Security + Terminology Flashcards by Gina Locastro

Ensures that resources are only granted to those users who are entitled to them

Access Control

How well did you know this?

Not at all

Perfectly

A mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted to access the resource

Access Control List (ACL)

How well did you know this?

Not at all

Perfectly

A security service that provides protection of a system resource against unauthorized access. The two basic mechanisms for implementing this service are ACLs and tickets

Access Control Service

How well did you know this?

Not at all

Perfectly

Management is the maintenance of access information which consists of four: account, administration, maintenance, monitoring, and revocation

Access Management Access

How well did you know this?

Not at all

Perfectly

Is the process of collecting all the legitimate account names on a system

Account Harvesting

How well did you know this?

Not at all

Perfectly

Is that practice of sending an ACK inside another packet going to the same destination

ACK Piggybacking

How well did you know this?

Not at all

Perfectly

Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user’s workstation. Ex. Java, ActiveX

Active Content

How well did you know this?

Not at all

Perfectly

A standard being developed by NIST. Intended to specify an unclassified, publicly-disclosed, symmetric encryption algorithm

Advanced Encryption Standard (AES)

How well did you know this?

Not at all

Perfectly

A finite step-by-step instructions for a problem-solving or computation procedure, especially on that can be implemented by a computer

Algorithm

How well did you know this?

Not at all

Perfectly

A pioneer packet-switched network that was built in the early 1970’s under contract to the US government

APRANET - Advanced Research Projects Agency Network

How well did you know this?

Not at all

Perfectly

Is the process of confirming the correctness of the claimed identity

Authentication

How well did you know this?

Not at all

Perfectly

Commonly used to mean the capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second

Bandwidth

How well did you know this?

Not at all

Perfectly

Is the simplest web-based authentication scheme that works by sending the username and password with each request

Basic Authentication

How well did you know this?

Not at all

Perfectly

Use physical characteristics of the users to determine access

Biometrics

How well did you know this?

Not at all

Perfectly

The smallest unit of information stronger; a contraction of the term “binary digit’ on of the two symbols

Bit

How well did you know this?

Not at all

Perfectly

Encrypts one block of data at a time

Block Cipher

How well did you know this?

Not at all

Perfectly

The people who perform defensive cybersecurity tasks, including placing and configuring firewalls, implementing patching programs, enforcing strong authentication, ensuring physical security measures are adequate and a long list of similar undertakings

Blue Team

How well did you know this?

Not at all

Perfectly

Is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack

Botnet

How well did you know this?

Not at all

Perfectly

A cryptanalysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, one-by-one

Brute Force

How well did you know this?

Not at all

Perfectly

Occurs when a program tries to store more data in a buffer than it was intended to hold

Buffer Overflow

How well did you know this?

Not at all

Perfectly

A fundamental unit of computer storage; the smallest addressable unit in a computer’s architecture. Usually holds one character of information and usually means eight bits

Byte

How well did you know this?

Not at all

Perfectly

A special high-speed storage mechanism. It can be either a reserved section of main memory or an independent high-speed storage device

Cache

How well did you know this?

Not at all

Perfectly

Is a unit of data transmitted over an ATM network

Cell

How well did you know this?

Not at all

Perfectly

Is the use of SSL and certificates to authenticate and encrypt HTTP traffic

Certificate-Based Authentication

How well did you know this?

Not at all

Perfectly

Uses a challenge/response authentication mechanism where the response varies every challenge to prevent replay attacks

Challenge-Handshake Authentication Protocol (CHAP)

A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data

Checksum

A cryptographic algorithm for encryption and decryption

Cipher

Is the encrypted form of the message being sent

Ciphertext

A system entity that requests and uses a service provided by another system entity, called a "server." In some cases, the server may itself be a client of some other server

Client

Utilization of remote servers in the data-center of cloud provider to store, manage, and process your data instead of using local computer systems

Cloud Computing

Contains fully redundant hardware and software, with telecommunications, telephone and utility connectivity

Hot Site

It contains partially redundant hardware and software, with telecommunications and telephone but not all primary site operations

Warm

Hardware is ordered, shipped and installed, and software is loaded

Cold Site

Occurs when multiple systems transmit simultaneously on the same wire

Collision

A collection of host computers together with the sub-network or inter-network through which they can exchange data

