Other Concepts Flashcards
Concept
Description
Honeypot
A decoy system or network set up to attract potential attackers.
Honeynet
A network of honeypots designed to simulate an entire network environment.
Honeyfile
A bait file used to attract and monitor malicious activity.
Honeytoken
A fake data entry used to detect unauthorized access.
Zero Trust
A security model that assumes no implicit trust and requires continuous verification.
Control Plane
Manages network traffic control, including routing, topology, and policies.
Data Plane
Handles the actual movement and processing of data packets.
Non-repudiation
Assurance that someone cannot deny the validity of something.
Anomalous behavior recognition
Detecting unusual behavior patterns that could indicate a security threat.
Attestation
A declaration that verifies a system’s integrity or security state.
Evidence of internal audits
Documentation proving that internal audits have been conducted.
Risk assessment
The process of identifying and evaluating risks to an organization.
Risk analysis
A detailed examination of risks to determine their impact and likelihood.
Risk register
A log of identified risks, their severity, and mitigation measures.
Risk tolerance
The amount of risk an organization is willing to accept.
Risk management strategies
Strategies to manage and mitigate identified risks.
Risk reporting
The process of communicating information about risks.
Change management
Managing changes in a controlled and systematic way.
Owner Role
The individual responsible for the security of a specific asset.
Controller Role
Entity responsible for determining purposes and means of data processing.
Processor Role
Entity that processes data on behalf of the controller.
Custodians/stewards
Individuals responsible for managing and protecting data.
Open public ledger
A publicly accessible ledger used to record transactions.