Security+ Flashcards
Another name for Symmetric algorithm
Private Key Algorithm
Another name for Asymmetric algorithm
Public Key algorithm
Advantage of asymmetric algorithm
Overcomes multiple key issue associated with symmetric algorithms
Hybrid encryption implementation
Use asymmetric encryption to establish connection, then exchange symmetric keys for continued communication
Advantage of symmetric algorithm
Faster
Stream cipher
Encrypt data one byte (or bit) at a time
Used for securing real-time data streams
Tend to be symmetric algorithms
Tend to be hardware encrypted
Block cipher
Breaks input into fixed lengths for encryption
Padding added if data is less than fixed length
Easier to implement than stream cipher
Tend to be software encrypted
DES algorithm
Data Encryption Standard
Symmetric algorithm
deprecated
3DES
Triple DES
Symmetric algorithm
3 symmetric keys - encrypt, decrypt, encrypt
IDEA
International Data Encryption Algorithm
Symmetric algorithm
AES
Advanced Encryption Standard
Symmetric algorithm
Current symmetric standard, most commonly used
Blowfish
Symmetric algorithm
Intended to replace DES
open source
Twofish
Symmetric algorithm
open source
RC4
Rivest Cipher 4
Symmetric stream cipher
Used in SSL and WEP
RC5
Rivest Cipher 5
Symmetric block cipher
RC6
Rivest Cipher 6
Symmetric block cipher
Introduced to replace DES; superceded by AES
Public key cryptography
Asymmetric algorithm
For confidentiality: Anyone can encrypt with public key, but only private key can decrypt
For non-reputiation: sender should sign messiage with private key, reader should read with public key
Digital Signature
Hash digest for message sent with sender’s private key
Diffle-Hellman (DH) algorithm
Asymmetric algorithm
Used to distribute keys of unsecure network
Often used for create VPN tunnels; part of IPSec
Rivest, Shamir and Adleman (RSA) Algorithm
Asymmetric algorithm
Relies on difficulty of factoring prime numbers
Elliptic Curve Cryptography (ECC)
Asymmetric algorithm
Heavily used on mobile devices
More efficient than RSA
Hashing
one way cryptographic function that outputs unique message digest
always the same length per the algorithm in use
Pass the Hash attack
login with stored hash rather than plaintext password
Rainbow table
Precomputed table for reversing cryptographic hash functions
Wildcard certificate
Allows all subdomains to use same public key and have it display as valid
Subject Alternate Name (SAN) Field
Certificate field that specifies what additional domains and IP addresses are going to be supported
Single-Sided Certificate
Only requires server to be validated
Dual-Sided Certificate
Requires both server and user to be validated
Self-signed certificate
certificate is signed by same party whose identity it certifies
Third-Party Certificate
Certificate issued and signed by a trusted certificate authority
Certificate Signing Request
Block of encoded text containing information about the entity requesting the certificate
OSCP
Online Certificate Status Protocol
Allows to determine the revocation status of any digital certificate using its serial number
OSCP Stapling
Allows the certificate holder to get OCSP record from the server at regular intervals
TPM
Trusted Platform Module
Dedicated microcontroller designed to secure hardware through integrated cryptographic keys
HSM
Hardware Security Module
Physical device that manages digital keys
Secure Enclave
Co-processor integrated into the main processor of some devices, designed with the sole purpose of ensuring data protection
Steganography
Hiding secret data in non-secret files or messages
Tokenization
substiture sensitive data elements with non-sensitive equivalents; can only be fixed by authorized systems
Data Owner
Senior executive responsible for maintaining the confidentiality, integrity and availability of the information asset.
Data Controller
Responsible for deciding purposed and methods of data storage, collection, usage and guaranteeing legality of processes
Data Processor
Hired by data controller to help with tasks like collecting, storing and analyzing data
Data Custodian
Responsible for management of system(s) on which data assets are stored
Data Steward
Focused on quality of data and associated metadata
Data Privacy Officer
Responsible for oversight of privacy-related data (PHI, SPI, PII)
BYOD
Bring your own device
COPE
Corporate-Owned, Personally Enabled
Time-of-use (TOU)
Race condition that occurs when a process performs an action on a resource without verifying that it is still in the same state or value as when it was last checked. It can lead to incorrect or unauthorized actions based on invalid assumptions.