Computer Network

Is the need to ensure that information is disclosed only to those who are authorized to view it

Confidentiality

Is the ability to get a more complete picture of the information by analyzing several different types of records at once

Data Aggregation

Is the entity currently using or manipulating the data, and therefore temporarily taking responsibility for the data

Data Custodian

A widely-used method of data encryption using a private key

Data Encryption Standard (DES)

Is the process of stripping off one layer's headers and passing the rest of the packet up to the next higher layer on the protocol stack

Decapsulation

The prevention of authorized access to a system resource or the delaying of system operations and functions

Denial of Service

A key agreement algorithm published in 1976, does key establishment, not encryption

Diffie-Hellman

Is an electronic "credit card" that establishes your credentials when doing business or other transactions on the web

Digital Certificate

Is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission

Digital Signature

An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers

Digital Signature Algorithm (DSA)

Is the process of recovery of IT systems in the event of a disruption or disaster

Disaster Recovery Plan (DRP)

A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, etc.

Domain

Is an attack by which an attacker takes over a domain by first blocking access to a domain's DNS server and then putting his own server up in its place

Domain Hijacking

Is the way that Internet domain names are located and translated into Internet Protocol addresses

Domain Name System (DNS)

Listening to a private conversation which may reveal information which can provide access to a facility or network

Eavesdropping

Is the response a machine that has received an echo request sends over ICMP

Echo Replay

The inclusion of one data structure within another structure so that the first data structure is hidden for the time being

Encapsulation

Cryptographic transformation of data (plaintext) into a form (cipher text) that conceals the data's original meaning to prevent it from being known or used

Encryption

The most widely-installed LAN technology. Specified in a standard, IEEE 802.3

Ethernet

A framework that supports multiple, optional authentication mechanisms for PPP, including clear text passwords, challenge-response, and arbitrary dialog sequences

Extensible Authentication Protocol (EAP)

A protocol which distributes routing information to the routers which connect autonomous systems

Exterior Gateway Protocol (EGP)

A TCP/IP protocol specifying the transfer of text or binary files across the network

File Transfer Protocol (FTP)

A logical or physical discontinuity in a network to prevent unauthorized access to data or resources

Firewall

Set in the Active Directory domains that replicate their databases with each other

Forest

The process of storing a data file in several "chunks" or fragments rather than in a single contiguous sequence of bits in one place on the storage medium

Fragmentation

The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also "regression testing"

Fuzzing

A network point that acts as an entrance to another network

Gateway

Is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed

GNU

The process of identifying and fixing vulnerabilities on a system

Hardening

Are used to generate a one way "check sum" for a larger text, which is not trivially reversed

Hash Functions

Is the extra information in a packet that is needed for the protocol stack to process the packet

Header

A form of active wiretapping in which the attacker seizes control of a previously established communication association

Hijack Attack

Programs that simulate one or more network services that you designate on your computers ports

Honey Pot

Any computer that has full two-way access to other computers on the Internet. Or a computer with a web server that serves the pages for one or more web sites

Host

Systems use information from the operating system audit records to watch all operations occurring on the host that intrusion detection software has been installed upon

Host-Based Intrusion Detection

Is a server that acts as a middleman in the communication between HTTP clients and servers

HTTP Proxy

When used in the first part of a URL. This term specifies the use of HTTP enhanced by security mechanism, which is usually SSL

HTTPS

Is a network device that operates by repeating data that it receives on one port to all other ports. As a result, data transmitted by one host is retransmitted to all other hosts on the hub

Hub

Builds on the dictionary attack method by adding numerals and symbols to dictionary words

Hybrid Attach

An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption

Hybrid Encryption

In hypertext or hypermedia, an information object that points to related information that is located elsewhere and can be retrieved by activating a link

Hyperlink

The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page

Hypertext Markup Language (HTML)

The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet

Hypertext Transfer Protocol (HTTP)

As an adverse network event in an information system or network or the threat of the occurrence of such an event

Incident

Rely on the user to make logical connections between seemingly unrelated pieces of information

Inference Attack

Is the competition between offensive and defensive players over information resources

Information Warfare

Are where an attacker intentionally send unusual input in the hopes of confusing an application

Input Validation Attacks

Is the need to ensure that information has not been changed accidentally or deliberately, and that it is accurate and complete

Integrity

An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the stat of the IP network

Internet Control Message Protocol (ICMP)

A protocol that defines how a client should fetch mail from and return mail to a mail server.

