Vocab Flashcards

1
Q

AAA server

A

Used to establish secure access in a remote access vpn network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ANT

A

Wireless sensor protocol that enables communication between sensors and their controllers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Access control

A

Selective restriction of access to an asset or a system/network resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Access point

A

Used to connect devices to a wireless/wired network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Accounting

A

Method of keeping track of user actions on the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Admin Security controls

A

Management limitations, operational and accountability procedures, and other controls that ensure the security of an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AES(advanced encryption standard)

A

National institute of standards and technology (NIST) specification for the encryption of electronic data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Alert systems

A

Sends an alert message when any anomaly or misuse is detected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Alarm system

A

Draw attention when a breach occurs or an attempt is made at a breach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Alert

A

A graduated event that notifies that a particular event(or series of) has reached a set threshold and requires action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Anomaly detection

A

Detects intrusions based on fixed behavioral characteristics, of users and components within the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Anonymous proxy

A

Does not transfer info about the IP address of it’s user, hiding info about said user and their history.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Antenna

A

Converts between radio waves and electricity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Anything as a service(XaaS)

A

Cloud and remote access service that offers anything as a service based on the demands of the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Application Containers

A

Used to run a single service. Posses layered file systems and are built on top of OS container technologies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Application level gateway

A

Can filter packets at the application layer of the OSI model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Application Proxy

A

Application-level proxy that works as a proxy server and filters connections for specific services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Association

A

Process of connecting a wireless device to an AP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Asymmetric Encryption

A

Used two separate keys to carry of encryption and decryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Audit Trials

A

Set of records that provide documentary evidence of a systems activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Authentication

A

Ensures the identity of an individual is verified by the system or service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Authorization

A

Process of providing permission to access the resources or perform an action on the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Availability

A

Ensures info is available to authorized parties without any disruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Banwidth

A

The amount of info that can be broadcast over a connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Basic Service Set Identifier(BSSID)

A

Media access control (MAC) address of an access point(AP) or base station that has set up a basic service Set(BSS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Bastion Host

A

A computer system designed and configured to protect network resources from attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Behavior-based IDS

A

Behavior based intrusion detection techniques assume an intrusion can be detected by observing a deviation from normal or expected behavior of the system of users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Biometric Authentication

A

A technology which identifies human characteristics for authenticating people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Biometrics

A

An advanced and unique security technology that utilizes an individual’s physical attributes such as fingerprint, iris, face, voice, and behavior for verifying their identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Bluetooth

A

With this tech data is transfered between cell phones, computers, and other networking devices over short distances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Bollards

A

A short vertical post that controls and restricts motor vehicles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Bring your own device(BYOD)

A

A policy that allows employees to bring their devices such as laptops, smartphones, and tablets to the workplace.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Business critical data

A

Info that contains critical data to business operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

5G Cellular Communication

A

A broadband cellular network that operates at high bandwidth with low latency and provides high-speed data downloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

CCMP

A

An encryption protocol used in WPA2 for stronger encryption and authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Cellular Communication

A

Communication based on a single network tower that services devices located within it’s radius.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Centralized Authorization

A

A single database for authorizing all the network resources or applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Centralized IDS

A

In an centralized system, the data is gathered from different sites to a centralized one

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Certification authorities(CA)

A

Trusted entities that issue digital certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Choose Your Own Device(CYOD)

A

A policy where employees select their device of choice from a pre-approved list, to access company data according to the chosen access privilege of the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Ciphers

A

An algorithm for performing encryption and decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Circuit level gateway

A

Work at the session layer of the OSI model, or the TCP layer of TCP/IP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Client to client(Remote access) VPNs

A

Allow multiple hosts or clients to establish secure connections to a companies network over the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Cloud auditor

A

A party that performs an independent examination of cloud service controls to express an opinion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Cloud Broker

A

An entity that manages cloud services in terms of use, performance, and delivery, while maintaining the relationship between cloud providers and consumers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Cloud carrier

A

An intermediary that provides connectivity and transport services between CSPs and cloud consumers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Cloud computing

A

An on-demand delivery of IT capabilities where IT infrastructure and applications are provided to subscribers as a metered service over a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Cloud consumer

A

Person or organization that uses cloud computing services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Cloud data backup

A

Storing backup data on storage provided by an online backup provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Cloud layer

A

Servers hosted in the cloud accept, store and process the sensor data received from IoT gateways

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Cloud platform

A

A person or organization providing services to interested parties via network access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Cloud storage

A

A data storage medium used to store digital data in logistical pools using a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Cloud to cloud (back end data sharing) communication model

