SSCP Glossary of Terms Flashcards

Question

Assurance evaluation criteria

Answer 1

Check-list and process of examining the security -relevant parts of a system (TECB, reference monitor, security kernel) and assigning the system an assurance rating.

Answer 2

Encryption method that uses two different key types, public and private. Also call Public Key Cryptography

Answer 3

When a computer has two or more CPU's and one CPU is dedicated to a specific program while the other carries out general processing procedures

Answer 4

Transmission sequencing technology that uses start and stop bits or similar encoding mechanism. Used in environments that transmit a variable amount of data in a periodic fashion

Answer 5

Employs a challenge/response scheme to authenticate the user.

Answer 6

Components available to be used by an attacker against the product itself.

Answer 7

Gradual loss in intensity of any kind of flux through a medium. As an electrical signal travels down a cable, the signal can degrade and distort or corrupt the data it is carrying.

Answer 8

A column in a 2-d database

Answer 9

Authentication Header Protocol Protocol within the IPSec suite used for integrity and authentication.

Answer 10

A type of code singing, which is the process of digitally signing software components and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was digitally signed. Microsoft's implementation of code signing.

Answer 11

Reliable and timely access to data and resources is provide to authorized individuals.

Answer 12

Algorithm design requirement so that slight changes to the input result in drastic changes to the output.

Answer 13

Beginning of address space assigned to a process. Used to ensure a process does not make a request outside its assigned memory boundaries

Answer 14

uses the full bandwidth for only one communication channel and has a low data transfer rate compared to broadband.

Answer 15

A highly exposed device that will most likely be targeted for attacks, and thus should be hardened.

Answer 16

Allowing the suspicious code to execute within the OS and watches its interactions with the OS, loosing for suspicious activities.

Answer 17

Cryptographic attack that exploits the mathematics behind the bday problem in the probability theory forces collisions within hashing functions

Answer 18

Symmetric algorithm type that encrypts chucks (blocks) of data at a time.

Answer 19

Block symmetric cipher that users 64-bit block sizes and variable-length keys

Answer 20

Border Gateway Protocol Protocol that carries out core routing decision on the internet. Maintains a table of IP networks 'prefixies'

Answer 21

Software applications that run automated tasks over the internet, which perform tasks that are both simple and structurally repetitive.

Answer 22

Centrally controlled collection of bots

Answer 23

Divides the bandwidth of a communication channel into many channels, enabling different types of data to be transmitted at one time.

Answer 24

Too much data is put into the buffers that make up a stack. Common attack vector used by attackers to run malicious code on a target system.

Answer 25

Systems are connected to a single transmission channel.

Answer 26

Business Continuity Management Overarching approach to managing all aspects of BCP and DRP

Answer 27

Business Continuity Plan Document or set of documents that contains the critical information a business needs to stay running in spite of adverse events. Aka emergency plan.

Answer 28

Business Impact Analysis Exercise that determines the impact of losing the support of any resource to an organization.

Answer 29

Device that provides bidirectional data communication via RF.

Answer 30

Fast memory type that is used by a CPU to increase read and write operations.

Answer 31

Substitution Algorithm that shifts alphabetic values three positions during it's encryption and decryption process.

Answer 32

Capability Maturity Model Integration Process of improvement methodology that provides guidance for quality improvement and point of reference for appraising existing processes. Developed by Carnegie Mellon.

Answer 33

Capability Maturity Model Integration Model Process improvement approach that provides organizations with the essential elements of effective processes.

Answer 34

Specifies the access rights a certain subject possesses pertaining to specific objects. CT - Subject is bound ACL - Object is bound

Answer 35

Carrier sense multiple access with collision avoidance LANs using carrier sense multiple access with collision avoidance require devices to announce their intention to transmit by broadcasting a jamming signal.

Answer 36

Carrier Sense Multiple Access with Collision Detection Devices on a LAN listen for a carrier before transmitting data.

Answer 37

Cipher block chaining message authentication code uses encryption for data integrity and data origin authentication.

Answer 38

An intersection of a row and a column

Answer 39

A technique used to hide specific cells that contain sensitive information.

Answer 40

Central Processing Unit Part of a computer that performs the logic, computation, and decision-making functions. It interprets and executes instructions as it receives them.

Answer 41

Digital identity used with a PKI. Generated and maintained by a certificate authority and used for authentication.

Answer 42

Certificate Revocation List List that is maintained by the certificate authority of a PKI that contains information on all of the digital certificates that have been revoked.

Answer 43

Technical evaluation of the security components and their compliance to a predefined security policy for the purpose of accreditation.

Answer 44

Component of a PKI that creates and maintains digital certificates throughout their life cycles.

Answer 45

Process of controlling the changes that take place during the life cycle of a system and documenting the necessary change control activities.

Answer 46

Channel Service Unit A line bridging device for use with T-carriers and that is required by PSTN provider at digital interface that terminate in a data service unit on the customer side.

Answer 47

Data Service Unit Telecom circuit terminating equipment that transforms digital data between telephone company lines and local equipment.

Answer 48

Copies of the plan are handed out to each functional area for examination to ensure the plan properly deals with area's needs and vulnerabilities.

Answer 49

Crypt-analysis attack where the attacker chooses a ciphertext and obtains its decryption under an unknown key.

Answer 50

Cryptanalysis attack where the attacker can choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts.

Answer 51

Another name of an algorithm.

Answer 52

Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts.

Answer 53

Classless Interdomain Routing A method for using the existing 32-bit internet address space efficiently.

Answer 54

Input validation is done at the client before it is even sent back to the server to process.

Answer 55

A threshold.