Buffer Overflow
Type of memory corruption that occurs when a program writes more data than the allocated buffer can hold, causing it to overwrite adjacent memory locations. It can lead to crashes, code execution, or privilege escalation.
Memory injection
Insertion of malicious code into a system’s memory, not the exploitation of a time gap between a check and use of a condition.
Memory injection is a technique that involves injecting code into a running process to alter its behavior or gain access to its memory. It can be used for malicious or legitimate purposes on mobile devices, such as debugging or hooking.
Time-of-check (TOC)
Race condition that occurs when a process checks the state or value of a resource before using it, but another process changes it in between. It can lead to incorrect or unauthorized actions based on outdated information.
Remote Access Trojan (RAT)
Mimics legitimate remote control programs but operates covertly. It provides the threat actor unauthorized access to a host, enabling them to upload files, install software, or execute commands.
Worm
Malware that replicate themselves to spread to other computers.
Adware
Displays unwanted ads on a user’s device.
Rootkit
Provides unauthorized access to a computer, but it doesn’t specifically mimic legitimate remote control programs.
Vendor assessment
Involves evaluating the security measures and vulnerabilities of a vendor’s systems and infrastructure, but it does not specifically focus on ethical and legal requirements. It occurs after the vendor is chosen.
Pretexting
Type of human vector/social engineering attack that involves creating a fabricated scenario or pretext to justify the request for confidential information or action from the target.
Cloning
Duplication of items such as badges, access cards, or even digital identities. It’s about copying something authentic to gain unauthorized access.
Tailgating
Also known as “piggybacking,” is a method where unauthorized individuals follow authorized personnel into secure locations by exploiting their courtesy or distraction. It relies on physical access rather than fabricated stories.
Phishing
Attacker sends deceptive emails (or other forms of communication) to a broad audience, enticing recipients to click on malicious links, download malware, or provide sensitive information. The attacker’s goal is to trick recipients into believing the message is from a trusted source.
Vendor selection
Process of evaluating and choosing vendors based on various criteria, including their alignment with the organization’s ethical and legal requirements. It occurs before the partnership begins.
Vendor monitoring
Refers to continuously evaluating a vendor’s security performance and compliance with contractual requirements, but it does not directly relate to ethical and legal criteria. It occurs after the vendor is chosen.
Master Service Agreement (MSA)
Agreement precisely designed to establish the overall framework for a long-term business relationship between an organization and a vendor. It provides a foundation for future agreements and contracts by outlining general terms, conditions, and responsibilities. It generally is concluded after a vendor is chosen.
Downtime
Period when a system is unavailable or its performance is degraded, often due to planned maintenance or unforeseen incidents. In the scenario, the server’s unavailability during the upgrade process is a clear example of downtime.
Service Restart
Act of stopping and then starting a service, often to apply changes or updates. While this can lead to downtime, the scenario specifically mentioned a system upgrade, not just a service restart.
Maintenance Window
Predefined time frame during which system changes or updates are applied to minimize disruption to business operations. This indicates when changes may occur but does not specifically define the period of system unavailability.
Change Management
Formalized procedure to ensure changes are reviewed and approved before implementation. This is a process but does not specifically define the time a system is unavailable.
Sensitive Personal Data under GDPR
Sensitive personal data refers to specific categories of personal information that could harm an individual if made public. This includes, but is not limited to:
- religious beliefs
- political opinions
- trade union membership
- gender
- sexual orientation
- racial or ethnic origin
- genetic data
- health information
FIPS (Federal Information Processing Standards)
Standards that provide important guidelines and requirements for cryptography used to secure federal information systems, except those related to national security.
ISO/IEC 27001
Important standard for information security management systems. It does not set specific requirements for cryptographic modules within federal computer systems.
PCI DSS
Relates to the protection of cardholder data
Secure Enclave
Chip that is used only to secure encryption keys, hashes, and other important data. It is embedded in Apple and Android devices.