A

Extends the device to cloud communication type such that the data from IoT devices can be accessed by authorized users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Combination locks

A

It has a combination of numbers and letters, that the user must use to open the lock.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Command console

A

Provides a user interface to the administrator for the purpose of receiving and analyzing security events, alerts, and log files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Communication layer

A

(connectivity edge computing) the components of communication protocols and networks used for connectivity and edge computing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Community cloud

A

Shared infrastructure shared between several organizations from a specific community with common concerns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Company owned, Business only(COBO)

A

Refers to a policy that allows employees to use and manage the devices purchased by the organization but restrict the use of the device for business use only.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Compensating controls

A

Used as an alternative control when the intended control fails or is unavailable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Computer fraud and abuse act

A

Whoever access es a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer, and if the conduct involves an interstate or foreign communication, shall be punished under the act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Confidentiality

A

Ensures the info is not disclosed to any unauthorized persons.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Container

A

Refers to the virtualization based on the operating system, in which the kernels operating system is functionally replicated on multiple instances of isolated user space

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Container as a service

A

A cloud computing model that provides containers and clusters as a service to it’s subscribers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Containerization

A

A technique in which all personal and organizational data are segregated on a employees mobile device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Context aware authentication

A

A type of enhanced security technique that uses the contextual information of a user for enhancing data security decisions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Contraband

A

Materials banned from entering the environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Corporate owned, personally enabled(COPE)

A

Refers to a policy that enables employees to use and manage devices purchased by the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Cross-container attacks

A

Gaining access to a container and utilizing it to attack other containers of the same host or within the local network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Cryptography

A

The practice of concealing info by converting it from plain text (readable format) into cyphertext (unreadable format) using a key or encryption scheme.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

Data access control

A

Enables authentication and authorization of users access to data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

Data backup strategy

A

An ideal back up strategy involves steps ranging from selecting the right data to conducting a test data restoration drill.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Data backup

A

The process of making backup data of critical data such as physical and computer records.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

Data destruction

A

Involves destroying the data so that it cannot be recovered and used for the wrong motive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

Data encryption standard(DES)

A

Designed to encipher and decipher blocks of data consisting of 64bits under control of a 56 bit key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

Data encryption

A

Protecting information so that it becomes unreadable for an unauthorized party

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Data loss prevention(DPL)

A

A set of software products and processes that do not allow users to send confidential corporate data outside of the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

Data masking

A

Protecting information by obscuring specific areas of data with random characters or codes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Data protection act of 2018(DPA)

A

An act to make provision for the regulation of the processing of information relating to individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

Data resilience and backup

A

Making duplicates of critical data to be used for restoring and recovering purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

Data retention

A

Securing data securly for compliance or business requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

Data security

A

Involves the application of several security protocols to prevent any (un)intentional acts of data misuse, destruction, or modification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

Database honey pots

A

Employ fake databases that are vulnerable to perform database related attacks such as SQL injection and database enumeration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Decentralized authorization

A

Maintains a separate database for each resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

Demilitarized zone(DMZ)

A

A subnetwork is placed between the organizations private network such as a lan, and an outside network like the internet, and acts as another security layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Denial of service traffic signatures

A

Traffic containing certain traffic signatures that indicate a DoS attempt that floods a server with a large number of requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

Detection controls

A

Used to detect unauthorized access attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

Deterrence controls

A

Used to discourage the violation of security policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

Device layer

A

Layer of IoT that consists of hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

Device to cloud communication

A

Devices communicate with the cloud directly, rather than communicating with a client to send or receive data commands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

Device to device communication

A

Inter connected devices interact with each other through the internet, but they predominantly use protocols such as ZigBee, zwave or bluetooth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

Device to gateway communication

A

The IoT device communicates with an intermediate device called a gateway, which in turn communicates with a cloud device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

Differential data backup

A

All the data that has been changed since the last backup is copied over to the backup data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

Digital certificates

A

Allow a secure exchange of info between a sender and a reciever

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

Digital locks

A

Use fingerprint, smartcard, or pin on a keypad to unlock

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

Digital signature algorithm(DSA)

A

A federal information processing standard(FIPS) for digital signatures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

Digital Signature

A

Use of the asymmetric key algorithms to provide data integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

Dipole antenna

A

A straight electrical conductor measuring half a wavelength from end to end, and it is connected at the center of the radio frequency (RF) feed line.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

Direct-sequence spread spectrum

A

DSSS is a spread spectrum technique that multiplies the original data signature with a pseudo random noise spreading code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

Directional antenna

A

Can broadcast and receive radio waves from a single direction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