Internet Message Access Protocol (IMAP)

The method or protocol by which data is sent from one computer to another on the Internet

Internet Protocol (IP)

A developing standard for security at the network or packet processing layer of network communication

Internet Protocol Security (IPsec)

A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders

Intranet

A security management system for computers and networks. Gathers and analyzes information from various areas within a computer or a network identify possible security breaches, which include intrusions and misuse

Intrusion Detection

A computers inter-network address that is assigned for use by the Internet Protocol and other protocols.

IP Address

A denial of service attack that sends a host more echo request ("ping") packets than the protocol implementation can handle

IP Flood

Is an Operating System option that allows a host to act as a router. A system that has more than 1 network interface

IP Forwarding

A voluntary, non-treaty, non-government organization, established in 1947, with voting members that are designated standards bodies of participating nations and non-voting observer organizations

ISO - International Organization for Standardization

A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, peer entity authentication service and access control service distributed in a client-server network environment

Kerberos

The essential center of a computer operating system, the core that provides basic services for all other parts of the operating system.

Kernel

An Internet Protocol (originally developed by Cisco) that uses tunneling of PPP over IP to create a virtual extension of a dial-up link across a network

Layer 2 Forwarding Protocol (L2F)

An extension of the Point-to-Point Tunneling Protocol used by an Internet service provider to enable the operation of a virtual private network over the Internet

Layer 2 Tunneling Protocol (L2TP)

Is the principle of allowing users or applications the least amount of permissions necessary to perform their intended functions

Least Privilege

A software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate Intranet

Lightweight Directory Access Protocol (LDAP)

Associates a list of users and their privileges with each other

List Based Access Control

Allow for the adding of additional functionality directly into the kernel while the system is running

Loadable Kernel Modules (LKM)

Are programs or snippets of code that execute when a certain predefined event occurs. May also be set to go off on a certain date or when a specified set of circumstances occur

Logic Bombs

Is an elementary building block of a digital circuit. Have two inputs and one output.

Logic Gate

A physical address; a numeric value that uniquely identifies that network device from every other device on the planet

MAC Address

Software that appears to perform a useful or desirable function; but actually gains authorized access to system resources or tricks a user into executing other malicious logic

Malicious Code

A generic term for a number of different type of malicious code

Malware

Is where the system controls access to resources based on classification levels assigned to both the objects and the users

Mandatory Access Control (MAC)

Type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other

Man-in-the-Middle Attack (MitM)

A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November 1988, causing problems for thousands of hosts

Morris Worm

Broadcasting from one host to a given set of hosts

Multi-Cast

To combine multiple signals from possibly disparate sources, in order to transmit them over a single path

Multiplexing

It is used to share one or a small number of publicly routable IP addresses among larger number of hosts

NAT - Network Address Translation

A unit of the US Commerce Department. Formerly known as the National Bureau of Standards

National Institute of Standards and Technology (NIST)

Any act of God that disables a system component

Natural Disaster

Translation of an Internet Protocol address used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside

Network Address Translation

To compile and electronic inventory of the systems and the services on your network

Network Mapping

Are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices

Network Taps

Monitors the traffic on its network segment as a data source. Generally accomplished by placing the network interface card in promiscuous mode to capture all network traffic that crosses its network segment

Network-Based IDS

Is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified

Non-Repudiation

A sequence of eight bits. Is an eight-bit byte

Octet

Irreversible transformation of plaintext to cipher text, such that the plaintext cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known

One-Way Encryption

A (mathematical) function, f, which is easy to compute the output based on a given input. However given only the output values it is impossible (except for a brute force attack) to figure out what the input value is

One-Way Function

Is a standard description or "reference model" for how messages should be transmitted between any two points in a telecommunication network

OSI - Open Systems Interconnection

Is that the process of communication between two end points in a telecommunication network can be divided into layers

