Security+ Glossary Flashcards
layered security
An approach to operational security that incorporates many different avenues of defense
security auditing
The act of performing an organized technical assessment of the security strengths and weaknesses of a computer system to ensure that the system is in compliance
deep web
Those portions of the World Wide Web that are not indexed by standard search engines.
application whitelisting
The practice of allowing approved programs to run on a computer computer network or mobile device
stream cipher
A relatively fast type of encryption that encrypts data one bit at a time
protocol analyzer
This type of diagnostic software can examine and display data packets that are being transmitted over a network
aggregation switch
A network device that combines switches together in a network.
Enhances redundancy and increases bandwidth.
VM sprawl
One of 3 virtualization risks
Situation where the number of virtual machines exceeds the organization’s ability to control or manage all of those virtual machines
X.509
A standard for formatting digital certificates that defines the structure of a certificate with the information that was provided in a CSR
controls
Countermeasures that avoid mitigate or counteract security risks due to threats and attacks
packet analyzer
A device or program that monitors network communications on the network wire or across a wireless network and captures data
endpoint protection
Software that incorporates anti-malware scanners into a larger suite of security controls
DSU
Data Service Unit
Device used to establish connectivity between a LAN and a WAN.
static code analysis
The process of reviewing source code while it is in a static state i.e. it is not executing
incremental backup
A backup type in which all selected files that have changed since the last full or incremental backup (whichever was most recent) are backed up
access recertification
A security control where user access privileges are audited to ensure they are accurate and adhere to relevant standards and regulations.
rule-based access control
A non-discretionary access control technique that is based on a set of operational rules or restrictions
model verification
The process of evaluating how well a software project meets the specifications that were defined earlier in development
XTACACS
An extension to the original TACACS protocol
COBIT 5
A framework for IT management and governance created by ISACA
stress testing
A software testing method that evaluates how software performs under e.xtreme load
data retention
The process of maintaining the existence of and control over certain data in order to comply with business policies and/or applicable laws and regulations
whitelisting
The practice of allowing approved progran1s to run on a computer computer network or mobile device
prevention
The security approach of blocking unauthorized access or attacks before they occur
data at rest
Information that is primarily stored on specific media rather than moving from one medium to another
recovery agent
An individual with the necessary credentials to decrypt files that were encrypted by another user
spatial database
A collection of information that is optimized for data that represents objects contained in a geometric space
stateful firewall
A firewall that tracks the active state of a connection and can make decisions based on the contents of a network packet as it relates to the state of the connection
least privilege
The principle that establishes that users and software should have the minimal level of access that is necessary for them to perform the duties required of them
proxy
A device that acts on behalf of one end of a network connection when communicating with the other end of the connection
secure IMAP
A version of the Internet Message Access Protocol that uses SSL or TLS to provide secure communications between a mail client and the mail server
stateless firewalI
A firewall that does not track the active state of a connection as it reaches the firewall
anti-spam
A program that will detect specific words that are commonly used in spam messages
versioning
The practice of ensuring that the assets that make up a project are closely managed when it comes time to make changes
airgap
A physical security control that provides physical isolation.
Systems separated by an air gap typically don’t have physical connections to other systems.
networking enumerator
A device or program that can identify the logical topology of a network to reveal its connection pathways
VPN concentrator
A single device that incorporates advanced encryption and authentication methods in order to handle a large number of VPN tunnels
flood guard
A security control in network switches that protects hosts on the switch against SYN flood and ping flood DoS attacks.