Discretionary access control(DAC)

A

Determines the access control taken by any processor of an object in order to decide the access control of an subject on that object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

Disk encryption

A

Encryption of data stored in a physical or logical disk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

Distributed IDS

A

A distributed intrusion detection system (dIDS) consists of multiple IDSs over a large network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

Docker Networking

A

This type of networking architecture is developed on a set of interfaces known as container network model (CNM). Which provides application portability across heterogeneous infastuctures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

Docker Registry Attacks

A

Gaining access to the docker Registry.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

Docker

A

An open source technology used for developing, packaging, and running applications and all it’s dependencies in the form of containers, to ensure that the application works in a seamless environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

Duel Firewall DMZ

A

The duel Firewall approach uses two firewalls to create a DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

EAP

A

The extensible authentication protocol(EAP) supports multiple authentication methods, such as token cards, kerberos and certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

Fabric virtualization

A

This level of virtualization makes the virtualization independent of the physical computer hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

EDGE

A

The EDGE is the main physical device in the IoT ecosystem that interacts with it’s surroundings and contains various components like sensors, actuators, operating systems, hardware and network, and communication capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

Face recognition

A

Compares and identifies a person on the basis of the facial features from an image or a video source.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

Electric/Electro magnetic Locks

A

A locking mechanism that operates on an electrical current.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

False-Negative (Attack -No Alert)

A

A condition that occurs when an IDS fails to react to an attack event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

Electromagnetic interface(EMI)

A

Occurs when an electronic device’s performance is interrupted or degraded due to electromagnetic radiation or conduction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

False positive (No attack- alert)

A

Occurs if an event triggers an alarm without an actual attack occuring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

Email honeypots

A

Also known as email traps. These are fake emails designed to attract fake and malicious emails from advertiser’s.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

Fences/Electric Fences/Metal Rails

A

General marks of a restricted area, controlled areas and prevent unwanted access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

Encapsulation

A

The method in which protocols have separate functions to communicate among each other by hiding the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

File system virtualization

A

Refers to virtualization at the layer where the filing system is present.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

Encryption

A

The practice of concealing information by converting a plain text(readable format) into a cypher text (unreadable format) using a key or encryption scheme.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

File level encryption

A

Encryption of data stored in files/folders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

Endpoint

A

This connects a sandbox to a network and abstracts the actual network from the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

Fingerprint scanning

A

Compares two fingerprints for verification and identification on the basis of the patterns on the finger.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

Enterprise information security policy

A

EISP drives an organizations scope and provides direction is there security policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

Firewall

A

A software or, hardware or combination of both, which is generally used to separate a protected network from an unprotected public network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

Enterprise Mobility Management(EMM)

A

Consists of tools and technologies used in an organization to secure the data in an employees personal BYOD and organizational devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

Freedom of information act (FOIA)

A

Provided the general public the right to request access to record from any federal agency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

Explicit Authorization

A

Maintains separate authorization details for each requested resource request.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
128
Q

Frequency hopping spread spectrum (FHSS)

A

Also known as frequency hopping code division multiple access(FH-CDMA), a method of transmitting radio signals by rapidly switching a carrier among many frequency channels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
129
Q

Full Data Backup

A

This is also called a normal backup. It copies all files and compresses them to save space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
130
Q

Full device encription

A

A security feature that can encrypt all the information stored on any storage medium within a mobile device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
131
Q

Full mesh VPN topology

A

In a fully meshed VPN network, all peers can communicate, with each other, making it a complex network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
132
Q

Full virtualization network

A

In this type of virtualization, the guest OS is not aware that it is running a virtualized environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
133
Q

Function as a service (FaaS)

A

This cloud computing service provides a platform for developing, running, and managing application functionalities without the complexity of building and maintaining necessary infastucture.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
134
Q

General Data Protection Regulation (GDPR)

A

Levies harsh fines against those who violate it’s privacy and security standards, with penalties reaching tens of millions of euros.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
135
Q

Hardware Firewalls

A

A dedicated stand-alone hardware device or it comes as part of a router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
136
Q

IDE

A

Integrated device electronics(IDE) allows the connection of two devices per channel. It is normally used for internal devices as the cables are large and flat.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
137
Q

Geofencing

A

A technique through which mobile application marketers use the location of the user to gather info.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
138
Q

Hardware VPNs

A

A dedicated hardware VPN application is used to connect routers and gateways to ensure communication over an insecure channel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
139
Q

IPser server

A

Enhances VPN security through the use of strong encryption algorithms and authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
140
Q

