SSCP Glossary of Terms Flashcards
6to4
Transition mechanism for migrating from IPv4 to IPv6. It allows systems to use IPv6 to communicate if their traffic has to transverse an IPv4 network.
Absolute Addresses
Hardware addresses used by the CPU
Abstraction
The capability to suppress unnecessary details so the important, inherent properties can be examined and reviewed.
Accepted Ways for Handling Risk
Accept, Transfer, Mitigate, Avoid
Access
The flow of information between a subject and an object.
AC Matrix
Table of subjects and objects indicating what actions individual subjects can take upon individual objects.
AC Model
Framework that dictates how subjects access objects.
Access Controls
Security features that control how users and systems communicate and interact with others systems and resources.
Accreditation
Formal acceptance of the adequacy of a system’s overall security by management.
Active Attack
Attack where the attacker does interact with processing or communication activities.
ActiveX
Microsoft Technology composed of a set of OOP technologies and tolls based on COM and DCOM.
Framework for defining reusable software components in a programming language-independent manner.
Address Bus
Physical connections between processing components and memory segments used to communicate the physical memory addresses begin used during processing procedures.
ARP
ADDRESS RESOLUTION PROTOCOL
Networking protocol used for resolution of network layer IP addresses into link layer MAC Addresses
ASLR
ADDRESS SPACE LAYOUT RANDOMIZATION
Memory protection mechanism used by some operating systems. The addresses used by components of a process are randomized so that it is harder for an attacker to exploit specific memory vulnerabilities.
Algebraic Attack
Cryptoanalysis attack that exploits vulnerabilities within the intrinsic algebraic structure of mathematical functions.
Algorithm
Set of mathematical and logic rules used in cryptographic functions.
Analog Signals
Continuously varying electromagnetic wave that represents and transmits data.
Analytic Attack
Cryptanalysis attack that exploits vulnerabilities within the algorithm structure.
ALE
ANNUALIZED LOSS EXPECTANCY
Annual expected loss if a specific vulnerability is exploited and how ti affects a single assest.
SLE x ARO = ALE
API
APPLICATION PROGRAMMING INTERFACE
Software interface that enables process-to-process interaction.
ALU
ARITHMETIC LOGIC UNIT
A component of the computer’s processing unit in which arithmetic and matching operations are performed.
AZ/NZS 4360
Australia and NZ business risk management approach
Assemblers
Tools that convert assembly code into the necessary machine-compatible binary language for processing activities to take place.
Assembly Language
A low-level programming language that is the mnemonic representation of machine-level instructions.
Assurance evaluation criteria
Check-list and process of examining the security -relevant parts of a system (TECB, reference monitor, security kernel) and assigning the system an assurance rating.
Asymmetric algorithm
Encryption method that uses two different key types, public and private.
Also call Public Key Cryptography
Asymmetric mode multiprocessing
When a computer has two or more CPU’s and one CPU is dedicated to a specific program while the other carries out general processing procedures
Asynchronous Communication
Transmission sequencing technology that uses start and stop bits or similar encoding mechanism. Used in environments that transmit a variable amount of data in a periodic fashion
Asynchronous token generating method
Employs a challenge/response scheme to authenticate the user.
Attack surface
Components available to be used by an attacker against the product itself.
Attenuation
Gradual loss in intensity of any kind of flux through a medium. As an electrical signal travels down a cable, the signal can degrade and distort or corrupt the data it is carrying.
Attribute
A column in a 2-d database
AH Protocol
Authentication Header Protocol
Protocol within the IPSec suite used for integrity and authentication.
Authenticode
A type of code singing, which is the process of digitally signing software components and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was digitally signed. Microsoft’s implementation of code signing.
Availability
Reliable and timely access to data and resources is provide to authorized individuals.
Avalanche Effect
Algorithm design requirement so that slight changes to the input result in drastic changes to the output.
Base registers
Beginning of address space assigned to a process. Used to ensure a process does not make a request outside its assigned memory boundaries
Base-band Transmissions
uses the full bandwidth for only one communication channel and has a low data transfer rate compared to broadband.
Bastion host
A highly exposed device that will most likely be targeted for attacks, and thus should be hardened.
Behavior blocking
Allowing the suspicious code to execute within the OS and watches its interactions with the OS, loosing for suspicious activities.
Birthday Attack
Cryptographic attack that exploits the mathematics behind the bday problem in the probability theory forces collisions within hashing functions
Block Cipher
Symmetric algorithm type that encrypts chucks (blocks) of data at a time.
Blowfish
Block symmetric cipher that users 64-bit block sizes and variable-length keys
BGP
Border Gateway Protocol
Protocol that carries out core routing decision on the internet. Maintains a table of IP networks ‘prefixies’
Bots
Software applications that run automated tasks over the internet, which perform tasks that are both simple and structurally repetitive.