Answer 56

Designs are built upon proprietary procedures, which inhibit interoperability capabilities.

Answer 57

Cipher message authentication code Based upon and provides more security than CBC-MAC

Answer 58

Block cipher mode that combines the CTR encryption mode and CBC-MAC. One encryption key is used for both authentication and encryption purposes.

Answer 59

Set of control objectives used as a framework for IT governance developed by ISACA and the ITGI

Answer 60

Fact- or opinion-based information used to verify an individual's identity.

Answer 61

A measurement that indicates how many different types of tasks a module needs to carry out.

Answer 62

Is just a building with power, raised floors, and utilities. No devices are available. This is the cheapest of the three options but can take weeks to get up and operational.

Answer 63

(1) A condition that is present when two or more terminals are in contention during simultaneous access attempts. (2) In Cryptography, an instance when a has function generates the same output for different inputs.

Answer 64

Two or more people working together to carry out fraudulent activities.

Answer 65

International standard used to assess the effectiveness of the security controls built into a system from functional and assurance perspectives.

Answer 66

Tools that convert high-level language statements into the necessary machine-level format for specific processors to understand.

Answer 67

Another type of virus that appends itself to executables on the system and compresses them by using the user's permissions.

Answer 68

Encryption method that hides a secret message within an open message.

Answer 69

Substitution processes used in encryption functions to increase randomness.

Answer 70

Bases access decisions on the sensitivity of the data, not solely on subject identity.

Answer 71

Bases access decisions on the state of the situation, not solely on identity or content sensitivity.

Answer 72

Deterrent - Discourage Attacker Preventive - Stop an incident from occurring Corrective - Fix items after an incident has occurred Recovery - Restore necessary components to return to normal operations Detective - Identify an incident's activities after it took place Compensating - Alternative control that provides similar protection as the original control.

Answer 73

Administrative, Technical (logical), and Physical

Answer 74

Part of the CPU that oversees the collection of instructions and data from memory and how they are passed to the processing components of the CPU.

Answer 75

Data files used by web browsers and servers to keep browser state information and browsing preferences.

Answer 76

Multitasking scheduling scheme used by older OS to allow for computer resource time slicing.

Answer 77

A form of protection granted by law for original works of authorship fixed in a tangible medium of expression.

Answer 78

Committee of Sponsoring Organizations Internal Control Model used for corporate governance to help prevent fraud developed by the Committee of Sponsoring Organizations of the Treadway Commission.

Answer 79

A measurement that indicates how much interaction one module requires for carrying out its tasks.

Answer 80

CCTA Risk Analysis and Management Method

Answer 81

Central Computing and Telecommunications Agency

Answer 82

Cross-Site scripting Attack An attack where a vulnerability is found on a website that allows an attacker to inject malicious code into a web application.

Answer 83

Practice of uncovering flaws within Cryptosystems.

Answer 84

Science of secret writing that enables an entity to store and transmit data in a form that is available only to the intended individuals.

Answer 85

The study of both cryptography and cryptanalysis

Answer 86

Hardware of software implementation of cryptography that contains all the necessary software, protocols, algorithms and keys.

Answer 87

Physical connections between processing components and memory segments used to transmit data being used during processing procedures.

Answer 88

Individual responsible for implementing and maintaining security controls to meet security requirements outlined by data owner.

Answer 89

Central repository of data elements and their relationships.

Answer 90

The act of willfully modifying information, programs, or documentation in an effort to commit fraud or disrupt production.

Answer 91

Data Execution Prevention Memory protection mechanism used by some operation systems. Memory segments may be marked as non-executable so that they cannot be misused by malicious software.

Answer 92

Use of segregation in design decisions to protect software components from negatively interacting with each other. Commonly enforced through strict interfaces.

Answer 93

A methodology used by organizations to better understand their customers, products, markets, or any other phase of the business.

Answer 94

Considers data independently of the way the data are processed and of the components that process the data. A process used to define and analyze data requirements needed to support the business processes.

Answer 95

Individual responsible for the protection and classification of a specific data set.

Answer 96

A representation of the logical relationship between elements of data.

Answer 97

Combines Data from multiple databases or data sources into a large database for the purpose of providing more extensive information retrieval and data analysis.

Answer 98

A cross-reference collection of data.

Answer 99

Database management system Manages and Controls the Database

Answer 100

Act of transforming data into a readable format.

Answer 101

Implementation of multiple controls so that successful penetration and compromise is more difficult to attain.

Answer 102

Data collection method that happens in an anonymous fashion.

Answer 103

Cryptanalysis method that uses the study of how differences in an input can affect the resultant difference at the output.

Answer 104

First asymmetric algorithm created and is used to exchange symmetric key values. Based upon logarithms in finite fields.

Answer 105

Transportation processes used in encryption functions to increase randomness.

Answer 106

Digital Rights Management Access Control technologies commonly used to protect copyright material.

Answer 107

Binary digits are represented and transmitted as discrete electrical pulses.

Answer 108

Ensuring the authenticity and integrity of a message through the use of hashing algorithms and asymmetric algorithms. The message digest is encrypted with the sender's private key.

Answer 109

Digital Subscriber Line A set of technologies that provide Internet access by transmitting digital data over the wires of a local telephone network. DSL is used to digitize the 'last mile' and provide fast Internet Connectivity.

Answer 110

A routing protocol that calculates paths based on the distance (or number of hops) and a vector (a direction).

Answer 111

The process of replicating the databases containing the DNS data across a set of DNS servers.

Answer 112

A set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attack types.

Answer 113

US Department of Defense architecture framework that ensures interoperability of systems to meet military mission goals.

