Security Operations Domain

Question 1

Acoustic Sensors

Answer 1

Device that uses passive listening devices

Question 2

Administrator accounts

Answer 2

Accounts that are assigned only to named individuals that require administrative access to the system to perform maintenance activities; and should be different and separate from a user’s normal account.

Question 3

Balanced Magnetic Switch (BMS)

Answer 3

Devices that use a magnetic field or mechanical contact to determine if an alarm signal is initiated

Question 4

Chain of custody

Answer 4

The who; what; when; where; and how the evidence was handled—from its identification through its entire life cycle; which ends with destruction; permanent archiving; or returning ot owner.

Question 5

Cipher Lock

Answer 5

A lock controlled by touch screen; typically 5 to 10 digits that when pushed in the right combination the lock will releases and allows entry

Question 6

Configuration management (CM)

Answer 6

A discipline for evaluating; coordinating; approving or disapproving; and implementing changes in artifacts that are used to construct and maintain software systems

Question 7

Data Leak Prevention (DLP)

Answer 7

A suite of technologies aimed at stemming the loss of sensitive information that occurs in the enterprise.

Question 8

Egress filtering

Answer 8

The practice of monitoring and potentially restricting the flow of information outbound from one network to another

Question 9

Infrared Linear Beam Sensors

Answer 9

A focused infrared (IR) light beam is projected from an emitter and bounced off of a reflector that is placed at the other side of the detection area

Question 10

Instant Keys

Answer 10

Provide a quick way to disable a key by permitting one turn of the master key to change a lock

Question 11

Intrusion Detection System (IDS)

Answer 11

A technology that alerts organizations to adverse or unwanted activity

Question 12

Indemnification

Answer 12

The party to party litigation costs resulting from its breach of warranties

Question 13

Intrusion Prevention System (IPS)

Answer 13

A technology that monitors activity like an IDS but will automatically take proactive preventative action if it detects unacceptable activity.

Question 14

Honeypot

Answer 14

Decoy servers or systems setup to gather information regarding an attacker or intruder into your system

Question 15

Honeyfarm

Answer 15

A centralized collection of honeypots and analysis tools

Question 16

Honeynet

Answer 16

Two or more honeypots on a network

Question 17

Live evidence

Answer 17

Data that are dynamic and exist in running processes or other volatile locations (e.g.; system/device RAM) that disappear in a relatively short time once the system is powered down

Question 18

Locard’s exchange principle

Answer 18

States that when a crime is committed; the perpetrators leave something behind and take something with them; hence the exchange

Question 19

Magnetic Stripe (mag stripe) cards

Answer 19

Consist of a magnetically sensitive strip fused onto the surface of a PVC material; like a credit card

Question 20

Mortise Lock

Answer 20

A lock or latch that is recessed into the edge of a door; rather than being mounted to its surface.

Question 21

Power users

Answer 21

Accounts granted greater privileges than normal user accounts when it is necessary for the user to have greater control over the system; but where administrative access is not required

Question 22

Protocol Anomaly-Based IDS

Answer 22

Identifies any unacceptable deviation from expected behavior based on known network protocols

Question 23

Proximity Card (prox cards)

Answer 23

Use embedded antenna wires connected to a chip within the card through RF.

Question 24

Records and Information Management (RIM)

Answer 24

Essential activities to protect business information and can be established in compliance with laws; regulations; or corporate governance

Question 25

Remanence

Answer 25

The measure of the existing magnetic field on the media after degaussing

Question 26

Rim Lock

Answer 26

A lock or latch typically mounted on the surface of a door; typically associated with a dead bolt type of lock

Question 27

Sandboxing

Answer 27

A form of software virtualization that lets programs and processes run in their own isolated virtual environment

Question 28

Security Informatn and Event Management (SIEM)

Answer 28

A group of technologies which aggregate information about access controls and selected system activity to store for analysis and correlation

Question 29

Service accounts

Answer 29

Accounts used to provide privileged access used by system services and core applications

Question 30

Smart Cards

Answer 30

Credential cards with one or more microchip processing that accepts or processes infomraiton and can be contact or contact less.

Question 31

Statistical Anomaly-based IDS

Answer 31

Analyzes event data by comparing it to typical; known; or predicted traffic profiles in an effort to find potential security breaches

Question 32

Steganography

Answer 32

The science of hiding information

Question 33

Traffic anomaly-based IDS

Answer 33

Identifies any unacceptable deviation from expected behavior based on actual traffic structure

Question 34

Time domain Reflectometry (TDR)

Answer 34

Send induced radio frequency (RF) signals down a cable that is attached to the fence fabric