embedded with sensors software and other technologies for the purpose of connecting and exchanging data with other devices and systems over the Internet.

50
Q

FACL

A

File System Access Control List

A data structure (usually a table) containing entries that specify individual user or group rights to specific system objects such as programs, processes, or files.

Entries are called access-control entities (ACEs) in Windows NT, OpenVMS, and UNIX-like OSs.

51
Q

CC

A

Common Criteria (for IT Security Evaluation)

An international standard for computer security certification.

Typically completed for the use of Federal Government agencies and critical infrastructure.

52
Q

VLAN

A

Virtual Local Area Network

A logical method of segmenting a network at the Data Link layer layer 2) of the OSI model

53
Q

ACL

A

Access Control List

List of rules used by routers and stateless firewalls. These devices use the ACL to control traffic based on networks, subnets, IP addresses, ports, and some protocols.

54
Q

SCADA

A

Supervisory Control and Data Acquisition

  • System used to control an ICS (industrial control system) such as a power plant or water treatment facility
  • Ideally located within an isolated network
55
Q

TCB

A

Trusted Computing Base

The hardware, firmware, and software components of a computer system that are critical to the security of the system.

56
Q

WORM

A

Write Once Read Many

A data storage device in which information once written cannot be modified.

This write protection affords the assurance that the data cannot be tampered with once it is written to the device.

57
Q

HVAC

A

Heating Ventilation and Air Conditioning

A physical security control that increases availability by regulating airflow within data centers and server rooms.

58
Q

AUP

A

Acceptable Use Policy

  • Stipulates the constraints and practices that a user must agree to in order to access a corporate network and/or the Internet.
  • Many businesses and educational facilities require that employees or students sign an acceptable use policy before being granted a network ID.
59
Q

SAN

A

Storage Area Network

  • Specialized, high-speed network that provides block-level network access to storage
  • Presents storage devices to a host such that the storage appears to be locally attached
  • Typically a dedicated network of storage devices not accessible through the LAN
60
Q

SED

A

Self-Encrypting Drive

Includes all the hardware and software to:

  • encrypt all drive data
  • securely store the encryption keys
61
Q

LAN

A

Local Area Network

Computer network that interconnects computers within a limited area such as a residence school laboratory university campus or office building.

62
Q

SCSI

A

Small Computer System Interface

Set of standards for physically connecting and transferring data between computers and peripheral devices

63
Q

BAC

A

Business Availability Center

HP software that optimizes the availability, performance and effectiveness of business services and applications.

Helps organizations understand the business impact an outage or degradation may have on business services and applications.

64
Q

NIDS

A

Network-based Intrusion Detection System

A system that uses passive hardware sensors to monitor traffic on a specific segment of the network

65
Q

URI

A

Uniform Resource Identifier

  • Unique sequence of characters that identifies a logical or physical resource used by web technologies
  • May be used to identify anything, including real-world objects, such as people and places, concepts, or information resources such as web pages and books
  • A URL is a type of URI
66
Q

DLP

A

Data Loss Prevention

Software that detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest.

67
Q

EULA

A

End User License Agreement

A legal contract entered into between a software developer or vendor and the user of the software.

68
Q

MAN

A

Metropolitan Area Network

  • Computer network that interconnects users with computer resources in a geographic region of the size of a metropolitan area
  • Bigger than a LAN but smaller than a WAN
69
Q

MAC

A

Media Access Control

  • 48bit physical address assigned a network interface cards (NICs).
  • Also called hardware address or physical address
70
Q

CCTV

A

Closed-Circuit Television

The use of video cameras to transmit a signal to a specific place, on a limited set of monitors.

AKA Video Surveillance.

71
Q

DBA

A

Database Administrator

DBSs use specialized software to store and organize data.

The role may include capacity planning, installation, configuration, database design, migration, performance monitoring, security, troubleshooting, as well as backup and data recovery.

72
Q

VM

A

Virtual Machine

  • A virtualized computer that consists of an operating system and applications that run in a virtual environment that simulates dedicated physical hardware
  • 3 types:
    • Type I - run directly on system hardware (vs. within an OS)
    • Type II - run as software within an OS
    • Application cell/container virtualization - runs services or applications within isolated application cells/containers
73
Q

ERP

A

Enterprise Resource Planning

A category of business management software that an organization can use to collect store manage and interpret data from many core business activities such as HRM and Accounting.

74
Q

HIPS

A

Host-based Intrusion Protection System

A type of IPS that monitors all traffic on a host computer system such as a server or workstation.

If malicious activity is detected, it reacts in real time to block it.

75
Q

HTML

A

Hypertext Markup Language

The standard markup language for documents designed to be displayed in a web browser.

76
Q

AV

A

Antivirus

Software that protects systems against most malware including:

  • viruses
  • Trojans
  • worms
77
Q

GPO

A

Group Policy Object

  • Technology used with MS Windows to manage users and computers.
  • Implemented on a domain controller within a domain.
  • Provides centralized management and configuration of operating systems applications and users’ settings in an Active Directory environment.
78
Q

ASP

A

Application Service Provider

A company that offers individuals or enterprises access to applications and related services over the internet. The term has largely been replaced by software as a service (SaaS) provider, although in some parts of the world, companies use the two labels interchangeably.