OCSP stapling
A method of checking the status of digital certificates where a web server queries the OCSP server at specific .intervals and the OCSP server responds by providing a time stamped digital signature. The web server appends this signed response to the SSL/TLS handshake with the client so that the client can verify the certificate’s status
anti-malware software
A category of software programs that scan a computer or network for known viruses Trojans worms and other malicious software.
shimming
The process of developing and implementing additional code between an application and the operating system to enable functionality that would otherwise be unavailable
loss controls
Security measures implemented to prevent key assets from being damaged
scheduling
A method used by load balancers to determine which devices should have traffic muted to them
hardening
A security technique in which the default configuration of a system is altered to protect the system against attacks
data in use
Information that is currently being created deleted read from or written to
DevOps
A combination of software development and systems operations and refers to the practice of integrating one discipline with the other
intranet
A private network that is only accessible by the organization’s own personnel
business continuity
A collection of processes that enable an organization to maintain normal business operations in the face of some adverse event.
reverse engineering
The practice of deconstructing software into its base components so that its properties are easier to understand
router
A device that connects multiple networks that use the same protocol
continuous monitoring
The practice of Constantly scanning an environment for threats vulnerabilities and other areas of risk
anomaly-based monitoring
A network monitoring system that uses a baseline of acceptable outcomes or event patterns to identify events that fall outside the acceptable range.
supply chain
The end-to-end process of supplying manufacturing distributing and finally releasing goods and services to a customer
auditing
The portion of accounting that entails security professionals examining logs of what was recorded.
sanitization
A data disposal method that completely removes all data from a storage medium at the virtual level
data sovereignty
The sociopolitical outlook of a nation concerning computing technology and information
technical controls
Hardware or software installations that are implemented to monitor and prevent threats and attacks to computer systems and services
fault tolerance
The ability of a computing environment to withstand a foreseeable component failure and continue to provide an acceptable level of service
privilege management
The use of authentication and authorization mechanisms to provide an administrator with centralized or decentralized control of user and group role-based privilege management
honeynet
An entire dummy network used to lure attackers
device
A piece of hardware such as a. computer server printer or smartphone
resource exhaustion
A software vulnerability that can occur when software does not properly restrict access to requested or needed resources
application blacklisting
The practice of preventing undesirable programs from running on a computer computer network or mobile device
security framework
A conceptual structure for security operations within the organization
security assessment
The process of testing security controls through a comprehensive set of techniques aimed at exposing any weaknesses or gaps in your tools technologies services and operations
standard
A document that defines how to measure the level of adherence to a policy.
administrative controls
Define the human factor(s) of security.
They use methods mandated by organizational policies or other guidelines. This includes:
- Security education training and awareness programs
- Acceptable use policies
- Risk and vulnerability assessments
- Penetration testing
- Bring your own device (BYOD) policies
- Password management policies
- Incident response plans (which will leverage other types of controls)
- Personnel management controls (recruitment, account generation, etc.).
agile
A software development life cycle model that focuses on the collaborative interaction between customers, developers, and testers
Compare with waterfall.
honeypot
A security tool used to lure attackers away from the actual network components. Also called a decoy or sacrificial lamb
directory service
A network service that stores identity information about all the objects in a particular network inchiding users groups servers client computers and printers
differential backup
A backup type in which all selected files that have changed since the last full bach-up are backed up
malware sandboxing
The practice of isolating malware in a viitual environment where it can be safely analyzed without compromising production systems or the rest of the network
data security
The security controls and measures taken to keep an organization’s data safe and accessible and to prevent unauthorized access to it
first responder
The first experienced person or team to arrive at the scene of an incident
embedded system
A computer hardware and software system that has a specific function within a larger system
identity federation
The practice of linking a single identity across multiple disparate identity management systems
baseline report
A collection of security and configuration settings that are to be applied to a particular system or network in the organization.
Personal Identity Verification card
A smart card that meets the standards for FIPS 201 in that it is resistant to tampering and provides quick electronic authentication of the card’s owner
network segregation
The general practice of keeping networks separate from one another.
hotfix
A patch that is often issued on an emergency basis to address a specific security flaw
collision
The act of two different plain text inputs producing the same exact cipher-text output
affinity
A scheduling approach used with load balancers.
