Security Operations Flashcards
A computer responsible for hosting applications to user workstations. NIST SP 800-82 Rev.2
Application Server
An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext.
Asymmetric Encryption
A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.
Checksum
The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. In other words, it has been turned into a secret.
Ciphertext
identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an unauthorized person, process or organization.
Classification
A process and discipline used to ensure that the only changes made to a system are those that have been authorized and validated.
Configuration management
One who performs the study of mathematical techniques for attempting to defeat cryptographic techniques and/or information systems security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the algorithm itself.
Cryptanalyst
The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning.
Cryptography
System capabilities designed to detect and prevent the unauthorized use and transmission of information.
Data Loss Prevention (DLP)
The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key (which is the same for symmetric encryption, but different for asymmetric encryption). This term is also used interchangeably with the “deciphering.”
Decryption
A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data.
Degaussing
The result of a cryptographic transformation of data which, when properly implemented, provides the services of origin authentication, data integrity, and signer non-repudiation. NIST SP 800-12 Rev. 1
Egress Monitoring - Monitoring of outgoing network traffic.
Digital Signature
Monitoring of outgoing network traffic.
Egress Monitoring
The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.
Encryption
The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability.
Encryption System
A reference to the process of applying secure configurations (to reduce the attack surface) and locking down various hardware, communications systems, and software, including operating system, web server, application server, application, etc.
Hardening
An algorithm that computes a numerical value (called the hash value) on a data file or electronic message that is used to represent that file or message and depends on the entire contents of the file or message.
Hash Function
The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data. Source CNSSI 4009-2015
Hashing
Monitoring of incoming network traffic.
Ingress Monitoring
A digital signature that uniquely identifies data and has the property such that changing a single bit in the data will cause a completely different message digest to be generated. NISTIR-8011 Vol.3
Message Digest
The software “master control application” that runs the computer. It is the first program loaded when the computer is turned on, and its main component, the kernel, resides in memory at all times.
Operating System
A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component. Source: ISO/IEC 19770-2
Patch
The systematic notification, identification, deployment, installation and verification of operating system and application software code revisions. These revisions are known as patches, hot fixes, and service packs. Source: CNSSI 4009
Patch Management
A message or data in its natural format and in readable form; extremely vulnerable from a confidentiality perspective.
Plaintext
