Security Operations Domain Flashcards
Identifies any unacceptable deviation from expected behavior based on actual traffic structure
Traffic anomaly-based IDS
The science of hiding information
Steganography
Analyzes event data by comparing it to typical, known, or predicted traffic profiles in an effort to find potential security breaches
Statistical Anomaly-based IDS
Credential cards with one or more microchip processing that accepts or processes information and can be contact or contact less
Smart Cards
Accounts used to provide privileged access used by system services and core applications
Service accounts
A group of technologies which aggregate information about access controls and selected system activity to store for analysis and correlation
Security Information and Event Management (SIEM)
A form of software virtualization that lets programs and processes run in their own isolated virtual environment
Sandboxing
A lock or latch typically mounted on the surface of a door, typically associated with a dead bolt type of lock
Rim Lock
The measure of the existing magnetic field on the media after degaussing
Remanence
Essential activities to protect business information and can be established in compliance with laws, regulations or corporate governance
Records and Information Management (RIM)
Use embedded antenna wires connected to a chip within the card through RF
Proximity Card (Prox Card)
Identifies any unacceptable deviation from expected behavior based on known network protocols
Protocol Anomaly-Based IDS
Accounts granted greater privileges than normal user accounts when it is necessary for the user to have greater control over the system, but where administrative access is not required
Power Users
Consist of a magnetically sensitive strip fused onto the surface of a PVC material, like a credit card
Magnetic Stripe (mag stripe) cards
Data that are dynamic and exist in running processes or other volatile locations (e.g, system/device RAM) that disappear in a relatively short time once the system is powered down
Live evidence
Two or more honeypots on a network
Honeynet
A centralized collection of honeypots and analysis tools
Honeyfarm
Decoy servers or systems setup to gather information regarding an attacker or intruder into your system
Honeypot
A technology that monitors activity like an IDS but will automatically take proactive preventative action if it detects unacceptable activity
Intrusion Prevention System (IPS)
A technology that alerts organizations to adverse or unwanted activity
Intrusion Detection System (IDS)
A focused infrared (IR) light beam is projected from an emitter and bounced off of a reflector that is placed at the other side of the detection area
Infrared Linear Beam Sensors
The practice of monitoring and potentially restricting the flow of information outbound from one network to another
Egress filtering
A suite of technologies aimed at stemming the loss of sensitive information that occurs in the enterprise
Data Leak Prevention (DLP)
A discipline for evaluating, coordinating, approving or disapproving, and implementing changes in artifacts that are used to construct and maintain software systems
Configuration Management (CM)