Geolocation

A

A technology that can identify the real-world geographical location of users or devices when connected to the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
141
Q

Hash-based message Authentication Code(HMAC)

A

A type of message identification code(MAC) that uses a cryptographic key along with a cryptographic hash function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
142
Q

ISM band

A

Set of frequencies for the international industrial, scientific, and medical community’s.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
143
Q

Global positioning system (GPS)

A

A radio navigation and positioning system based on satellite communication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
144
Q

Health insurance portability and accountability act(HIPAA)

A

Provides federal protections for the individually identifyable health information held by covered entities and their business associates and gives patients an array of rights to that information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
145
Q

Identity and Access Management (IAM)

A

Responsible for providing the right individual with the right information at the right time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
146
Q

Global System for Mobile Communication (GSM)

A

A universal system used for Mobile data transmission in wireless networks worldwide.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
147
Q

High-Interaction Honeypots

A

Do not emulate anything; they run actual vulnerable services or software on production systems with real OS and applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
148
Q

Identity-as-a-Service (IdaaS)

A

This cloud computing service offers authentication services to the subscribed enterprises and is managed by a third party vendor to provide identity and Access Management services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
149
Q

Government Access to Keys (GAK)

A

Refers to the statuory obligation of individuals and organizations to disclose their cryptographic keys to the government agencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
150
Q

Honeynets

A

Networks of honeypots. They are very effective in determining the entire capabilities of adversaries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
151
Q

Implicit Authentication

A

Provides access to resources indirectly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
152
Q

Gramm-leach-Bliley Act (GLBA)

A

A united states federal law that requires financial institutions to explain how they share and protect their customers private information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
153
Q

Honey pot

A

An informational system resource that is expressly set up to attract people who attempt to penetrate a organization’s network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
154
Q

Incremental data backup

A

Only files that have been changed or created after the last backup are copied to the backup media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
155
Q

Guest Machine

A

Independent instance of an operating system created by virtual machine monitor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
156
Q

Host Intrusion Detection Systems (HIDS)

A

Installed on a specific host in order to monitor, detect, and analyze events occurring on that host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
157
Q

Information assurance (IA) Principles

A

Act as enablers for an organizations security activities to protect and defend it’s network from security attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
158
Q

Host Machine

A

Real physical machine that provide computing resources to support virtual machines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
159
Q

Informational traffic signature

A

Traffic containing certain signatures that may be suspicious but might not be malicious.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
160
Q

Host based firewalls

A

Used to filter inbound/outbound traffic of a computer on which it is installed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
161
Q

Infrared (IR)

A

A wireless technology for transferring data between devices in the digital form within a short range of up to 5 m.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
162
Q

Host backup (online)

A

Also called a dynamic backup or active backup. In a hot backup, the system continues to perform the backup even when the user is using the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
163
Q

Infrastructure Network Topology

A

Devices inside a wireless network are connected through an AP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
164
Q

Hotspot

A

Places where wireless networks are available for public use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
165
Q

Infrastructure-as-a-service (IaaS)

A

Provides virtual machines and other abstract hardware and operating systems which may be controlled through a service API.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
166
Q

Hub-and-Spoke VPN Topology

A

The main organization is considered the hub, and it’s remote offices are considered the spokes.

167
Q

Integrity

A

Ensures information is not tampered with or modified by unauthorized parties

168
Q

Hybrid cloud

A

Combination of two or more clouds that remain unique entities but are bound together, thereby offering the benefits of multiple deployment models

169
Q

Internal Bastion Host

A

It can be single homed or multihomes bastion hosts

170
Q

Hybrid Intrusion Detection Systems (Hybrid IDS)

A

A combination of HIDS and NIDS

171
Q

Internet Protocol Security (IPsec)

A

A network layer protocol that ensures a secure IP level communication.

172
Q

Hybrid VPNs

A

Those with trusted VPNs as part of the secure VPNs. They implement different network components of an organization at the same time in order to confirm security at very low costs.

173
Q

Internet of things (IoT)

A

Refers to computing devices that are web enabled and have the capability of sensing, collecting, and sending data using sensors, and the communication hardware and processors.

174
Q

Hybrid Virtualization

A

The guest OS adopts the functionality of para virtualization and uses the VMM for binary translation to different types of hardware resources.

175
Q

Interval-based IDS

A

Interval based or offline analysis refers to the storage of the intrusion-related info for further analysis.

176
Q

Hypertext Transfer Protocol Secure (HTTPS)

A

Ensures secure communication between two computers over HTTP.

177
Q

Intrusion Detection and Prevention System (IDS/IPS)

A

A network security appliance that inspects all inbound and outbound network traffic of suspicious patterns that might indicate a network or system security breach.