Botnet
Centrally controlled collection of bots
Broadband Transmission
Divides the bandwidth of a communication channel into many channels, enabling different types of data to be transmitted at one time.
Buffer overflow
Too much data is put into the buffers that make up a stack. Common attack vector used by attackers to run malicious code on a target system.
Bus Topology
Systems are connected to a single transmission channel.
BCM
Business Continuity Management
Overarching approach to managing all aspects of BCP and DRP
BCP
Business Continuity Plan
Document or set of documents that contains the critical information a business needs to stay running in spite of adverse events.
Aka emergency plan.
BIA
Business Impact Analysis
Exercise that determines the impact of losing the support of any resource to an organization.
Cable Modem
Device that provides bidirectional data communication via RF.
Cache Memory
Fast memory type that is used by a CPU to increase read and write operations.
Caesar Cipher
Substitution Algorithm that shifts alphabetic values three positions during it’s encryption and decryption process.
CMMI
Capability Maturity Model Integration
Process of improvement methodology that provides guidance for quality improvement and point of reference for appraising existing processes. Developed by Carnegie Mellon.
CMMI Model
Capability Maturity Model Integration Model
Process improvement approach that provides organizations with the essential elements of effective processes.
Capability Table
Specifies the access rights a certain subject possesses pertaining to specific objects.
CT - Subject is bound
ACL - Object is bound
CSMA/CA
Carrier sense multiple access with collision avoidance LANs using carrier sense multiple access with collision avoidance require devices to announce their intention to transmit by broadcasting a jamming signal.
CSMA/CD
Carrier Sense Multiple Access with Collision Detection Devices on a LAN listen for a carrier before transmitting data.
CBC-MAC
Cipher block chaining message authentication code uses encryption for data integrity and data origin authentication.
Cell
An intersection of a row and a column
Cell Suppression
A technique used to hide specific cells that contain sensitive information.
CPU
Central Processing Unit
Part of a computer that performs the logic, computation, and decision-making functions. It interprets and executes instructions as it receives them.
Certificate
Digital identity used with a PKI. Generated and maintained by a certificate authority and used for authentication.
CRL
Certificate Revocation List
List that is maintained by the certificate authority of a PKI that contains information on all of the digital certificates that have been revoked.
Certification
Technical evaluation of the security components and their compliance to a predefined security policy for the purpose of accreditation.
Certification Authority
Component of a PKI that creates and maintains digital certificates throughout their life cycles.
Change Control
Process of controlling the changes that take place during the life cycle of a system and documenting the necessary change control activities.
CSU
Channel Service Unit
A line bridging device for use with T-carriers and that is required by PSTN provider at digital interface that terminate in a data service unit on the customer side.
DSU
Data Service Unit
Telecom circuit terminating equipment that transforms digital data between telephone company lines and local equipment.
Checklist Test
Copies of the plan are handed out to each functional area for examination to ensure the plan properly deals with area’s needs and vulnerabilities.
Chosen-Ciphertext attack
Crypt-analysis attack where the attacker chooses a ciphertext and obtains its decryption under an unknown key.
Chosen-plaintext Attack
Cryptanalysis attack where the attacker can choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts.
Cipher
Another name of an algorithm.
Ciphertext-only attack
Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts.
CIDR
Classless Interdomain Routing
A method for using the existing 32-bit internet address space efficiently.
Client-Side Validation
Input validation is done at the client before it is even sent back to the server to process.
Clipping Level
A threshold.
Closed System
Designs are built upon proprietary procedures, which inhibit interoperability capabilities.
CMAC
Cipher message authentication code
Based upon and provides more security than CBC-MAC
CMM
Block cipher mode that combines the CTR encryption mode and CBC-MAC. One encryption key is used for both authentication and encryption purposes.
CobiT
Set of control objectives used as a framework for IT governance developed by ISACA and the ITGI
Cognitive Passwords
Fact- or opinion-based information used to verify an individual’s identity.
Cohesion
A measurement that indicates how many different types of tasks a module needs to carry out.
Cold Site
Is just a building with power, raised floors, and utilities. No devices are available. This is the cheapest of the three options but can take weeks to get up and operational.
Collision
(1) A condition that is present when two or more terminals are in contention during simultaneous access attempts.
(2) In Cryptography, an instance when a has function generates the same output for different inputs.
Collusion
Two or more people working together to carry out fraudulent activities.
Common Criteria
International standard used to assess the effectiveness of the security controls built into a system from functional and assurance perspectives.
Compilers
Tools that convert high-level language statements into the necessary machine-level format for specific processors to understand.
