Other Sec Plus Terms Flashcards
a type of computerized cryptography where block cipher algorithms are applied three times to each data block. Each block contains 64 bit of data
3DES
a symmetric block cipher algorithm with a block/chunk size of 128 bits
AES
which has a key length of 256 bits, supports the largest bit size and is practically unbreakable by brute force based on current computing power, making it the strongest encryption standard
AES256
enables the real-time exchange of machine-readable cyber threat indicators and defensive measures to help protect participants of the community and ultimately reduce the prevalence of cyberattacks
automated indicator sharing
is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory
Address space layout randomization ASLR
works as a secondary RAM, enable the system to remove infrequently accessed modified pages from physical memory to let the system use physical memory more efficiently for more frequently accessed pages
page file
enables web servers to dynamically generate webpages and create interactive web applications by using server-side scripting technology.
active server pages ASP
is a document that outlines how a business will continue operating during an unplanned disruption in service
business continuity planning BCP
global routing system of the internet. It manages how packets get routed from network to network through the exchange of routing and reachability information among edge routers
Border Gateway Protocol BGP
predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies
Business Impact Analysis BIA
s used in infrastructure mode to identify the media access control (MAC) address of the access point.
Basic Service Set Identifier BSSID
a report of measures taken to address root causes of non-conformances to prevent recurrence of issues
CAR Correction Action Report
Action taken to prevent the occurrence of such non-conformities, generally as a result of a report
Preventive Action Report
is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents
Computer Emergency Response Team
Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery resulting from computer security incidents.
Computer Incident Response Team
software suites that allow site administrators to easily manage the design, functionality, and operation of websites with minimal technical expertise
Content Management System
A type of checksum algorithm that is not a cryptographic hash but is used to implement data integrity service where accidental changes to data are expected
Cyclic Redundancy Check
is an executive responsible for the safety and security of company data, personnel, and assets.
chief security officer
is a hardware device that converts a digital data frame from the communications technology.
Channel Service Unit CSU
uses an arbitrary number (the counter) that changes with each block of text encrypted is encrypted with the cipher, and the result is XOR’d into ciphertext
counter mode
top executive that oversees the entire information technology department and is responsible for integrating business needs and requirements into IT planning and operations
Chief Technology Officer
approach generates a public and private key on both sides of the transaction, but only shares the public key
diffie hellman DHE
a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify
Domain Keys Identified Mail DKIM
helps mail administrators prevent hackers and other attackers from spoofing their organization and domain.
Domain-Based Message Authentication Reporting and Conformance DMARC
when a volume or character of plaintext is separated or divided into several blocks of data, each or every of which is then encrypted independently divides it of other blocks
electronic code book
a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel
Elliptic-curve Diffie–Hellman
a cryptographic algorithm used by Bitcoin to ensure that funds can only be spent by their rightful owners. While the private key is a secret number, known only to the person that generated it.
Elliptic-curve Digital Signature
facilitates file or directory encryption and decryption with the help of complex cryptographic algorithms.
Encrypted File System EFS
used to track the address of the current instruction running inside the application.
EIP Extended Instruction Pointer
refers to a type of software that organizations use to manage day-to-day business activities such as accounting, procurement, project management, risk management and compliance, and supply chain operations.
ERP Enterprise Resource Planning
you have more than one access point and they all are set to the same SSID and all are connected together in the same VLAN or distribution system so users can roam
Extended Service Set Identifier ESSID
a block cipher mode of operation that uses universal hashing Works with hmac and counter.
Galois counter mode
Open source that allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories
Successor of PGP
GNU Privacy Guard
tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links
generic routing encapsulation
cryptographic authentication technique that uses a hash function and a secret key. achieve authentication and verify that data is correct and authentic with shared secrets
Hash-based Message Authentication Code
verifying the integrity of operating systems and application software files to determine if tampering or fraud has occurred by comparing them to a trusted “baseline.
File Integrity Monitoring
network layer protocol used by network devices to diagnose network communication issue
Associated with the ping command
Internet Control Message Protocol ICMP
is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input
International Data Encryption Algorithm IDEA
wall-mounted rack for managing and interconnecting a telecommunications cable between end-user devices
Intermediate Distribution Frame IDF
nurtures, develops, and advances the building of global technologies. As a leading developer of industry standards in a broad range of technologies
Institute of Electrical and Electronics Engineers IEEE
a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).