Answer 114

Domain Name Server A hierarchical distributed naming system for computers, services, or any resource connected to an IP-based network. It associates various pieces of information with domain names assigned to each of the participating entities.

Answer 115

Device has two interfaces and sits between an untrusted network and trusted network to provide secure access.

Answer 116

Dynamic Host Configuration Protocol Industry-standard protocol used to dynamically assign IP addresses to network devices.

Answer 117

Dynamic Link Libraries A set of subroutines that are shared by different applications and operating system processes.

Answer 118

Asymmetric algorithm based upon the Diffie-Hellman algorithm used for digital signatures, encryption, and key exchange.

Answer 119

Asymmetric algorithm based upon the algebraic structure of elliptic curves over finite fields. Used for digital signatures, encryption, and key exchange.

Answer 120

Activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. Since SMTP does not provide any authentication, it is easy to impersonate and forge e-mails.

Answer 121

Encapsulating Security Payload Protocol Protocol within the IPSec suite used for integrity, authentication, and encryption.

Answer 122

Act of transforming data into an unreadable format.

Answer 123

The encryption of information at the point of origin within the communications network and postponing of decryption to the final destination point.

Answer 124

LAN technology IEEE 802.3 48-bit MAC addressing.

Answer 125

Presence of a vulnerability, which exposes the organization to a threat.

Answer 126

Facilitated Risk Analysis Process A focused, qualitative approach that carries out pre-screening to save time and money.

Answer 127

Failure modes and effect analysis Approach that dissects a component into its basic functions to identify flaws and those flaw's effects.

Answer 128

Approach to map specific flaws to root causes in complex systems.

Answer 129

A portable identity, and its associated entitlements, that can be used across business boundaries.

Answer 130

Fiber Distributed Data Interface Ring-based token network protocol that was derived from IEEE 802.4 token bus timed protocol. It can work with LAN or MAN environments and provides fault tolerance through dual-ring architecture.

Answer 131

An attribute of one table that is related to the primary key of another table.

Answer 132

A DDoS attack type on a computer that floods the target system with a large amount of UDP echo traffic to IP broadcast addresses.

Answer 133

Cryptanalysis process used to identify weaknesses within the cryptosystems by locating patterns in resulting ciphertext.

Answer 134

FREQUENCY-DIVISION MULTIPLEXING An older technique in which the available transmission bandwidth of a circuit is divided by frequency into narrow bands, each used for a separate voice or data transmission channel, which many conversations can be carried on one circuit

Answer 135

One in which regular operations are stopped and processing is moved to an alternate site.

Answer 136

Functionality is what a control does Effectiveness of controls is how well it does it.

Answer 137

A technique used to discover flaws and vulnerabilities in software

Answer 138

Tool that marks unused memory segments as usable to ensure that an OS does not run out memory.

Answer 139

Temporary memory location the CPU uses during its processes of executing instructions. The ALU's 'scratch pad' it uses while carting out logic and math functions.

Answer 140

Suggestions and best practices

Answer 141

A standard that addresses call signaling and control, multimedia transport and control, and bandwidth control for point-to-point and multipoint conferences.

Answer 142

Physically mapping software to individual memory segments.

Answer 143

HASHED MESSAGE AUTHENTICATION CODE Cryptographics hash function that uses a symmetric key value and is used for data integrity and data origin authentication.

Answer 144

Combines records and fields that are related in a logical tree structure.

Answer 145

Refers to a system, component, or environment that is continuously operational.

Answer 146

Otherwise known as third-generation programming languages, due to their refined programming structures, using abstract statement.

Answer 147

Systems that entice with the goal of protecting critical production systems. If two or more honeypots are used together, this is considered a honeynet.

Answer 148

Fully configured with hardware, software, and environmental needs. It can usually be up and running in a matter of hours. It is the most expensive option, but some companies cannot be out business longer than a day without very detrimental results.

Answer 149

A combination of HTTP and SSL/TLS that is commonly used for secure internet connections and e-commerce transactions.

Answer 150

Combined use of symmetric and asymmetric algorithms where the symmetric key encrypts data and an asymmetric key encrypts the symmetric key.

Answer 151

Combination of monolithic and microkernel architectures. The microkernel carries out critical operating system functionality, and the remaining functionality is carried out in a client/server model within kernel mode.

Answer 152

Central program used to manage virtual machines within a simulated environment.

Answer 153

MACSec Standard that specifies a set of protocols to meet the security requirements for protecting data traversing Ehternet LANs

Answer 154

Standard that specifies unique per-device indentifiers (DevID) and the management and cryptographic binding of a device (router, switch, access point) to its identifiers.

Answer 155

Attaches code to the file or application, which would fool a virus into 'thinking' it was already infected.

Answer 156

Usually the first step in an attacker's methodology, in which the information gathered may allow an attacker to infer additional information that can be used to compromise systems.

Answer 157

Information Technology Security Evaluation Criteria European standard used to assess the effectiveness of the security controls built into a system.

Answer 158

Initialization Vectors Values that are used with algorithms to increase randomness for cryptographic functions.

Answer 159

Set of operations and commands that can be implemented by a particular processor (CPU).

Answer 160

Integrated Services Digital Network A circuit-switched telephone network system technology designed to allow digital transmission of voice and data over ordinary telephone copper wires.

Answer 161

Accuracy and reliability of the information and systems are provided and any unauthorized modification is prevented.

Answer 162

International Data Encryption Algorithm Block symmetric cipher that uses a 128-bit key and 64-bit block size.

Answer 163

Internet Control Message Protocol A core protocol of the IP suite used to send status and error messages.

Answer 164

Internet Group Management Protocol Used by systems and adjacent routers on IP networks to establish and maintain multicast group memberships.