Trusted Platform Module (TPM)
Hardware-based storage system that contains keys, digital certificates, hashed passwords, and many other types of information used for authentication. It is embedded on device motherboards that use Windows operating systems.
Hardware Security Module (HSM)
Physical computing device that safeguards and manages digital keys for strong authentication. It can be a external device or on an expansion card, but it is not embedded on the motherboard.
Key Management System
Process used to ensure that keys are kept secure by establishing standards of security. It is a set of policy decisions, not a chip or device.
Side loading
Mobile device vulnerability that results from installing applications from sources other than the official app store, such as third-party websites, USB drives, or email attachments. It can expose the device to malware, spyware, or unauthorized access.
Jailbreaking
Creates a vulnerability on mobile device by bypassing the restrictions imposed by the manufacturer or provider of a device, such as an iPhone or iPad, to gain root access and install unauthorized applications or customizations. It can expose the device to malware, spyware, or unauthorized access.
Typosquatting
Human vector/social engineering attack that involves creating a fake website or domain name that resembles a legitimate one, but with slight spelling or punctuation differences.
Business email compromise
Human vector/social engineering attack that involves compromising or spoofing a legitimate business email account to request fraudulent payments or transfers from unsuspecting employees or customers.
Impersonation
Human vector/social engineering attack that involves pretending to be someone else, such as an authority figure or a trusted person, to persuade users to share confidential information or perform certain actions.
Statement of Work (SOW) or Work Order (WO)
Document used to specify the specific tasks, deliverables, and timelines for a particular project or service. It is not intended to establish an overall framework for a long-term relationship.
Service-level Agreement (SLA)
Outlines specific performance metrics, service levels, and responsibilities for ongoing services, rather than establishing an overall framework for a long-term relationship.
Memorandum of Understanding (MOU)
Non-binding document used to express mutual understanding and intentions between parties. It is not typically suitable for establishing a formal framework for a long-term business relationship.
Risk register
Comprehensive record that lists all identified risks, their potential impacts, assigned risk owners, and current risk status. It serves as a central repository for tracking and monitoring risks over time.
Risk assessment
Initial step in the risk management process, involving the identification, analysis, and evaluation of potential risks.
Business impact analysis
Assesses the potential consequences of specific risks on critical business functions, helping prioritize risk response efforts.
Risk reporting
The regular communication and documentation of identified risks, their potential impact, and risk management strategies to relevant stakeholders.
Cryptographic Downgrade Attack
Attacker forces network participants to resort to a weaker encryption standard, making it easier to compromise the data. It deliberately reduces the security of encrypted communications.
Cipher Block Chaining (CBC) Attack
Type of side-channel attack targeting implementations of block ciphers in CBC mode.
key exchange attack
Attacker aims to intercept or manipulate the key exchange process, potentially gaining access to the shared secret key.
Resource reuse
Type of vulnerability that involves accessing or modifying data or communications from other virtual machines by exploiting the shared CPU between them. It can allow an attacker to execute malicious code or commands on other virtual machines.
CPU starvation
Type of performance issue that occurs when a process or thread does not receive enough CPU time to perform its tasks. It can affect the responsiveness and functionality of the process or thread.
Probability (risk)
Expected frequency of occurrence of a specific risk within a given time frame.
Likelihood (risk)
Qualitative term used to express the chance of a risk occurring, typically described in terms of low, medium, or high.
Exposure Factor
The percentage of asset loss that would occur if a specific risk is realized. It is a quantitative risk analysis metric.
Annualized Rate of Occurrence (ARO)
Quantitative risk analysis metric that represents the expected number of times a specific risk occurs in a year.
Kerberos
Authentication protocol that uses tickets to prevent eavesdropping and replay attacks. It relies on a trusted third-party, the Key Distribution Center (KDC), to facilitate mutual authentication between clients and services.
LDAP
Protocol used to access and manage directory information over a network.
OAuth
Open standard for access delegation. It allows third-party services to use account information without exposing user passwords.
SAML
XML-based standard for exchanging authentication and authorization data between parties. It’s focused more on Single Sign-On (SSO) and doesn’t use the Kerberos ticketing mechanism.