Internet Key Exchange IKE
specific protocol through which individuals can hold real-time online conversations via PCs and other devices
Internet Relay Chat IRC
A document that regulates security-relevant aspects of an intended connection between an agency and an external system
Interconnection Security Agreement ISA
a new class of firewall that can be deployed rapidly with minimum disruption while keeping up the multi-gigabit speeds of internal networks. Instant visibility and protection can be applied to specific parts of the internal network.
Internal Segmentation Firewall
Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program
Information Systems Security Officer ISSO
a planned course of action designed to help an organization respond effectively to a significant future incident, event or situation that may or may not happen
IT Contingency Plan
symmetric encryption that allows the access of two or more systems in a network by generating a unique ticket type key for establishing a secure connection over which data is shared and transferred
Key Distribution Center
A key that encrypts other key (typically Traffic Encryption Keys or TEKs) for transmission or storage.
Key Encryption Key
is a computer network that connects computers within single large city, multiple cities and towns
Metropolitan Area Network
is the information in the first sector of a hard disk or a removable drive. It identifies how and where the system’s operating system
Master Boot Record
a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.
MD5
the primary hub or demarcation point that interconnects private or public IT and telecommunication lines coming into a building to an internal network via any number of intermediate distribution frame
Main Distribution Frame
designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control
Lightweight Extensible Authentication Protocol
a networking technology that routes traffic using the shortest path based on “labels,” rather than network addresses, to handle forwarding over private wide area networks
Multiprotocol Label Switching
thorough assessment of a measurement process, and typically includes a specially designed experiment that seeks to identify the components of variation in that measurement process
Measurement Systems Analysis
an identity checking protocol that periodically re-authenticates the user during an online session
Challenge Handshake Authentication Protocol
an identity checking protocol that periodically re-authenticates the user during an online session. challenge response packet is in a format designed specifically for Windows platforms. does not require the use of plaintext or reversibly encrypted passwords the way CHAP does and uses Md4 hash of the password to validate the response
MS Chap
a measurement in bytes of the largest data packets that an Internet-connected device can accept
Maximum transmission unit MTU
is the replacement of network appliance hardware with virtual network machines
Network Function Virtualization NFV
a suite of security protocols offered by Microsoft to authenticate users’ identity and protect the integrity and confidentiality of their activity.
New Technology LAN Manager NTLM
Name the seven layers of the OSI
Application
Presentation
Session
Transport
Network
Data link
Physical
router protocol used to find the best path for packets as they pass through a set of connected networks
Open Shortest Path First
An open format for describing vulnerabilities within a target system. It standardizes models for analyzing vulnerabilities and presenting basic information about the system being investigated. The report provides a comprehensive overview of the issue
Open Vulnerability and Assessment Language OVAL
a decentralized platform whereby two individuals systems interact directly with each other, without intermediation by a third party.
peer to peer P2P
an information security (infosec) mechanism that safeguards identities with special access or capabilities beyond regular users.
Privileged Access Management
account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.
Pluggable Authentication Modules
provides a simple method for the peer to establish its identity using a two-way handshake
password authentication protocol
extension of Network Address Translation (NAT) that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses.
translates the private unregistered IP addresses into public registered IP addresses
Port Address Translation
s simply any mechanism for taking a password (something a user remembers or stores in a password manager) and turning it into a symmetric key suitable for cryptographic operations
Password-based Key Derivation Function 2 PBKDF2
used to describe a business telephone system that offers multiple inbound and outbound lines, call routing, voicemail, and call management features
Private Branch Exchange PBX
is the standard file format for executables, object code and Dynamic Link Libraries (DLLs) used in 32- and 64-bit versions of Windows operating systems.
Portable Executable
legacy Open source a popular program used to encrypt and decrypt email over the internet, as well as authenticate messages with digital signatures and encrypted stored files.
pretty good privacy PGP
are a set of standard protocols, numbered from 1 to 15. These standards were developed to enable secure information exchange on the internet by using a public key infrastructure
Public Key Cryptography Standards
a TCP/IP protocol that is used to connect one computer system to another.