Answer 165

INTERNET MESSAGE ACCESS PROTOCOL A method of accessing E-mail or bulletin board messages that are kept on a mail server. Next Gen POP

Answer 166

INTERNET PROTOCOL Core protocol of the TCP/IP Suite. Provides packet construction, addressing, and routing functionality.

Answer 167

INTERNET SECURITY ASSOCIATION AND KEY MANAGEMENT PROTOCOL Used to establish security associates and an authentication framework in Internet connections. Commonly used by IKE for key exchange.

Answer 168

Tools that convert code written in interpreted languages to the machine-level format for processing.

Answer 169

Software or hardware signal that indicates that system resources are needed for instruction processing.

Answer 170

Values assigned to computer components to allow for efficient computer resource time slicing.

Answer 171

INTRA-SITE AUTOMATIC TUNNEL ADDRESSING PROTOCOL An IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of an IPv4 network.

Answer 172

Protocol suite used to protect IP traffic through encryption and authentication. De facto standard for VPN

Answer 173

IP version 6 128-bit addressing, integrated IPSec security protocol, simplified header formats, and some automated configuration.

Answer 174

Industry- recognized best practices for the development and management of an information security management system.

Answer 175

International Standard for the implementation of a risk management program that integrates into an information security management system.

Answer 176

Best practices for information technology services management processes developed by the UK's Office of Government Commerce

Answer 177

Small comments (applets) that provide various functionalities and are delivered to users in the form of Java bytecode. Can be run in a web browser using a Java Virtual Machine (JVM).

Answer 178

Concept that an algorithm should be known and only the keys should be kept secret.

Answer 179

Mode that a CPU works within when carrying out more trusted process instructions. The process has access to more computer resources when working in kernel versus user mode.

Answer 180

Sequence of bits that are used as instructions that govern the acts of cryptographic functions within an algorithm.

Answer 181

A weakness that would exist in a crytopsystem if two different keys would generate the same ciphertext from the same plaintext.

Answer 182

Key Derivation Functions Generation of secret keys (subkeys) from an initial value (master key).

Answer 183

A range of possible values used to construct keys.

Answer 184

Component of a stream algorithm that creates random values for an encryption purposes.

Answer 185

Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext.

Answer 186

Architecture that separates system functionality into hierarchical layers.

Answer 187

Ending of address space assigned to a process. Used to ensure a process does not make a request outside its assigned memory boundaries.

Answer 188

Cryptanalysis method that uses the study of affine transformation approximation in encryption processes.

Answer 189

Technology that encrypts full packets (all headers and data payload) and is carried out without the sender's interaction.

Answer 190

A routing protocol used in packet-switching networks where each router constructs a map of the connectivity within the network and calculates the best logical paths, which form its routing table.

Answer 191

Executes a program, or string of code, when a certain event happens or a date and time arrives.

Answer 192

Indirect addressing used by processes within an OS. The memory manager carries out logical-to-absolute address mapping.

Answer 193

A set of instructions in binary format that the computer's processor can understand and work with directly.

Answer 194

A computer virus that spreads by binding itself to software such as Word or Excel.

Answer 195

Code within software that provides a back door entry capability.

Answer 196

Detective Administrative control used to uncover potential fraudulent activities by requiring a person to be away from the organization for a period of time.

Answer 197

Interrupt value assigned to a non-critical operating system activity.

Answer 198

MEAN TIME BETWEEN FAILURES Predicted amount of time between inherent failures of a system during operation.

Answer 199

MEAN TIME TO REPAIR A measurement of the maintainability by representing the average time required to repair a failed component or device.

Answer 200

MEDIA ACCESS CONTROL Data communication protocol sub-layer of the data link layer specified in the OSI Model. Provides hardware addressing and channel access control mechanisms that make it possible for several nodes to communicate within a multiple-access network that incorporates a shared medium.

Answer 201

Cryptanalysis attack that tries to uncover a mathematical problem from two different ends.

Answer 202

These are not actual computer viruses, but types of e-mail messages that are continually forwarded around the internet.

Answer 203

Holds information but cannot process information.

Answer 204

Network where each system must not only capture and disseminate its own data, but also serve as a relay for other systems; that is, it must collaborate to propagate the data in the network.

Answer 205

MESSAGE AUTHENTICATION CODE Keyed cryptographic hash function used for data integrity and data origin authentication.

Answer 206

A data link technology that is used as a metropolitan area network to connect customer networks to larger service networks or the Internet.

Answer 207

METROPOLITAN AREA NETWORK Data network intended to serve an area approximating that of a large city or college campus.

Answer 208

Specific design of a microprocessor, which includes physical components that support a specific instruction set.

Answer 209

Reduced amount of code running in kernel mode carrying out critical operating system functionality. Only the absolutely necessary code runs in kernel mode.

Answer 210

Code that can be transmitted across a network, to be executed by a system or device on the other end.

Answer 211

Architecture framework used mainly in military support missions developed by the British Ministry of Defense.

Answer 212

When the CPU has to change from processing code in user mode to kernel mode.

Answer 213

All of the code of the OS working in kernel mode in an ad-hoc and non-modularized mode.

Answer 214

Outlines how a system can simultaneously process information at different classifications for users with different clearance levels.

Answer 215

AKA Multipartitie Virus Has several components, and can be distributed to different parts of the system. Infects and spread in multiple ways, which makes it harder to eradicate when identified.

Answer 216

A method of combining multiple channels of data over a single transmission line.

Answer 217

Interleaved execution of more than one program (process) or task by a single OS.