Compression Viruses
Another type of virus that appends itself to executables on the system and compresses them by using the user’s permissions.
Concealment Cipher
Encryption method that hides a secret message within an open message.
Confusion
Substitution processes used in encryption functions to increase randomness.
Content-Based Access
Bases access decisions on the sensitivity of the data, not solely on subject identity.
Context-Based Access
Bases access decisions on the state of the situation, not solely on identity or content sensitivity.
Different Types on Control Functions (6)
Deterrent - Discourage Attacker
Preventive - Stop an incident from occurring
Corrective - Fix items after an incident has occurred
Recovery - Restore necessary components to return to normal operations
Detective - Identify an incident’s activities after it took place
Compensating - Alternative control that provides similar protection as the original control.
Control Types
Administrative, Technical (logical), and Physical
Control Unit
Part of the CPU that oversees the collection of instructions and data from memory and how they are passed to the processing components of the CPU.
Cookies
Data files used by web browsers and servers to keep browser state information and browsing preferences.
Cooperative Multitasking
Multitasking scheduling scheme used by older OS to allow for computer resource time slicing.
Copyright
A form of protection granted by law for original works of authorship fixed in a tangible medium of expression.
COSO
Committee of Sponsoring Organizations
Internal Control Model used for corporate governance to help prevent fraud developed by the Committee of Sponsoring Organizations of the Treadway Commission.
Coupling
A measurement that indicates how much interaction one module requires for carrying out its tasks.
CRAMM
CCTA Risk Analysis and Management Method
CCTA
Central Computing and Telecommunications Agency
XSS Attack
Cross-Site scripting Attack
An attack where a vulnerability is found on a website that allows an attacker to inject malicious code into a web application.
Crytanalysis
Practice of uncovering flaws within Cryptosystems.
Cyptography
Science of secret writing that enables an entity to store and transmit data in a form that is available only to the intended individuals.
Cryptology
The study of both cryptography and cryptanalysis
Cryptosystem
Hardware of software implementation of cryptography that contains all the necessary software, protocols, algorithms and keys.
Data Bus
Physical connections between processing components and memory segments used to transmit data being used during processing procedures.
Data Custodian
Individual responsible for implementing and maintaining security controls to meet security requirements outlined by data owner.
Data Dictionary
Central repository of data elements and their relationships.
Data Diddling
The act of willfully modifying information, programs, or documentation in an effort to commit fraud or disrupt production.
DEP
Data Execution Prevention
Memory protection mechanism used by some operation systems. Memory segments may be marked as non-executable so that they cannot be misused by malicious software.
Data Hiding
Use of segregation in design decisions to protect software components from negatively interacting with each other. Commonly enforced through strict interfaces.
Data Mining
A methodology used by organizations to better understand their customers, products, markets, or any other phase of the business.
Data Modeling
Considers data independently of the way the data are processed and of the components that process the data. A process used to define and analyze data requirements needed to support the business processes.
Data Owner
Individual responsible for the protection and classification of a specific data set.
Data Structure
A representation of the logical relationship between elements of data.
Data Warehousing
Combines Data from multiple databases or data sources into a large database for the purpose of providing more extensive information retrieval and data analysis.
Database
A cross-reference collection of data.
DBMS
Database management system
Manages and Controls the Database
Decipher
Act of transforming data into a readable format.
Defense-in-depth
Implementation of multiple controls so that successful penetration and compromise is more difficult to attain.
Delphi Method
Data collection method that happens in an anonymous fashion.
Differential Crytanalysis
Cryptanalysis method that uses the study of how differences in an input can affect the resultant difference at the output.
Diffie-Hellman Algorithm
First asymmetric algorithm created and is used to exchange symmetric key values. Based upon logarithms in finite fields.
Diffusion
Transportation processes used in encryption functions to increase randomness.
DRM
Digital Rights Management
Access Control technologies commonly used to protect copyright material.
Digital Signals
Binary digits are represented and transmitted as discrete electrical pulses.
Digital Signature
Ensuring the authenticity and integrity of a message through the use of hashing algorithms and asymmetric algorithms. The message digest is encrypted with the sender’s private key.
DSL
Digital Subscriber Line
A set of technologies that provide Internet access by transmitting digital data over the wires of a local telephone network. DSL is used to digitize the ‘last mile’ and provide fast Internet Connectivity.
Distance-vector routing protocol
A routing protocol that calculates paths based on the distance (or number of hops) and a vector (a direction).
DNS Zone transfer
The process of replicating the databases containing the DNS data across a set of DNS servers.
DNSSEC
A set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attack types.
DoDAF
US Department of Defense architecture framework that ensures interoperability of systems to meet military mission goals.