178
Q

Hypervisor

A

An application or firmware that enables multiple guest operating systems to share a hosts resources.

179
Q

IoT device Management

A

Helps security professionals to track, monitor, and manage physical IoT devices from a remote location.

180
Q

IoT user management

A

Provide control over the users who have access to an IoT system.

181
Q

Iris Scanning

A

Analyzes the colored part of the eye suspended behind the cornea.

182
Q

Issue Specific Security Policy (ISSP)

A

Directs the audience on the usage of technology-based systems with the help of guidelines.

183
Q

Kerberos

A

A network authentication protocol that is implemented for authentication requests in computer networks.

184
Q

LEAP

A

A proprietary version of EAP developed by Cisco

185
Q

Kibernetes

A

Also known as K8s, is an open source, portable, extensible, orchestration platform developed by Google for managing containerized applications and micro servers.

186
Q

Lighting system

A

Adequate lighting should be provided inside,outside, and at the entrance of a building which helps seeing long distance during security patrols.

187
Q

Logical segmentation

A

Utilizes VLANs, which are isolated logically without considering the physical location of devices.

188
Q

Low-interaction Honeypots

A

Emulate only a limited number of services and applications of a target system or network.

189
Q

MD5

A

This algorithm takes a message of arbitrary length as an input and then outputs a 128 bit-fingerprint or message digest of the input.

190
Q

NAND flash memory

A

Provides a non-volatile storage for the RAID systems primary cache.

191
Q

OS Assisted Virtualization or Para Virtualization

A

In this type of virtualization, the guest OS is aware of the virtual experiment in which it is running and communicates with the host Machine to request for resources.

192
Q

MD6

A

Uses a merkle-tree-like structure to allow for large scale parallel computation of hashes for very long inputs.

193
Q

Near field communication (NFC)

A

Covers very short distances. It employs electromagnetic induction to enable communication between devices connected within 10m.

194
Q

OS Containers

A

Virtual environments sharing the kernal of the host environment that provides the isolated user space.

195
Q

Malware Honeypots

A

Used to trap malware campaigns or malware attempts over network infastucture.

196
Q

Network access controls

A

Offer various access control mechanisms for network devices like routers and switches

197
Q

Onject

A

An explicit resource on which an access restriction is imposed.

198
Q

Management consol

A

Interface used to access, configure, and manage the virtualization product.

199
Q

Network access server (NAS)

A

Also known as a media gateway or a remote access server(RAS). It is responsible for setting up and maintaining each tunnel in a remote access VPN.

200
Q

Off-site data backup

A

Storing data in a remote location such as a fire proof, indestructible safe.

201
Q

Management server

A

Virtualization platform components used to directly manage the virtual machines and to simplify the administration of resources.

202
Q

Network address translation(NAT)

A

Separates IP addresses Into two sets and enables lan to use these resources for internal and external traffic, respectively.

203
Q

Omnidirectional antenna

A

Radiate electromagnetic (EM) energy in all directions.

204
Q

Mandatory access control(MAC)

A

Determines the usage and access policies of users.

205
Q

Network attached storage (NAS)

A

A file based data storage service and a dedicated computer appliance shared over the network.

206
Q

Onsite data backup

A

Storing backup data at onsite data storage only.

207
Q

Mantrap

A

A security system having an entry and exit door on opposite sides, separating secure and non-secure areas.

208
Q

Network defense essentials(NDE)

A

A security program covering the fundamentals concepts of network security.

209
Q

Open system authentication

A

A null authorization, algorithm that does not verify whether it’s user or machine requesting network access.

210
Q

Mechanical locks

A

Provide an easy method to restrict unauthorized access in an organization.

211
Q

Network defense

A

To protect an organizations info, systems, and infastucture from unauthorized access, misuse, modification, service denial, or any other degredation and disruptions.

212
Q

Operating system verification

A

Enables the hardware to execute multiple operating systems simultaneously

213
Q

Medium-interaction honeypots

A

Simulate a real OS as well as applications and services of a target network.

214
Q

Network Drivers

A

These are pluggable and provide actual implemention for the functioning of the network.

215
Q

Operation

A

An action performed by a subject on an object

216
Q

Mobile Application Management (MAM)

A

A software or service that enables network defenders to secure, manage, and distribute enterprise applications on employee mobile devices.

217
Q

Network intrusion Detection System (NIDS)

A

Used to observe the traffic for any specific segment or device and recognize the occurrence of any suspicious activity on the network and application protocols.