Answer 218

MULTIPROTOCOL LABEL SWITCHING A networking technology that directs data from one network node to the next based on short path labels.

Answer 219

MULTIPURPOSE INTERNET MAIL EXTENSION The standard for multimedia mail contents in the Internet Suite of Protocols.

Answer 220

Simultaneous execution of more than one program or task by a single OS.

Answer 221

Applications that can carry out multiple activities simultaneously by generating different instructions set.

Answer 222

AKA 5th Generation Programming Languages Have the goal to create software that can solve problems by themselves. Used in systems that provide AI.

Answer 223

NETWORK ADDRESS TRANSLATION Process of modifying IP address information in packet headers while in transit across a traffic routing device, with the goal of reducing the demand for public IT addresses.

Answer 224

The combining of server, storage, and network capabilities into a single framework, which decreases the costs and complexity of data centers. Converged Infrastructures provide the ability to pool resources, automate resource provisioning, and increase and decrease processing capacity quickly to meet the needs of dynamic computing workloads.

Answer 225

Risk Management Guide for IT Systems. A U.S. Federal Standard that is focused on IT Risks.

Answer 226

Set of controls that are used to secure U.S. Federal Systems developed by NIST.

Answer 227

A technique of inserting bogus information in the hopes of misdirecting an attacker or confusing the matter enough that the actual attack will not be fruitful.

Answer 228

Interrupt Value assigned to a critical operating System Activity

Answer 229

Designed to handle a variety of data, which is more dynamic in nature than a relational database.

Answer 230

Object-Relational Database Uses object-relational database management system (ORDBMS) and is a relational database with a software front end that is written in an object-orientated programming language.

Answer 231

A system that randomly generates a private key and is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.

Answer 232

Cryptographic process that takes an arbitrary amount of data and generates a fixed-length value. Used for integrity protection.

Answer 233

Online Certificate Status Protocol Automated method of maintaining revoked certificates within a PKI.

Answer 234

An SMTP server configured in such a way that it allows anyone on the internet to send email through it, not just mail destined to or originating from known users.

Answer 235

Designs are built upon accepted standards to allow for interoperability.

Answer 236

Open System Interconnection 7 Layer Model

Answer 237

Operationally Critical Threat, Asset, and Vulnerability Evaluation Team-orientated approach that assesses organizational and IT risks through facilitated workshops.

Answer 238

Sending data through an alternative communication channel.

Answer 239

Functional and assurance requirements are bundled into packages for reuse. This component describes what must be met to achieve specific EAL ratings.

Answer 240

One in which some systems are actually run at the alternate site.

Answer 241

The values that are being received by the application are validated to be within defined limits before the server application processes them within the system.

Answer 242

Attack where the attacker does not interact with processing or communication activities.

Answer 243

Personally Identifiable Information Data that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual.

Answer 244

Scan in which the perpetrator sends out legitimate-looking emails, in an effort to phish for personal and financial information from the recipient.

Answer 245

A DoS attack type on a computer that involves sending malformed or oversized ICMP packets to a target.

Answer 246

A message before it has been encrypted or after it has been decrypted using a specific algorithm and key. AKA cleartext.

Answer 247

High-level document that outlines senior management's security directives.

Answer 248

Produces varied but operational copies of itself.

Answer 249

Two objects can receive the same input and have different outputs.

Answer 250

POST OFFICE PROTOCOL Internet Standard protocol used by e-mail clients to retrieve email from a remote server and supports simple download and delete requirements for access to remote mailboxes.

Answer 251

Multitasking scheduling scheme used by operating systems to allow for computer resource time slicing. Use in newer OS.

Answer 252

Pretty Good Privacy Cryptosystem Used to integrate public key cryptography with email functionality and data encryption.

Answer 253

Columns that make each row unique.

Answer 254

PRIVATE BRANCH EXCHANGE Small version of the phone company's central SO.

Answer 255

Value used in public key cryptography that is used for decryption and signature creation and known to only key owner.

Answer 256

Step by step implementation instructions

Answer 257

program loaded in memory within an OS.

Answer 258

protection mechanism provided by OS that can be implemented as encapsulation, time multiplexing of shared resources, naming distinctions, and virtual memory mapping.

Answer 259

Ready, Running, Blocked

Answer 260

Holds the memory address for the following instructions the CPU needs to act upon.

Answer 261

PROGRAM STATUS WORD Condition variable that indicates to the CPU what mode instructions need to be carried out in.

Answer 262

Description of a needed security solution

Answer 263

System that acts as an intermediary for requests from clients seeking resources from other sources.

Answer 264

Value used in public key cryptography that is used for encryption and signature validation that can be known by all parties.

Answer 265

An asymmetric cryptosystem where the encrypting and decrypting keys are different and it is computationally infeasible to calculate one from another. Encrypting Key = Public Decrypting Key = Kept Secret

Answer 266

PUBLIC-SWITCHED TELEPHONE NETWORK Public circuit-switched telephone network, which is made up of telephone lines, fiber-optic cables, cell networks. Fixed-line analog telephone system.

Answer 267

Opinion-based method of analyzing risk with the use of scenarios and ratings.

Answer 268

Assigning monetary and numeric values to all the data elements of a risk assessment.

Answer 269

Use of quantum mechanical functions to provide strong cryptographic key exchange.

Answer 270

Two or more processes attempt to carry out their activity on one resource at the same time.

Answer 271

Hardware inside a computer that retains memory on a short-term basis and stores information while the computer is in use.

Answer 272

Algorithm used to create values that are used in cryptographic functions to add randomness.

Answer 273

Stream symmetric cipher Used in SSL and WEP

Answer 274

Block symmetric cipher that uses variable block sizes and variable-length key sizes.