PPP Point to Point Protocol
protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network
point to point tunneling protocol
cameras are built with mechanical parts that allow them to swivel left to right, tilt up and down, and zoom in and out of a scene
pan tilt zoom
model is based on prototyping and iterative model with no (or less) specific planning. In general, approach to software development means putting lesser emphasis on planning tasks and more emphasis on development and coming up with a prototype.
rapid application development
one of the most commonly used stream ciphers. It encrypts messages one byte at a time via an algorithm
RC4
a fast cryptographic hash function that is tuned towards soft- ware implementations on 32-bit architectures
RIPEMD
defined as the maximum amount of data – as measured by time – that can be lost after a recovery from a disaster, failure, or comparable event before data loss will exceed what is acceptable to an organization
Recovery Point Objective
a public-key encryption algorithm that uses an asymmetric encryption algorithm to encrypt data
RSA
filtering is used to push the packet drops off the customer/POP routers and shift them to the edge of the network.
Remotely Triggered Black Hole
authentication is performed with a hash of a generated key that is unique to each authentication, rather than having the same Pairwise Master Key every time
Simultaneous Authentication of Equals SAE
is a multi-purpose framework of specifications that supports automated configuration, vulnerability and patch checking, technical control compliance activities, and security measurement.
Security Content Automation Protocol SCAP
an open source protocol that is widely used to make digital certificate issuance at large organizations easier, more secure, and scalable
Simple Certificate Enrollment Protocol
is a process of planning, creating, testing, and deploying information systems across hardware and software.
Software Development Life Cycle
A hashing algorithm shortens the input data into a smaller form that cannot be understood by using bitwise operations, modular additions, and compression functions
SHA
the monetary value expected from the occurrence of a risk on a single asset
single Loss Expectancy
network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network
uses port 445 and 139
Server Message Block
protocol used to send and receive email.
ues port 25
SMTP
a lightweight XML-based protocol that is used for the exchange of information in decentralized, distributed application environments
SOAP Simple Object Access Protocol
operations center is to monitor, prevent, detect, investigate, and respond to cyber threats around the clock
security operations center
is an email authentication method designed to detect forging sender addresses during the delivery of the email.
Sender Policy Framework
sitting between users and the Internet. gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible
Secure Web Gateway
connection-oriented protocol a bit slower
protocol that is used on top of IP to ensure reliable transmission of packets. includes mechanisms to solve many of the problems that arise from packet-based messaging, such as lost packets, out of order packets, duplicate packets, and corrupted packets.
Transport Control Protocol
connectionless protocol a bit faster
a communications protocol that is primarily used to establish low-latency and loss-tolerating connections between applications on the internet
User Datagram Protocol
a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process
Transaction Granting Ticket
the digital information used in cryptocurrency transactions to verify the identity of its participants
Transaction Signature
user behavior analytics , is the process of gathering insight into the network events that users generate every day
UEBA User and Entity behavior analytics
a subnet – a segmented piece of a larger network – design strategy where all subnet masks can have varying sizes.
Variable-length Subnet Masking
monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected.
Wireless Intrusion Detection System WIDS
compares the MAC addresses of all wireless access points on a network against the known signatures of pre-authorized, known wireless access points and alerts an administrator when a discrepancy is found.
Wireless Intrusion Prevention System WIPS
a data storage technology that allows data to be written to a storage medium a single time and prevents the data from being erased or modified
WORM Write Once Read Many
exchanging files between two TCP/IP machines but also doesn’t require authentication
Uses port 69
TFTP TRIVAL file transfer protocol
Process of PII in a dataset , to protected individual idenfitication. Can still be used and protected
Data Anonmization
Cloud vulnerability can allow an attacker to compromise containers of other teneants on the same host.
Shared Tenancy Vulnerability
Name the four coding stages in order
Development , test , stage and production
Name the four risk management strategies
Acceptance
Transferrance
Avoidance
Reduction
Name the 7 phases of cyber kill chain
Phase 1: Reconnaissance
Phase 2: Weaponization
Phase 3: Delivery
Phase 4: Exploitation
Phase 5: Installation
Phase 6: Command and Control
Phase 7: Actions on Objective
