Other Concepts Flashcards
Concept
Description
Honeypot
A decoy system or network set up to attract potential attackers.
Honeynet
A network of honeypots designed to simulate an entire network environment.
Honeyfile
A bait file used to attract and monitor malicious activity.
Honeytoken
A fake data entry used to detect unauthorized access.
Zero Trust
A security model that assumes no implicit trust and requires continuous verification.
Control Plane
Manages network traffic control, including routing, topology, and policies.
Data Plane
Handles the actual movement and processing of data packets.
Non-repudiation
Assurance that someone cannot deny the validity of something.
Anomalous behavior recognition
Detecting unusual behavior patterns that could indicate a security threat.
Attestation
A declaration that verifies a system’s integrity or security state.
Evidence of internal audits
Documentation proving that internal audits have been conducted.
Risk assessment
The process of identifying and evaluating risks to an organization.
Risk analysis
A detailed examination of risks to determine their impact and likelihood.
Risk register
A log of identified risks, their severity, and mitigation measures.
Risk tolerance
The amount of risk an organization is willing to accept.
Risk management strategies
Strategies to manage and mitigate identified risks.
Risk reporting
The process of communicating information about risks.
Change management
Managing changes in a controlled and systematic way.
Owner Role
The individual responsible for the security of a specific asset.
Controller Role
Entity responsible for determining purposes and means of data processing.
Processor Role
Entity that processes data on behalf of the controller.
Custodians/stewards
Individuals responsible for managing and protecting data.
Open public ledger
A publicly accessible ledger used to record transactions.
Key stretching
Techniques used to increase the time required to crack passwords.
Root of trust
A hardware or software component that is inherently trusted.
Obfuscation
The deliberate confusion of data to obscure its meaning.
Data masking
Techniques used to hide or obscure sensitive data.
Tokenization
Replacing sensitive data with a non-sensitive equivalent.
Steganography
Concealing a message within another message or file.
Key management system
A system used for the management of cryptographic keys.
Key exchange
The process of securely exchanging cryptographic keys.
Key escrow
Storing encryption keys with a third party for safekeeping.
Data exfiltration
The unauthorized transfer of data from a computer.
Race conditions
Software bugs that occur due to the timing of actions.
Side loading
Installing applications from unofficial sources.
Zero Day
A vulnerability that is unknown to those who should be interested in its mitigation.
Brute force
An attack where every possible combination of passwords is tried.
RFID cloning
Copying the data from an RFID chip to another device.
Smurf Attack
A type of attack where a network is flooded with spoofed requests.
Trojan
Malicious software disguised as legitimate software.
Logic Bomb
Malware that triggers a malicious action when certain conditions are met.
Rootkit
A set of software tools used to gain unauthorized access.
Credential replay
Reusing captured authentication credentials to gain access.
On-path
Intercepting and potentially altering communication between two parties.
Spraying
An attack where many password attempts are made using common passwords.
Birthday Attack
An attack that exploits the mathematics behind hash functions.
Segmentation
Dividing a network into segments to enhance security.
Isolation
Separating systems to prevent them from interacting directly.
Security zones
Different areas within a network with varying levels of security.
Attack Surface
The total number of points where an unauthorized user can try to enter data to or extract data from an environment.
Failure modes
The different ways in which a system can fail.
Port security
A security feature to restrict unauthorized network access.
Jump server
A server that acts as an intermediary between a secure network and external networks.
Inline vs. tap/monitor
Monitoring traffic inline vs. passive monitoring via tap.
Tunneling
Encapsulating one network protocol within another.
Layer 4
Layer 4 of the OSI model, responsible for transport.
Layer 7
Layer 7 of the OSI model, responsible for application services.
RAID 0
A type of RAID that stripes data across multiple disks for performance but offers no redundancy.
RAID 5
A type of RAID that offers a good balance of performance and redundancy.
802.1X
A network access control protocol for securing access to a network.
Data sovereignty
The concept that data is subject to the laws and regulations of the country in which it is located.
Clustering
Linking multiple servers together to work as a single system.
Warm Site
A backup site that is not fully equipped but can be operational within a reasonable time.
Multi-cloud systems
Using multiple cloud services to prevent reliance on a single provider.
Tabletop exercises
Simulated exercises to test the preparedness for emergency situations.
Simulation
A simulated environment to test responses to hypothetical scenarios.
Parallel Processing
Simultaneous processing by multiple processors to complete a task.
Snapshots
Capturing the state of a system at a specific point in time.
Secure Baselines
Defined configurations that are known to be secure.
Static Code Analysis
Analyzing source code to identify potential vulnerabilities.
Data Certification
The process of validating that data meets the necessary standards.
Enumeration
Discovering and listing network resources and their services.
Classification
Categorizing data based on its sensitivity and importance.
NetFlow
NetFlow is a network protocol developed by Cisco for collecting IP traffic information and monitoring network flow.
IPFIX
IPFIX is an enhanced version of NetFlow v9, and is sometimes called “NetFlow v10”
Screened Subnets
Subnets that are separated from the rest of the network for security purposes.
Hard Authentication Token
A physical device used to provide secure authentication.
Soft Authentication Token
A software-based method of providing secure authentication.
Just-in-time Permissions
Granting permissions only when they are needed.
Password Vaulting
A secure storage solution for managing passwords.
Ephemeral credentials
Credentials that are temporary and expire after use.
Passwordless
Authentication without the use of passwords.
Root Cause Analysis
Investigating the root cause of security incidents.
Legal Hold
A process that ensures the preservation of relevant data for legal proceedings.
E-Discovery
The process of identifying and retrieving electronic information.
Threat Hunting
Proactively searching for cyber threats within a network.
Guard Rails
Pre-defined security policies and procedures to follow.
File Integrity Monitoring
Monitoring files to ensure they have not been altered or compromised.