Answer 275

Clock symmetric cipher that uses a 128-bit block size and variable-length key sizes. Built on RC5 algorithm.

Answer 276

REAL TIME TRANSPORT PROTOCOL Used to transmit audio and video over IP-based networks. Used in conjunction with RTCP.

Answer 277

One in which a company promises another company it cane move in and share space if it experiences a disaster, and vise versa.

Answer 278

A collection of related data items.

Answer 279

Recovery Point Objective A measurement of the point prior to an outage to which data are to be restored.

Answer 280

RECOVERY TIME OBJECTIVE The earliest time period and a service level within which a business process must be restored after a disaster to avoid unacceptable consequences.

Answer 281

Concept that defines a set of design requirements of a reference validation mechanism (security kernel), which enforces an access control policy over subject's (processes, users) ability to perform operations (read, write, execute) on objects (files, resources) on a system.

Answer 282

Small, temporary memory storage units integrated and used by the CPU during its processing functions.

Answer 283

Registration Authority Purpose is to verify an end entity's identity and determine whether it is entitled to have a public key certificate issues.

Answer 284

Data that is organized in two-dimensional tables or relations.

Answer 285

Malicious programs that run on systems and allow intruders to access and use a system remotely.

Answer 286

REMOTE AUTHENTICATION DIAL-IN USER SERVICE A network protocol that provides client/server authentication and authorization, and audits remote users.

Answer 287

Involves transmitting the journal or transaction log offsite to a backup facility.

Answer 288

Occurs when an attacker intercepts authentication information through the use of network monitoring utilities. The attacker then 'replays' this information to the security system in an effort to gain access to the system.

Answer 289

Risk that remains after implementing a control. Threats x Vulnerabilities x assets x (control gap) = residual risk

Answer 290

Limits the user's environment within the system, thus limiting access to objects.

Answer 291

Block symmetric cipher that was chosen to fulfill the AES. Uses 128-bit block size and various key lengths.

Answer 292

Each system connects to two other systems, forming a single, unidirectional network pathway for signals, thus forming a ring.

Answer 293

The probability of a threat agent exploiting a vulnerability and the associated impact.

Answer 294

An operation that ends a current transaction and cancels all the recent changes to the database until the previous checkpoint/commit point.

Answer 295

Computer memory chips with preprogrammed circuits for storing such software as word processors and spreadsheets. Information in the computer's ROM is permanently maintained even when the computer is turned off.

Answer 296

Set of malicious tools that are loaded on a compromised system through stealthy techniques. The tools are used to carry out more attacks on either the infected systems or surrounding systems.

Answer 297

Detective administrative control used to uncover potential fraudulent activities.

Answer 298

Access is based on a list of rules created or authorized by system owners that specify the privileges granted to users.

Answer 299

Substitution cipher that creates keystream values, commonly from agree-upon text passages, to be used for encryption purposes.

Answer 300

Framework risk-driven enterprise security architecture that maps to business initiatives, similar to the Zachman Framework.

Answer 301

A virtual environment that allows for very fine-grained control over the actions that code within the machine is permitted to take. This is designed to allow safe execution of untrusted code from remote sources.

Answer 302

Defines the structure of the database.

Answer 303

A firewall that communicates directly with a perimeter router and the internal network. The router carries out filtering activities on the traffic before it reaches the firewall.

Answer 304

When two filtering devices are used to create a DMZ. The external device screens the traffic entering the DMZ network, and the internal filtering device screens the traffic before it enters the internal network.

Answer 305

A simple transposition cipher system that employs a rod of a certain thickness around which was wrapped a long, thin strip of parchment.

Answer 306

SECURE ELECTRONIC TRANSACTION The SET specification has been developed by VISA and MASTERCARD to allow for secure credit card and offline debit car transactions.

Answer 307

Secure MIME Secure/Multipurpose Internet Mail Extensions Outlines how public key cryptography can be used to secure MIME data types.

Answer 308

Secure Shell Network protocol that allows for a secure connection to a remote system. Developed to replace Telnet and other insecure remote shell methods.

Answer 309

Security Assertion Markup Language An XML standard that allows the exchange of authentication and authorization data to be shared between security domains.

Answer 310

Measures taken during development and evaluation of the product to assure compliance with the claimed security functionality.

Answer 311

Resources within this logical structure are working under the same security policy and managed by the same group.

Answer 312

Individual security functions which must be provided by a product.

Answer 313

The central part of a computer system that implements the fundamental security procedures for controlling access to system resources.

Answer 314

Mechanism used to delineate between the components within and outside of the trusted computing base.

Answer 315

Strategic tool used to dictate how sensitive information and resources are to be managed and protected.

Answer 316

Vendor's within explanation of the security functionality and assurance mechanisms that meet the needed security solution.

Answer 317

Relying upon the secrecy or complexity of an item as its security, instead of practicing solid security practices.

Answer 318

Attempts to hide from antivirus software by modifying its own code so that it does not match predefined signatures.

Answer 319

Sender Policy Framework An email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP address.

Answer 320

Preventive administrative control used to ensure one person cannot carry out a critical task alone.

Answer 321

Server-Side Includes An interpreted server-side scripting langauge used almost exclusively for web-based communication. It is commonly used to include the contents of one or more files into a web page on a web server. Allows web developers to reuse content by inserting the same content into multiple web documents.

Answer 322

SERVICE PROVISIONING MARKUP LANGUAGE Allows for the automation of user management and access entitlement configuration related to electronically published services across multiple provisioning systems.

Answer 323

An intruder takes over a connection after the original source has been authenticated.