218
Q

Orthogonal Frequency-Division Multiplexing (OFDM)

A

Method of encoding digital data on multiple carrier frequencies.

219
Q

Mobile content management (MCM)

A

Provide secure access to corporate data on tablets, smartphones, and other mobile devices.

220
Q

Network Packets

A

A unit of data transmitted over a network for communication.

221
Q

Mobile device Management (MDM)

A

Provides platforms for over-the-air or wired distribution of applications,data, and communication settings of all types for Mobile devices including mobile phones, smartphones, and tablet computers.

222
Q

Network security controls

A

The security feature that should be appropriately configured and implemented to ensure network security.

223
Q

Mobile Email Management

A

Ensure the security of corporate email infastucture and data.

224
Q

Network security Devices

A

Devices that are deployed to protect computer networks from unwanted traffic and threats

225
Q

Mobile security management

A

Involves actions and precautionary steps for securing the organizations data and mobile devices used by employees.

226
Q

Network Security Protocols

A

Implement security related operations to ensure the security and integrity of data in transit.

227
Q

Multi-cloud

A

A dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed by one primary interface to ensure long term business goals.

228
Q

Network segmentation

A

The practice of splitting a network into smaller network segments and separate groups of systems or applications from each other.

229
Q

Multi-homed Bastion Host

A

A firewall device with at least two network interfaces.

230
Q

Network sensors

A

Hardware and software components that monitor network traffic and trigger alarms if any abnormal activity is detected.

231
Q

Multi-layer security

A

Prevents access to IoT by using multi-factor authentication (MFA), transport layer security (TLS), device identity management, ect.

232
Q

Network traffic monitoring

A

A retrospective security approach that involves monitoring a network for abnormal activities, performance issues, bandwidth issues, ect.

233
Q

Multiple-input, multiple output orthogonal Frequency-Division Multiplexing (MIMO-OFDM)

A

An air interface for 4g and 5g communications.

234
Q

Network traffic signatures

A

A set of traffic characteristics such as a source/destination IP address, ports, transmission control protocol (TCP) flags, packet length, time to Live (TTL), and protocols. Signatures are used to define the type of activity on a network.

235
Q

Multiport Memory controller(MC)

A

Provides access to memory in up to 8 ports. A memory controller can be present as a separate chip or as an integrated memory.

236
Q

Network Virtualization

A

A process of combining all the available network resources and enabling security professionals to share these resources amongst the network users using a single administrative unit.

237
Q

Network

A

A collection of endpoints that have connectivity between them.

238
Q

Network-based firewalls

A

Used to filter inbound/outbound traffic from internal LAN.

239
Q

Next Generation Firewall (NGFW)

A

A third generation firewall technology that moves beyond port/protocol inspection.

240
Q

Non-Repudiation

A

Ensures that a party in communication cannot deny sending the message

241
Q

Non-routing Duel-homed Hosts

A

This type of host is completely a firewall, or a component in a multi-faceted firewall.

242
Q

Non-transparent proxy

A

Also known as explicit proxies and require client software to be configured to use the proxy server.

243
Q

Normal Traffic Signatures

A

Acceptable traffic patterns allowed to enter the network

244
Q

nvSRAM

A

The fastest non-volatile RAM in the industry with 20ns read and write access time.

245
Q

Orthogonal Frequency-Division Multiplexing (OFDM)

A

Method of encoding digital data on multiple carrier frequencies

246
Q

PEAP

A

A protocol that encapsulates the EAP within an encrypted and authenticated transport layer security (TLS) tunnel.

247
Q

RADIUS

A

Remote authentication dial-in user service(RADIUS) an authentication protocol that provides centralized Authorization, Authentication, and Accounting (AAA) for remote access servers to communicate with a cent real server.

248
Q

Packet Filtering Firewall

A

Work at the network level of the OSI model (or the IP layer of TCP/IP)

249
Q

RAID Controller

A

Manages an array of physical disk drives and presents them to the computer as logical units.

250
Q

Packet filters

A

Examine the routing info if the packets.

251
Q

RAID level 0

A

Disk striping RAID 0 deals with data performance. In this level, data is broken into sections and written across multiple drives.

252
Q

Parabolic grid antenna

A

Uses the same principles as a satellite dish, but does not have a solid dish. Consists of a semi-dish in the form of a grid of aluminum wires.

253
Q

RAID level 1

A

Disk mirroring: multiple copies of data are written on multiple drives at the same time.

254
Q

Paranoid policy

A

Forbids everything. There is a strict restriction on all company computers, whether it’s in system or network usage.