OSI Layers

Hindrance of system operation by placing excess burden on the performance capabilities of a system component

Overload

A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data

Packet

Is where individual packets each follow their own paths through the network from one endpoint to another

Packet Switched Network

Is a simple, weak authentication mechanism where a user enters the password and it is then sent across the network, usually in the clear

Password Authentication Protocol (PAP)

Is the process of attempting to guess passwords, given the password file information

Password Cracking

Passive wiretapping, usually on a local area network, to gain knowledge of passwords

Password Sniffing

Is a small update released by a software manufacturer to fix bugs in existing programs

Patch

Is the process of updating software to a different version

Patching

Is the actual application data a packet contains

Payload

Gaining unauthorized logical access to sensitive data by circumventing a system's protections

Penetration

Is used to test the external perimeter security of a network or facility

Penetration Testing

Keeps the same letters but changes the position within a text to scramble the message

Permutation

Are those firewalls that are installed and run individual's PCs

Personal Firewalls

More sophisticated form of MITM attack. User's session is redirected to a masquerading website. This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading websites

Pharming

The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website

Phishing

An attack that send an improperly large ICMP echo request packet with the intent of overflowing the input buffers of the destination machine and causing it to crash

Ping of Death

Looks for machines that are responding to ICMP Echo Requests

Ping Scan

An attack that send ICMP echo requests to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities

Ping Sweep

Ordinary readable text before being encrypted into ciphertext or after being decrypted

Plaintext

A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server

Point-to-Point Protocol (PPP)

A protocol that allows corporations to extend their own corporate network through private "tunnels" over the public Internet

Point-to-Point Tunneling Protocol (PPTP)

Is nothing more than a integer that uniquely identifies an endpoint of a communication stream. Only one process per machine can listen on the same port number

Port

Is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well known" port number, the computer provides

Port Scan

Is the holding, control and ability to use information

Possession

An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client

Post Office Protocol, Version 3 (POP3)

Trademark of Network Associates, Inc. referring to a computer program that uses cryptography to provide data security for electronic mail and other applications on the Internet

Pretty Good Privacy (PGP)TM

Is a piece of malware that attaches itself to existing program files

Program Policy

Is that information unique to a company and its ability to compete, such as customer lists, technical data, product costs, and trade secrets

Proprietary Information

A formal specification for communicating; an IP address the special set of rules that end points in a telecommunications connection use when they communicate. Protocols exist at several levels in a telecommunication connection

Protocol

A set of network protocol layers that work together

Protocol Stacks (OSI)

A server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service.

Proxy Server

The publicly-disclosed component of a pair of cryptographic keys used for asymmetric cryptography

Public Key

A synonym for "asymmetric cryptography"

Public Key Encryption

Enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key paid that is obtained and shared through a trusted authority

Public Key Infrastructure (PKI)

For a key agreement protocol based on asymmetric cryptography, the property that ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the private keys is compromised in the future

Public-Key Forward Secrecy (PFS)

Is the process of receiving images, data, or audio from an unprotected source by listening to radiation signals

Radiation Monitoring

A type of malware that is a form of extortion. It works by encrypting a victim's hard drive denying them access to key files

Ransomware

Is the phrase of an attack where an attacker finds new systems, maps out networks, and probes for specific, exploitable vulnerabilities

Reconnaissance

For Cisco routers are a step towards making the router act like a stateful firewall. The router will make filtering decisions based on whether connections are a part of established traffic or not

Reflective ACLs (Cisco)

A series of notes about the internet, started in 1969 (when the Internet was the ARPANET) An Internet Document can be submitted to the IETF by anyone, but the IETF decides if the document becomes an RFC. Eventually, if it gains enough interest, it may evolve into an Internet standard

Request for Comment (RFC)

In Windows Operating systems in the central set of settings and information required to run the Windows Computer

Registry

Is information sent that is responding to some slimulus

Response

Is a protocol by which a physical machine in a local area network can request to learn its IP address from a gateway server's Address Resolution Protocol

Reverse Address Resolution Protocol (RARP)

Attacks involve tying up finite resources on a system, making them unavailable to others

Resource Exhaustion

Acquiring sensitive data by disassembling and analyzing the design of a system component