Salting
Technique used in cryptography to add random data to the input of a hash function to increase security.
Key stretching
Method used that repeatedly hashing the password to make it more random and longer than it originally appeared. The key difference between key stretching and regular hashing or salting is the number of times the hashing is done.
Hashing
Process of converting an input of any length into a fixed size string of text, using a mathematical function. Hashing doesn’t add data to the input before completing the conversion.
Digital signature
Type of electronic signature that uses a specific type of encryption to ensure the authenticity and integrity of a digital message or document.
Infrastructure Monitoring
Focused on ensuring the foundational IT components, like servers, data centers, and networking equipment, are both functional and secure.
Systems monitoring
Evaluates the hardware, operating systems, and the essential services that applications run on but not the broader foundational structures of IT.
Applications monitoring
Pertains to overseeing individual software solutions and ensuring their security and performance.
Risk appetite
Refers to an organization’s willingness to take on risk in pursuit of its business objectives. It reflects the organization’s strategic approach to risk and how much risk it is willing to undertake to achieve specific goals.
Risk tolerance
Extent to which an organization is comfortable with the level of risk it is willing to take. It represents the organization’s ability to withstand potential losses or disruptions.
Risk acceptance means that an organization understands the level of risk that in involved in an activity and is willing to accept the outcomes of taking the risk. The risk is either accepted or not, there aren’t levels of risk acceptance.
Risk deterrence
Taking measures to reduce or mitigate the impact of an event.
MTTR
- mean time to repair
- refers to the measure of the time taken to repair a system or process after it experiences a failure or disruption.
- average time it takes to restore functionality
RTO
- recovery time objective
- measure of the maximum time it takes to recover a system or process after a disruption
- represents the time within which normal operations need to be restored
MTBF
- mean time between failures
- the measure of the average time between two consecutive failures of a system or component
- represents the average reliability or time between incidents.
RPO
- recovery point objective
- measure of the maximum amount of data loss an organization is willing to tolerate in the event of a disruption
- determines the point in time to which data must be restored after recovery.
Technical debt
- future cost of rectifying present-day shortcuts or less optimal solutions. It can arise when known inefficiencies aren’t addressed due to various constraints, like time.
Complexity
Primarily denotes the intricacy of a system or process.
Single point of failure
Refers to a vulnerable component whose failure can disrupt an entire system, not the consequence of avoiding known system inefficiencies.
Cost
Pertains to the financial considerations of a decision or action, not the implications of deferring system improvements.
Virtualization
Technology that allows creating multiple isolated environments on a single physical device. It can offer benefits such as resource optimization, isolation, flexibility, and security.
Industrial control systems (ICS)
Systems that are designed to monitor and control physical processes in industrial environments, such as power plants, factories, or water treatment facilities, not creating multiple isolated environments on a single physical device.
Containerization
Technology that allows running applications in isolated environments called containers, not creating multiple isolated environments on a single physical device.
Software-defined networking (SDN)
Network technology that involves dynamically configuring and managing network devices and services through software, not creating multiple isolated environments on a single physical device.
Capability
Pertains to a threat actor’s proficiency in devising new exploit techniques and tools. It can range from using commonly found attack tools to creating zero-day exploits in various systems. Those with the highest capabilities can even deploy non-cyber tools, such as political or military assets.
Sophistication
Relates to the level of intricacy and advancement of a threat actor’s methods and tools, but does not directly address their skill in crafting novel exploits.
SRTP
Secure Real-time Transport Protocol
- provides encryption, message authentication, and integrity for voice communications over IP
- designed to protect Real-time Transport Protocol (RTP) and RTP Control Protocol (RTCP) traffic.
ICMP
- Internet Control Message Protocol
- mainly used by operating systems of networked computers to send error messages
SAML
- Security Assertion Markup Language
- login federation protocol
- most effective approach for achieving a seamless user login experience for both internal employees and external partners
- allows for the secure exchange of authentication and authorization data between different organizations, enabling users to log in using their own organization’s credentials while accessing resources and applications from other federated organizations without the need for separate accounts
-simplifies identity management and enhances user experience while maintaining centralized control.