255
Q

RAID level 10

A

Blocks striped and mirrored: RAID 10 is a combination of RAID 0 (striping volume data) and RAID 1 (disk mirroring), and it’s implementation requires at least four drives.

256
Q

Password Authentication

A

A combination of a username and password to authenticate the network users.

257
Q

RAID level 3

A

Disk Striping with parity: Data is striped at the byte level across multiple drives. One drive per set is taken up for parity info.

258
Q

Password Blacklist

A

Contains a list of words that are prohibited from use as passwords because of their familiarity.

259
Q

RAID level 5

A

Block Interval Distribution Parity: The data is striped at the byte level across multiple drives, and the parity info is distributed among all member drives.

260
Q

Password Policy

A

Provides guidelines for using strong passwords for an organizations resources

261
Q

RAID level 50

A

Mirroring and stripping across multiple RAID Levels: RAID level 50 includes mirroring and stripping across multiple RAID Levels.

262
Q

Passwords and Pins

A

Basic security features used in all mobile devices.

263
Q

RC4

A

A variable key size symmetric key stream cypher with byte oriented operations, and it is based on the use of random permutation.

264
Q

Payment Card Industry Data Security Standard (PCI-DSS)

A

A proprietary information security standard for organizations that handle cardholder info for major debit, credit, prepaid, e-purse, ATM, and POS cards.

265
Q

RC5

A

A parameterized algorithm with a variable block size, variable key size, and variable number of rounds. The key size is 128 bits.

266
Q

Permissive policy

A

This policy is wide open, and only known dangerous services/attacks or behaviors are blocked.

267
Q

RC6

A

A parameterized algorithm with a variable block size, key size, and number of rounds.

268
Q

Physical Barriers

A

Restrict unauthorized persons from entering the building; always use a combination of barriers to discourage unauthorized entry.

269
Q

RFID

A

The radio frequency identification (RFID) tech uses radio frequency (RF) electromagnetic waves to transfer data for automatic identification and for tracking tags attached to objects.

270
Q

Physical Security Controls

A

Provide physical protection of the information, buildings, and all other physical assets of the organization.

271
Q

Reactive Approach

A

Consists of methods or techniques that are used to detect attacks on the target network.

272
Q

Physical security policy

A

Defines guidelines to ensure that adequate physical security measures are in place.

273
Q

Real time analytics

A

Involves analyzing IoT things and taking steps accordingly.

274
Q

Physical Security

A

Restricting physical access to the infrastructure, office premises, workstations, and employees of the organization.

275
Q

Real-time monitoring

A

Involves monitoring IoT assets, processing products, maintaining a flow, helping detect issues, and taking actions immediately.

276
Q

Physical Segmentation

A

A process for splitting a larger network into smaller physical components.

277
Q

Real time IDS

A

Gathers and monitors information from network traffic regularly.

278
Q

Platform-as-a-Service (PaaS)

A

A cloud computing service offers development tools, configuration management, and development platforms on-demand that can be used by subscribers to develop custom applications.

279
Q

Reconnaissance Traffic Signatures

A

Consist of signatures that indicate an attempt to scan the network for possible weaknesses

280
Q

Point-to-point VPN Topology

A

Any two endpoints are considered as peer devices which can communicate with each other. Any of the devices can be used to initiate the connection.

281
Q

Recovery Controls

A

These controls are used in a more serious condition to recover from security violation and restore information and systems to a persistent state.

282
Q

Point-to-Miltipoint Connection

A

(P2MP, PTMP, PMP) connection allows one-to-many connections by providing multiple paths from a single location to several other locations

283
Q

Redundant Array of Independent Disks (RAID) Tech

A

A method of combining multiple hard drives into a single unit and writing data across several disk drives, offering fault tolerance.

284
Q

Point-to-point (P2P) Connection

A

Enables secure communication between two mobile devices without data encryption.

285
Q

Reference Monitor

A

Monitors the restrictions imposed on the basis of certain access control rules.

286
Q

Policies

A

High-level statements dealing with the administrative network security of an organization.

287
Q

Reflector Antennas

A

Used for concentrating electromagnetic energy that is radiated or received at a focal point.

288
Q

Pretty Good Policies (PGP)

A

An application layer protocol which provides cryptographic privacy and authentication for network communication.

289
Q

Registry

A

Contains all images that an organization deploys

290
Q

Prevention controls

A

used to prevent unwanted or unauthorized access to resources.

291
Q

Regulatory Frameworks

A

Contain a set of guidelines and best practices

292
Q

Preventive Approach

A

Consists of methods or techniques that are used to avoid threats or attacks on the target network

293
Q

Remote wipe

A

A technique used for securing and protecting data from miscreants if a mobile device used by an employee was stolen or lost.