Reverse Engineering

Find out the hostname that corresponds to a particular IP address. Uses an IP address to find a domain name

Reverse Lookup

Take public HTTP requests and pass them to back-end webservers to send the content to it, so the proxy can then send the content to the end-user

Reverse Proxy

Is the product of the level of threat with the level of vulnerability. It establishes the likelihood of a successful attack

Risk Assessment

Avoiding risk even if this leads to the loss of opportunity. For example, using a (more expensive) phone call vs. sending an e-mail in order to avoid risks associated with e-mail may be considered

Risk Averse

An algorithm for asymmetric cryptography, invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman

Rivest-Shamir-Adleman (RSA)

Assigns users to role based on their organizational functions and determines authorization based on those roles

Role Based Access Control

Is the name of the administrator account in Linux systems

Root

A collection of tools (programs) that a hacker uses to mask intrusion and obtain administrator-level access to a computer or computer network

Rootkit

Is a distance vector protocol used for interior gateway routing which uses hop count as the sole metric of a path's cost

Routing Information Protocol (RIP)

Is where two or more poorly configured routers repeatedly exchange the same packet over and over

Routing Loop

Determine which RPC services are running on a machine

RPC Scans

Targets actions based on rules for entities operating on objects

Rule Set Based Access Control (RSBAC)

A security mechanism that uses a cryptographic hash function to generate a sequence of 64-bit, one-time passwords for remote user login. The client generates a one-time password by applying the MD4 cryptographic has function multiple times to the user's secret key

S/Key

Is the need to ensure that the people involved with the company, including employees, customers, and visitors, are protected from harm

Safety

Searching through data residue in a system to gain unauthorized knowledge of sensitive data

Scavenging

Is a protocol developed for credit card transactions in which all parties (customers, merchants, and bank) are authenticated using digital signatures, encryption protects the message and provides integrity, and provides end-to-end security for credit card transactions online

Secure Electronic Transactions (SET)

A program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another

Secure Shell (SSH)

A protocol developed by Netscape for transmitting private documents via the Internet. Works by using a public key to encrypt data that's transferred over the connection

Secure Sockets Layer (SSL)

A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources

Security Policy

Is another name for TCP packets

Segment

Is the principle of splitting privileges among multiple individuals or systems

Separation of Duties

As defined by the federal government, is an unclassified information that, if compromised could adversely affect the national interest or conduct of federal initiatives

Sensitive Information

A system entity that provides a service in response to requests from other system entities called clients

Server

Is a virtual connection between two hosts by which network traffic is passed

Session

Take over a session that someone else has established

Session Hijacking

In the context of symmetric encryption, a key that is temporary or is used for a relatively short period of time.

Session Key

A one way cryptographic has function. Also see "MD5"

SHA1

A system file in which encryption user password are stored so that they aren't available to people who try to break into the system

Shadow Password Files

Is a resource made public on a machine, such as a directory (file share) or printer (printer share)

A Unix term for the interactive user with an operating system.

Shell

Gaining indirect knowledge of communicated data by monitoring and analyzing a signal that is emitted by a system and that contains the data but is not intended to communicate the data

Signals Analysis

Is a distinct pattern in network traffic that can be identified to a specific tool or exploit

Signature

A user cannot write data to higher integrity level than their own

Simple Integrity Property

The protocol governing network management and the monitoring of network devices and their functions. A set of protocols for managing complex networks

Simple Network Management Protocol (SNMP)

A user cannot read data of a higher classification than their own

Simple Security Property

Is an electronic badge that includes a magnetic strip or chip that can record and replay a set key

Smartcard

Is a combination of the terms "SMS" and "phishing"

Smishing

Works by spoofing the target address and sending a ping to the broadcast address for a remote network, which results in a large amount of ping replies being sent to the target

Smurf

Is a tool that monitors network traffic as it received in a network interface

A synonym for "passive wiretapping"

A euphemism for non-technical or low-technology means - such as lies, impersonation, tricks, bribes, blackmail, and threats - used to attack information systems

Social Engineering

Tells a host's IP stack where to plug in a data stream so that it connects to the right application

