OP Flashcards
Offline files
Computer file storage media that are not physically connected to the computer; typical examples are tapes or tape cartridges used for backup purposes.
Open Source Security Testing Methodology
An open and freely available methodology and manual for security testing.
Outcome measure
Represents the consequences of actions previously taken; often referred to as a lag indicator
Packet filtering
Controlling access to a network by analyzing the attributes of the incoming and outgoing packets and either letting them pass, or denying them, based on a list of rules
Packet switching
The process of transmitting messages in convenient pieces that can be reassembled at the destination
Packet
Protocol data unit that is routed from source to destination in a packet-switched network
Paper test
A walk-through of the steps of a regular test, but without actually performing the steps.
Partitioned file
A file format in which the file is divided into multiple sub files and a directory is established to locate each sub file.
Passive response
A response option in intrusion detection in which the system simply reports and records the problem detected, relying on the user to take subsequent action.
Password cracker
A tool that tests the strength of user passwords by searching for passwords that are easy to guess. It repeatedly tries words from specially crafted dictionaries and often also generates thousands (and in some cases, even millions) of permutations of characters, numbers and symbols.
Penetration testing
A live test of the effectiveness of security defenses through mimicking the actions of real-life attackers
Personally identifiable information (PII)
Any information that can be used to establish a link between the information and the natural person to whom such information relates, or that is or might be directly or indirectly linked to a natural person
Phishing
A type of electronic mail (email) attack that attempts to convince a user that the originator is genuine, but with the intention of obtaining information for use in social engineering
Platform as a Service (PaaS)
Offers the capability to deploy onto the cloud infrastructure customer-created or -acquired applications that are created using programming languages and tools supported by the provider
Policy
A document that communicates required and prohibited activities and behaviors