Answer 324

SESSION INITATION PROTOCOL The signaling protocol widely used for controlling communication, as in voice and video calls over IP based networks.

Answer 325

Symmetric keys have a short lifespan, thus providing more protection than static keys with longer lifespans.

Answer 326

Viewing information in an unauthorized manner by looking over the should of someone else.

Answer 327

Non-intrusive attack that uses information that has been gathered to uncover sensitive data or processing functions. Often tries to figure out how a component works without trying to compromise any type of flaw or weakness.

Answer 328

SIMPLE MAIL TRANSFER PROTOCOL An Internet standard protocol for email transmission across IP based networks.

Answer 329

Simple Network Management Protocol Provides remote administration of network device; simple because the agent requires minimal software.

Answer 330

SIMPLE OBJECT ACCESS PROTOCOL A lightweight protocol for exchange of information in a decentralized, distributed environment.

Answer 331

A practice execution of the plan takes place. A specific scenario is established, and the simulation continues up to the point of actual relocation to the alternate site.

Answer 332

SINGLE LOSS EXPECTANCY One instance of an expected loss if a specific vulnerability is exploited and how it affects a single asst. Asset Value x Exposure Factor = SLE

Answer 333

Business management strategy developed by Motorola with the goal of improving business processes.

Answer 334

Plastic Cards, typically with an electronic chip embedded, that contain electronic value tokens.

Answer 335

A DDoS attack type on a computer that floods the target system with spoofed broadcast ICMP packets.

Answer 336

Gaining unauthorized access by tricking someone into divulging sensitive information.

Answer 337

SOFTWARE CONFIGURATION MANAGEMENT Identifies the attributes of software at various points in time, and performs a methodical control of changes for the purpose of maintaining software integrity and traceability throughout the software development life cycle.

Answer 338

Two processes cannot complete their activities because they are both waiting for system resources to be released.

Answer 339

Storing of the source code of software with a third-part escrow agent. The software source code is released to the licensee if the licensor files for bankruptcy or fails to maintain and update the software product as promised.

Answer 340

Allows a sender of a packet to specify the route the packet takes through the network versus routers determining the path.

Answer 341

SPANNING TREE PROTOCOL A network protocol that ensures a loop-free topology for any bridged Ethernet LAN and allows redundant links to be available in case connection links go down.

Answer 342

Temporary memory location that holds critical processing parameters. They hold values as in the program counter, stack pointer, and program status word.

Answer 343

Construct that is made up of individually addressable buffers. Process-to-Process communication takes place through the use of stacks.

Answer 344

Compulsory rules that support the security policies.

Answer 345

Network consists of one central device, which acts as a conduit to transmit messages.

Answer 346

STATEMENT OF WORK Describes the product and customer requirements. A detailed-orientated SOW will help ensure that these requirements are properly understood and assumptions are not made.

Answer 347

A debugging technique that is carried out by examining the code without executing the program, and therefore is carried out before the program is compiled.

Answer 348

Cryptanalysis attack that uses identified statistical patterns.

Answer 349

STATISTICAL TIME-DIVISION MULTIPLEXING This form of of multiplexing uses all available time slots to send significant information and handles inbound data on a first come- first served basis.

Answer 350

A virus that hides the modifications it has made. The virus tries to trick antivirus software by intercepting its requests to the operating system and providing false and bogus information.

Answer 351

1) The method of concealing the existence of a message or data within seemingly innocent covers. 2) A technology used to embed information in for example, audio and graphical material. The audio and graphical materials appear unaltered until a stenography tool is used to reveal the hidden message.

Answer 352

An encryption method in which a cryptographic key and an algorithm are applied to each bit in a datastream, one bit at a time.

Answer 353

Representatives from each functional area or department get together and walk through the plan from beginning to end.

Answer 354

An active entity that requests access to an object or the data within an object.

Answer 355

Logical subdivision of a network that improves network administration and helps reduce network traffic congestion. Process of segmenting a network into smaller networks through the use of an addressing scheme made up of network and host portions.

Answer 356

Encryption method that uses an algorithm that changes out (substitutes) one value for another value.

Answer 357

Encryption method where the sender and receiver use an instance of the same key for encryption and decryption process.

Answer 358

When a computer has two or more CPUs and each CPU is being used in a load-balancing method.

Answer 359

DoS Attack where an attacker sends a succession of SYN packets with the goal of overwhelming the victim system so that it is unresponsive to legitimate traffic.

Answer 360

Transmission sequencing technology that uses a clocking pulse or timing scheme for data transfer synchronization.

Answer 361

Synchronous Optical Networking (SONET) and Synchronous Digital Hierarchy (SDH) Standardized multiplexing protocols that transfer multiple digital bit streams over optical fiber and allow for simultaneous transportation of many different circuits of differing origin within a single framing protocol.

Answer 362

Synchronizes with the authentication service by using time or a counter as the core piece of the authentication process. If the synchronization is time-based, the token device and the authentication service must hold the same time within their internal clocks.

Answer 363

SYSTEM DEVELOPMENT LIFE CYCLE The scope of activities associated with a system, encompassing the system's initiation, development and acquisition, implementation, operation and maintenance, and ultimately, its disposal, which instigates another system initiation.

Answer 364

TARGET OF EVALUATION Product proposed to provide a needed security solutions.

Answer 365

Dedicated lines that can carry voice and data information over trunk lines.

Answer 366

Standardization of device-based network communication through a modular four-layer architecture.

Answer 367

Transition mechanism for migrating from IPv4 to IPv6. it allows systems to use IPv6 to communicate if their traffice has to transverse an IPv4 network.

Answer 368

Instruction set generated by a process when it has a specific activity that needs to be carried out by an OS. When the activity is finished, the thread is destroyed.