Socket

A way to uniquely specify a connection, i.e. source IP address, source port, destination IP address, destination port

Socket Pair

A protocol that a proxy server can use to accept requests from client users in a companies network so that it can forward them across the internet

SOCKS

Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution

Source Port

Electronic junk mail or junk newsgroup postings

Spam

Configures the switch to behave like a hub for a specific port

Spanning Port

Is a algorithm for avoiding problems caused by routes in updates sent to the gateway from which they were learned

Split Horizon

A cryptographic key that is divided into two or more separate data items that individually convey no knowledge of the whole key that results from combining the items

Split Key

Attempt by an unauthorized entity to gain access to a system by posing as an authorized user

Spoof

Is a type of input validation attack specific to database-driven applications where SQL code is inserted into application queries to manipulate the database

SQL Injection

Is the technique of using a buffer overflow to trick a computer into executing arbitrary code

Stack Mashing

Routers make packet filtering decisions based on Source IP address only

Standard ACLs (Cisco)

A user cannot write data to a lower classification level without logging in at that lower classification level

Star Property

A system that moves through a series of progressive conditions

State Machine

Also referred to as dynamic packet filtering. Is a firewall architecture that works at the network layer

Stateful Inspection

Are text files that contain hostname and address mapping

Static Host Tables

Means that routing table entries contain information that does not change

Static Routing

Is a term that refers to approaches used by malicious code to conceal its presence on the infected system

Stealthing

Is the process of detecting and defeating the use of steganography

Steganalysis

Methods of hiding the existence of a message or other data

Steganography

Is network traffic that initiates a connection or solicits a response

Stimulus

Is a method of switching where the entire packet is read by a switch to determine if it is intact before forwarding it

Store-and-Forward

Is where the pins on one side of the connector are wired to the same pins on the other end.

Straight-Through Cable

Works by encryption a message a single bit, byte, or computer word at a time

Stream Cipher

A user cannot write data to higher or lower classification levels than their own

Strong Star Property

A separately identifiable part of a larger network that typically represents a certain limited number of host computers, the hosts in a building or geographic area, or the hosts on an individual local are network

Sub Network

Used to determine the number of bits used for the subnet and host portions of the address

Subnet Mask

Is a networking device that keeps track of MAC addresses attached to each of its ports so that data is only transmitted on the ports that are intended recipient of the data

Switch

A communications network, such as the public switched telephone network, in which any user may be connected to any other user through the use of message, circuit, or packet

Switched Network

Special files which point at another file

Symbolic Links

A branch of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption)

Symmetric Cryptography

A cryptographic key that is used in a symmetric cryptographic algorithm

Symmetric Key

A denial of service attack that sends a host name more TCP SYN packets than protocol implementation can handle

SYN Flood

Is the signal made up of a distinctive pattern of bits that network hardware looks for to signal that start of a frame

Synchronization

Is the system logging facility for Unix systems

Syslog

A person responsible for enforcement or administration of the security policy that applies to the system

System Security Officer (SSO)

Is a policy written for a specific system or device

System-Specific Policy

A digital circuit using TDM (Time-Division Multiplexing)

T1, T3

To deliberately alter a system's logic, data or control information to cause the system to perform unauthorized functions or services

Tamper

Is the user of odd packet header combinations to determine a remote operating system

TCP Fingerprinting

Check each port by performing a full three-way handshake on each port to determine if it was open

TCP Full Open Scan

Work by performing the first half of a three-way handshake to determine if a port is open

TCP Half Open Scan

A software package which can be used to restrict access to a certain network services based on the source of the connection; a simple tool to monitor and control incoming network traffic

TCP Wrapper

Which the Transmission Control Protocol and the Internet Protocol are important parts

TCP/IP (Internet Protocol Suite)

Is a freeware protocol analyzer for Unix that can monitor network traffic on a wire

TCPDump

A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm

Threat

A TCP-based, application-layer, Internet Standard protocol for remote login from one host to another

TELNET

Is the identification of types of threats that an organization might be exposed to

Threat Assessment

Is used to describe a given threat and the harm it could to do a system if it has a vulnerability

Threat Model

A value in an Internet Protocol packet that tells a network router whether or not that packet has been in the network too long and should be discarded