Uses client’s IP address to ensure the client is redirected to the same server during a session.
fuzzing
A dynamic code analysis technique that involves sending a running application random and unusual input so as to evaluate how the app responds
telephony
Technology that provides voice and video communications through devices over a distance
warm site
A location that is dormant or performs non critical functions under normal conditions but which can be rapidly converted to a key operations site if needed
SSL/TLS accelerator
A hardware interface that helps offload the resource-intensive encryption calculations in SSL/TLS to reduce overhead for a server
separation of duties
Security principle that prevents any signle person or entity from controlling all the functions of a critical or sensitive process.
Designed to prevent fraud, theft, and errors
keystroke authentication
A type of authentication that relies on detailed information that describes exactly when a keyboard key is pressed and released as someone types information into a computer or other electronic device
antispoofing
A technique for identifying and dropping packets that have a false source address.
In a spoofing attack, the source address of an incoming packet is changed to make it appear as if it is coming from a known, trusted source.
deciphering
The process of translating ciphertext to plaintext
network adapter
Hardware that translates the data between the network and a device
VM escape
One of 3 virtualization risks
An attack that allows attacker to access host system from within virtual system.
Attacker can run code on virtual system and interact with hypervisor
Successful attack can give attacker unlimited control over host system and each VM
Important to keep patch levels current on both physical and virtual servers
privilege bracketing
The task of granting privileges to a user only when needed and revoking them as soon as the task is done
snapshot
The state of a virtual machine at a specific point in time
captive portal
A web page that a client is automatically directed to when connecting to a network usually through public WI-FI.
network loop
The process of multiple connected switches bouncing traffic back and forth for an indefinite period of time
information security triad
The three basic principles of security control and management: confidentiality integrity and availability. Also known as the CIA triad, information security triad or triple triad
token
An authentication device or file. A hardware token is a physical device used in something you have a factor of authentication. A software token is a small file used by authentication services to indicate a user has logged on.
normalization
A software development technique that tries to repair invalid input to strip any special encoding and automatically convert the input to a specific format that the application can handle
immutable system
System that cannot be changed
Once it’s created and tested then deplyed into a production environment
Example: creation of a secure image of a server for specific purpose that is deployed as an immutable system to ensure it stays secure
message digest
The value that results from hashing encryption. Also known as hash value or message digest
anti-spyware
Software that is specifically designed to protect systems against spyware attacks
rooting
The process of enabling root privileges on an Android device
behavior-based monitoring
A network monitoring system that detects changes in normal operating data sequences and identifies abnormal sequences.
account policy
Document that specifies an organization’s requirements for managing accounts
firewall
A software or hardware device that protects a system or network by blocking unwanted network traffic
hot site
A fully configured alternate network that can be online quickly after a disaster
private root CA
A root CA that is created by a company for use primarily within the company itself
correction controls
A security mechanism that helps mitigate the consequences of a threat or attack from adversely affecting the computer system
recovery
The act of recovering vital data present in files or folders from a crashed system or data storage devices when data has been compromised or damaged
Wi-Fi Direct
Technology that enables two mobile devices to connect to each other without a wireless access point
security through obscurity
The practice of attempting to hide the existence of vulnerabilities from others
microcontroller
An embedded systems component that consolidates the functionality of a CPU memory module and peripherals. Also known as system on chip (SoC)
asset management
The process of taking inventory of and tracking all of an organization’s objects of value.
spam
An email-based threat that floods the user’s inbox with emails that typically carry unsolicited advertising material for products or other spurious content and which sometimes deliver viruses. It can also be utilized within social networking sites such as Facebook and Twitter
signature-based monitoring
A network monitoring system that uses a predefined set of rules provided by a software vendor or security personnel to identify events that are unacceptable
bridge
A device similar to a switch that has one port for incoming traffic and one port for outgoing traffic.
compliance
The practice of ensuring that the requirements of legislation regulations industry codes and standards and organizational standards are me
elasticity
The property by which a computing environment can instantly react to both increasing and decreasing demands in workload