Review Topics 2 Flashcards
a method employed by many computer anti-virus programs designed to detect previously unknown computer viruses and new variants of viruses already in the wild. This is behavior-based detection and prevention, so it should detect the issue and stop it from spreading throughout the network
Heuristic analysis
provides the validation of the user’s identity
Identify Provider (IdP)
an XML-based framework for exchanging security-related information such as user authentication, entitlement, and attributes
Security assertions markup language (SAML)
an attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated
cross-site request forgery (CSRF)
the process of harvesting an account’s cached credentials when the user logs in to a single sign-on (SSO) system
Pass the Hash (PtH)
information about a subject’s opinions, beliefs, and nature afforded specially protected status by privacy legislation
Sensitive Personal Information (SPI)
identifies the maximum amount of time it can take to restore a system after an outage
recovery time objective (RTO)
the amount of data loss that a system can sustain, measured in time
recovery point objective (RPO)
can create perfect copies or forensic images of computer data without making changes to the original evidence
FTK Imager
will allow an attacker to execute arbitrary JavaScript within the victim’s browser (such as creating pop-ups)
cross-site scripting (XSS) attack
a hardened server that provides access to other hosts
jumpbox
a method employed by many computer anti-virus programs designed to detect previously unknown computer viruses and new variants of viruses already in the wild. This is behavior-based detection and prevention, so it should detect the issue and stop it from spreading throughout the network
Heuristic analysis