Time to Live

The method a threat uses to get to the target

Threat Vector

Network is a local area network in which all computers are connected in a ring or star topology and a binary digit or token-passing scheme is used in order to prevent collision of data between two computers that want to send messages at the same time

Token Ring

Associates a list of objects and their privileges with each user (The opposite of list based)

Token-Based Access Control

Is triggered by the time of day, so every minute the password changes, requiring the user to have the token with them when they log in

Token-Based Devices

The geometric arrangement of a computer system. Common topologies include a bus, star, and ring. The specific physical, i.e., real, or logical, i.e., virtual, arrangement of the elements of a network

Topology

Is a tool the maps the route a packet takes from the local machine to a remote destination

Traceroute (tracert.exe)

A set of rules (protocol) used along with the Internet Protocol to send data in the form of message units between computers over the Internet

Transmission Control Protocol (TCP)

A block cipher, based on DES, that transforms each 64-bit plaintext block by applying the Data Encryption Algorithm three successive times, using either two or three different keys, for an effective key length of 112 or 168 bits

Triple DES

A protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communication, it ensures that no third party may eavesdrop or tamper with any message

Transport Layer Security (TLS)

S/MIME usage; data that has been signed with a digital signature, and then encrypted, and then signed again

Triple-Wrapped

A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program

Trojan Horse

Is connecting switched together so that they can share VLAN information between them

Trunking

Determine which permissions and what actions other systems or users can perform on remote machines

Trust

Are ports below number 1024 usually allowed to be opened by the root user

Trusted Ports

A communication channel created in a computer network by encapsulating a communication protocol's data packets in a second protocol that normally would be carried above, or at the same layer as the first one

Tunnel

Perform scans to determine which UDP ports are open

UDP Scan

Broadcasting from host to host

Unicast

The generic term for all types of names and addresses that refer to object on the World Wide Web

Uniform Resource Identifier (URI)

The global address of documents and other resources on the World Wide Web. The first part of the address indicates what protocol to user, the second part specifies the IP address or the domain name where the resource is located

Uniform Resource Locator (URL)

A popular multi-user, multitasking operating system developed at Bell Labs in the early 1970s. Created by just a handful of programmers, Unix was designed to be a small, flexible system used exclusively by programmers

Unix

In Windows terminology, a "share" is a mechanism that allows a user to connect to file systems and printers on other systems. An "unprotected share" is one that allows anyone to connect to it

Unprotected Share

A person, organization entity, or automated process that accesses a system, whether authorized to do so or not

User

Is the alternative method of continuing business operations of IT systems are unavailable

User Contingency Plan

A communication protocol that, like TCP, runs on top of IP networks. Unlike TCP/IP, UDP/IP provides very few error recovery services, offering instead a direct way to send and receive datagrams over an IP network

User Datagram Protocol

A restricted-use, logical computer network that is constructed from the system resources of a relatively public, physical network often by using encryption at hosts and often by tunneling links of the virtual network across the real network

Virtual Private Network (VPN)

A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting inserting a copy of itself into and becoming part of - another program

Virus

Refers to phishing attacks that involve the use of voice calls, using either conventional phone systems or Voice over Internet Protocol (VoIP) systems

Vishing (voice or VoIP phishing)

A physical discontinuity in a voice network that monitors, alerts and controls inbound and outbound voice network activity based on user-defined call admission control

Voice Firewall

A security management system for voice networks which monitors voice traffic for multiple calling patterns or attack/abuse signatures to proactively detect and prevent toll fraud, denial of service, telecom attacks, etc.

Voice Intrusion Prevention System (IPS)

Is the process of traveling around looking for wireless access point signals that can be used to get network access

War Driving

A software process that runs on a host connected to the Internet to respond to HTTP requests for documents from client web browsers

Web Server

A security protocol for wireless local area networks defined in the standard IEEE 802.11b

Wired Equivalent Privacy (WEP)

A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio tranceivers

Wireless Application Protocol

A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively

Worm

Is the day a new vulnerability is made known.

Zero Day

A threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or undisclosed

Zero-Day Attack

Is a computer connected to the Internet that has been compromised by a hacker, a computer virus, or a trojan horse

Zombies