Other Sec Plus Terms Flashcards
a type of computerized cryptography where block cipher algorithms are applied three times to each data block. Each block contains 64 bit of data
3DES
a symmetric block cipher algorithm with a block/chunk size of 128 bits
AES
which has a key length of 256 bits, supports the largest bit size and is practically unbreakable by brute force based on current computing power, making it the strongest encryption standard
AES256
enables the real-time exchange of machine-readable cyber threat indicators and defensive measures to help protect participants of the community and ultimately reduce the prevalence of cyberattacks
automated indicator sharing
is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory
Address space layout randomization ASLR
works as a secondary RAM, enable the system to remove infrequently accessed modified pages from physical memory to let the system use physical memory more efficiently for more frequently accessed pages
page file
enables web servers to dynamically generate webpages and create interactive web applications by using server-side scripting technology.
active server pages ASP
is a document that outlines how a business will continue operating during an unplanned disruption in service
business continuity planning BCP
global routing system of the internet. It manages how packets get routed from network to network through the exchange of routing and reachability information among edge routers
Border Gateway Protocol BGP
predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies
Business Impact Analysis BIA
s used in infrastructure mode to identify the media access control (MAC) address of the access point.
Basic Service Set Identifier BSSID
a report of measures taken to address root causes of non-conformances to prevent recurrence of issues
CAR Correction Action Report
Action taken to prevent the occurrence of such non-conformities, generally as a result of a report
Preventive Action Report
is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents
Computer Emergency Response Team
Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery resulting from computer security incidents.
Computer Incident Response Team
software suites that allow site administrators to easily manage the design, functionality, and operation of websites with minimal technical expertise
Content Management System
A type of checksum algorithm that is not a cryptographic hash but is used to implement data integrity service where accidental changes to data are expected
Cyclic Redundancy Check
is an executive responsible for the safety and security of company data, personnel, and assets.
chief security officer
is a hardware device that converts a digital data frame from the communications technology.
Channel Service Unit CSU
uses an arbitrary number (the counter) that changes with each block of text encrypted is encrypted with the cipher, and the result is XOR’d into ciphertext
counter mode
top executive that oversees the entire information technology department and is responsible for integrating business needs and requirements into IT planning and operations
Chief Technology Officer
approach generates a public and private key on both sides of the transaction, but only shares the public key
diffie hellman DHE
a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify
Domain Keys Identified Mail DKIM
helps mail administrators prevent hackers and other attackers from spoofing their organization and domain.
Domain-Based Message Authentication Reporting and Conformance DMARC
when a volume or character of plaintext is separated or divided into several blocks of data, each or every of which is then encrypted independently divides it of other blocks
electronic code book
a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel
Elliptic-curve Diffie–Hellman
a cryptographic algorithm used by Bitcoin to ensure that funds can only be spent by their rightful owners. While the private key is a secret number, known only to the person that generated it.
Elliptic-curve Digital Signature
facilitates file or directory encryption and decryption with the help of complex cryptographic algorithms.
Encrypted File System EFS
used to track the address of the current instruction running inside the application.
EIP Extended Instruction Pointer
refers to a type of software that organizations use to manage day-to-day business activities such as accounting, procurement, project management, risk management and compliance, and supply chain operations.
ERP Enterprise Resource Planning
you have more than one access point and they all are set to the same SSID and all are connected together in the same VLAN or distribution system so users can roam
Extended Service Set Identifier ESSID
a block cipher mode of operation that uses universal hashing Works with hmac and counter.
Galois counter mode
Open source that allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories
Successor of PGP
GNU Privacy Guard
tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links
generic routing encapsulation
cryptographic authentication technique that uses a hash function and a secret key. achieve authentication and verify that data is correct and authentic with shared secrets
Hash-based Message Authentication Code
verifying the integrity of operating systems and application software files to determine if tampering or fraud has occurred by comparing them to a trusted “baseline.
File Integrity Monitoring
network layer protocol used by network devices to diagnose network communication issue
Associated with the ping command
Internet Control Message Protocol ICMP
is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input
International Data Encryption Algorithm IDEA
wall-mounted rack for managing and interconnecting a telecommunications cable between end-user devices
Intermediate Distribution Frame IDF
nurtures, develops, and advances the building of global technologies. As a leading developer of industry standards in a broad range of technologies
Institute of Electrical and Electronics Engineers IEEE
a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).
Internet Key Exchange IKE
specific protocol through which individuals can hold real-time online conversations via PCs and other devices
Internet Relay Chat IRC
A document that regulates security-relevant aspects of an intended connection between an agency and an external system
Interconnection Security Agreement ISA