Terms Deck 6 Flashcards
password cracker
A software utility that allows direct testing of user logon password strength by conducting brute-force password tests.
MITRE ATT&CK
A knowledge base and framework of different attack techniques to understand and defend against an attacker.
cyber kill chain
A framework that is used to track the steps or phases that an attacker goes through as part of an intrusion.
disaster recovery planning (DRP)
A plan that spells out actions to be taken in case a business is hit with a natural or human-caused disaster.
business continuity planning (BCP)
A plan that describes a long-term systems and services replacement and recovery strategy, designed for when a complete loss of facilities occurs. A business continuity plan prepares for automatic failover of critical services to redundant offsite systems.
continuity of operations planning (COOP)
An initiative issued to ensure that government departments and agencies are able to continue operation in case of natural, human-caused, or technological threats and national security emergencies.
SIEM dashboard
A set of tools that collects, correlates, and displays data feeds that support response activities.
syslog
A system logging protocol used to send logs or messaging events to a server.
chain of custody
The documentation of all transfers of evidence from one person to another, showing the date, time, reason for transfer, and signatures of both parties involved in the transfer. Chain of custody also refers to the process of tracking evidence from a crime scene to the courtroom.
order of volatility
In the evidence collection process, collection that occurs from the most volatile component to the least volatile.
e-discovery
The discovery process for electronically stored information.
preventive control
A control that attempts to prevent unwanted events by inhibiting the free use of computing resources.
detective control
A control that warns that physical security measures are being violated.
corrective control
A control that is reactive and provides measures to reduce harmful effects or restore the system being impacted.
deterrent control
A control that is intended to discourage individuals from intentionally violating information security policies or procedures.
compensating control
An alternative control that is intended to reduce the risk of an existing or potential control weakness.
physical control
A control that forms the outer line of physical defense against direct access to data.