DNS
Domain Name Server A hierarchical distributed naming system for computers, services, or any resource connected to an IP-based network. It associates various pieces of information with domain names assigned to each of the participating entities.
Dual-Homed Firewall
Device has two interfaces and sits between an untrusted network and trusted network to provide secure access.
DHCP
Dynamic Host Configuration Protocol
Industry-standard protocol used to dynamically assign IP addresses to network devices.
DLLs
Dynamic Link Libraries
A set of subroutines that are shared by different applications and operating system processes.
El Gamal Algorithm
Asymmetric algorithm based upon the Diffie-Hellman algorithm used for digital signatures, encryption, and key exchange.
Elliptic Curve Cryptosystem Algorithm
Asymmetric algorithm based upon the algebraic structure of elliptic curves over finite fields. Used for digital signatures, encryption, and key exchange.
E-Mail Spoofing
Activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. Since SMTP does not provide any authentication, it is easy to impersonate and forge e-mails.
ESP
Encapsulating Security Payload
Protocol Protocol within the IPSec suite used for integrity, authentication, and encryption.
EncipherK
Act of transforming data into an unreadable format.
End-to-End encryption
The encryption of information at the point of origin within the communications network and postponing of decryption to the final destination point.
Ethernet
LAN technology
IEEE 802.3
48-bit MAC addressing.
Exposure
Presence of a vulnerability, which exposes the organization to a threat.
FRAP
Facilitated Risk Analysis Process
A focused, qualitative approach that carries out pre-screening to save time and money.
FMEA
Failure modes and effect analysis
Approach that dissects a component into its basic functions to identify flaws and those flaw’s effects.
Fault Tree Analysis
Approach to map specific flaws to root causes in complex systems.
Federated Identity
A portable identity, and its associated entitlements, that can be used across business boundaries.
FDDI
Fiber Distributed Data Interface
Ring-based token network protocol that was derived from IEEE 802.4 token bus timed protocol. It can work with LAN or MAN environments and provides fault tolerance through dual-ring architecture.
Foreign Key
An attribute of one table that is related to the primary key of another table.
Fraggle Attack
A DDoS attack type on a computer that floods the target system with a large amount of UDP echo traffic to IP broadcast addresses.
Frequency Analysis
Cryptanalysis process used to identify weaknesses within the cryptosystems by locating patterns in resulting ciphertext.
FDM
FREQUENCY-DIVISION MULTIPLEXING
An older technique in which the available transmission bandwidth of a circuit is divided by frequency into narrow bands, each used for a separate voice or data transmission channel, which many conversations can be carried on one circuit
Full-interruption Test
One in which regular operations are stopped and processing is moved to an alternate site.
Functionality versus effectiveness of Control
Functionality is what a control does
Effectiveness of controls is how well it does it.
Fuzzing
A technique used to discover flaws and vulnerabilities in software
Garbage Collector
Tool that marks unused memory segments as usable to ensure that an OS does not run out memory.
General Registers
Temporary memory location the CPU uses during its processes of executing instructions.
The ALU’s ‘scratch pad’ it uses while carting out logic and math functions.
Guideline
Suggestions and best practices
H.232
A standard that addresses call signaling and control, multimedia transport and control, and bandwidth control for point-to-point and multipoint conferences.
Hardware Segmentation
Physically mapping software to individual memory segments.
HMAC
HASHED MESSAGE AUTHENTICATION CODE
Cryptographics hash function that uses a symmetric key value and is used for data integrity and data origin authentication.
Hierarchical Data Model
Combines records and fields that are related in a logical tree structure.
High Availability
Refers to a system, component, or environment that is continuously operational.
High-Level languages
Otherwise known as third-generation programming languages, due to their refined programming structures, using abstract statement.
Honeypots
Systems that entice with the goal of protecting critical production systems. If two or more honeypots are used together, this is considered a honeynet.
Hot site
Fully configured with hardware, software, and environmental needs. It can usually be up and running in a matter of hours. It is the most expensive option, but some companies cannot be out business longer than a day without very detrimental results.
HTTPS
A combination of HTTP and SSL/TLS that is commonly used for secure internet connections and e-commerce transactions.
Hybrid Cryptography
Combined use of symmetric and asymmetric algorithms where the symmetric key encrypts data and an asymmetric key encrypts the symmetric key.
Hybrid Microkernel Architecture
Combination of monolithic and microkernel architectures.
The microkernel carries out critical operating system functionality, and the remaining functionality is carried out in a client/server model within kernel mode.
Hypervisor
Central program used to manage virtual machines within a simulated environment.
IEEE 80.21AE
MACSec
Standard that specifies a set of protocols to meet the security requirements for protecting data traversing Ehternet LANs