Answer 369

The danger of a threat agent exploiting a vulnerability.

Answer 370

Entity that can exploit a vulnerability

Answer 371

A systematic approach used to understand how different threats could be realized and how a successful compromise could take place.

Answer 372

Technology that allows processes to use the same resources

Answer 373

Time-Division Multiplexing A type of multiplexing in which two or more bit streams or signals are transferred apparently simultaneously as sub-channels in one communication channel, but are physically taking turns on a single channel.

Answer 374

TIME-OF-CHECK/TIME-OF-USE ATTACK Attacker manipulates the 'condition check' step and the 'use' step within software to allow for unauthorized activity.

Answer 375

Enterprise architecture framework used to define and understand a business environment developed by The Open Group.

Answer 376

LAN medium access technology that controls network communication traffic through the use of token frames. This technology has been mostly replaced by Ethernet.

Answer 377

Full Risk amount before a control is put into place. Threats x Vulnerabilities x Assets = Total Risk

Answer 378

Proprietary business or technical information, processes, designs, practices, etc., that are confidential and critical to the business.

Answer 379

Protect words, names, product shapes, symbols, colors, or a combination of these used to identify products or a company. These items are used to distinguish products from the competitors' products.

Answer 380

TRANSMISSION CONTROL PROTOCOL The major transport protocol in the Internet suite of protocols providing reliable, connection-orientated, full-duplex streams.

Answer 381

Mode that IPSec protocols can work in that provides protection for packet data payload.

Answer 382

Encryption method that shifts (permutation) values.

Answer 383

Triple DES Symmetric cipher that applies DES three times to each block of data during the encryption process.

Answer 384

A program that is disguised as another program with the goal of carrying out malicious activities in the background without the user knowing.

Answer 385

TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA U.S. DoD standard used to assess the effectiveness of the security controls built into a system. Replaced by the Common Criteria. Also known as the Orange Book.

Answer 386

TRUSTED COMPUTING BASE A collection of all the hardware, software, and firmware components within a system that provide security and enforce the system's security policy.

Answer 387

Trustworthy software channel that is used for communication between two processes that cannot be circumvented.

Answer 388

Mode that IPSec protocols can work in that provides protection for packet headers and data payload.

Answer 389

A row in a 2-D Database

Answer 390

A mechanism that is another control used in databases to ensure that integrity of the data held within the database.

Answer 391

When a biometric system rejects an authorized individual (FRR)

Answer 392

When the system accepts impostors who should be rejected (FAR)

Answer 393

Assigning Confidence level values to data elements.

Answer 394

User Datagram Protocol Connectionless, unreliable transport layer protocol, which is considered a 'best effort' protocol.

Answer 395

'Problem State' Protection Mode that a CPU works within when carrying out less trusted process instructions.

Answer 396

The creation, maintenance, and deactivation of user objects and attributes as they exist in one or more systems, directories, or applications, in response to business processes.

Answer 397

Determines if the product provides the necessary solution for the intended real-world problem.

Answer 398

Determines if the product accurately represents and meets the specs.

Answer 399

Otherwise known as 4th generation programming languages and are meant to take natural language-based statements one step ahead.

Answer 400

A virtual relation defined by the database administrator in order to keep subjects from viewing certain data.

Answer 401

VIRTUAL LOCAL AREA NETWORK A group of hosts that communicate as if they were attached to the same broadcast domain, regardless of their physical location. VLAN membership can be configured through software instead of physically relocating devices or connections, which allows for easier centralized management.

Answer 402

Combination of main memory (RAM) and secondary memory within an OS.

Answer 403

Creation of a simulated environment (hardware platform, OS, Storage, etc.) that allows for central control and scalability.

Answer 404

A small application, or string of code, that infects host applications. It is a programming code that can replicate itself and spread from one system to another.

Answer 405

VOICE AND PHISHING Social engineering activity over the telephone system, most often using features faciliated by VoIP, to gain unauthorized access to sensitive data.

Answer 406

An exploit that allows an attacker on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.

Answer 407

VOICE OVER IP The set of protocols, technologies, methodologies, and transmission techniques involved in the delivery of voice data and multimedia sessions over IP-based networks.

Answer 408

Weakness or a lack of a countermeasure.

Answer 409

When a specialized program is used to automatically scan a list of telephone numbers to search for computers for the purpose of exploitation and hacking.

Answer 410

Does not have computers, but it does have some peripheral devices, such as disk drives, controllers, and tape drives. This option is less expensive than a hot site but takes more effort and time to become operational.

Answer 411

WAVE-DIVISION MULTIPLEXING Multiplying the available capacity of optical fibers through use of parallel channels, with each channel on a dedicated wavelength of light. The bandwidth of an optical fiber can be divided into as many as 160 channels.

Answer 412

A piece of software installed on a system that is designed to intercept all traffic between the local web browser and the web server.

Answer 413

WIDE AREA NETWORK A telecommunication network that covers a broad area and allows a business to effectively carry out its daily function, regardless of location.

Answer 414

A passive attack that eavesdrops on communications. It is only legal with prior consent or a warrant.

Answer 415

WORK BREAKDOWN STRUCTURE A project management tool used to define and group a project's individual work elements in an organized manner.

Answer 416

This takes place when an attacker captures packets at one location in the network and tunnels them to another location in the network for a second attacker to use against a target system.

Answer 417

These are different from viruses in that they can reproduce on their own without a host application and are self-contained programs.

Answer 418

Enterprise architecture framework used to define and understand a business environment developed by John Zachman.

Answer 419

One entity can prove something to be true without providing a secret value.