294
Q

Preventive controls

A

Prevent security violations and enforce various access control mechanisms.

295
Q

Removable Media Encryption

A

Prevents removable Media devices from unauthorized access

296
Q

Primary RAID Memory Cache

A

Cache is used to write the data in transition. A RAID system uses a cache to speed up I/O performance on the storage system.

297
Q

Research Honeypots

A

Research Honeypots are High-Interaction Honeypots primarily deployed by research institutes, governments, or military organizations to gain detailed knowledge about the actions of intruders

298
Q

Principle of least privilege (POLP)

A

Extends the need to know principle in providing access to a system

299
Q

Response System

A

Issues countermeasures against any intrusion that is detected

300
Q

Private cloud

A

A cloud operated infastucture operated by a single organization and implemented with a corporate firewall

301
Q

Retinal scanning

A

Analyzes the layer of blood vessels at the back of their eyes to identify the person

302
Q

Proactive approaches

A

Consists of methods or techniques that are used to make informed decisions on potential attacks in the future on the target network

303
Q

Retrospective Approaches

A

Consist of methods or techniques that examine the causes for attacks, and contain, remediate, eradicate, and recover from damage caused by the attack on the target network

304
Q

Process layer

A

Gathers info and processes the received information.

305
Q

Reverse Proxy

A

Usually situated closer to the server(s) and will only return a configured set of resources.

306
Q

Production Honeypots

A

Deployed inside the production network of the organization along with the other production servers

307
Q

Rivets-Shamir-Adleman (RSA)

A

An internet encryption and authentication system that uses a algorithm developed by Ron Rivest, Adi Shamir, and Leonard Aldeman

308
Q

Promiscuous Policy

A

Does not impose any restrictions on the usage of system resources

309
Q

RBAC

A

In a role based access control, the access permissions are available based on the access policies determined by the system.

310
Q

Protocol Anomaly Detection

A

Depends on the anomalies specific to a protocol

311
Q

RB-RBAC

A

Role based access control gives permissions to a user role dynamically based on a set of rules defined by the admin.

312
Q

Proxy servers

A

An application that serves as an intermediary when connecting with other computers

313
Q

Prudent Policy

A

Starts with all services blocked. The Network defender enables safe and necessary services individually.

314
Q

Public cloud

A

The provider makes services such as applications, servers, and data storage available to the public over the internet

315
Q

Public key infrastructure (PKI)

A

A security architecture developed for increasing the confidentiality of the information exchanged over the internet.

316
Q

Pure honeypots

A

Emulate the real production network of a target organization.

317
Q

Push Notification Services

A

A messaging feature that originates from a server and enables the delivery of data or a message from an application to a mobile device without any explicit request from the user.

318
Q

SATA

A

Serial ATA deals with hot plugging and serial connectivity. The hot plugging technique may be used to replace computer components without shutting down the system.

319
Q

TACACS+

A

Provides authentication, authorization, and Accounting (AAA) services for network communication.

320
Q

USA Patriot Act 2001

A

The purpose of the USA Patriot act is to deter and punish terrorist acts in the us and around the world and enhance law enforcement investigation tools.

321
Q

SCSI

A

Small computer system interface (SCSI) allows multiple devices to be connected to a single port at the same time.

322
Q

TKIP

A

A security protocol used in WPA as a replacement for WEP

323
Q

Unauthorized Access Traffic Signatures

A

Traffic containing certain signatures that indicate an attempt to gain unauthorized access.

324
Q

SDRAM

A

Dynamic Random Access memory (DRAM) that is synchronized with the CPU clock speed

325
Q

Technical security controls

A

Used for restricting access to devices in an organization to protect the security of sensitive data

326
Q

Universal serial bus (USB)

A

Enables wired communication for devices. It can be used for power supply and serial data transmission between devices

327
Q

SHA-1

A

Produces a 160-bit digest from a message with a maximum length of (264 - 1) bits, and it resembles the MD5 algorithm.

328
Q

The Digital Millennium Copyright Act (DMCA)

A

A united states copyright law that implements two 1996 treaties of the world intellectual property organization (WIPO).

329
Q

User Behavior Analytics (UBA)

A

The process of tracking user Behavior to detect malicious attacks, potential threats, and financial fraud.

330
Q

SHA-2

A

A family of two similar hash functions with different block sizes, namely, SHA-256, which uses 32-bit words, and SHA-512, which uses 64-bit words

331
Q

The electronic communications privacy act

A

The electronic communications privacy act and the stored wire electronic communications act are commonly refered together as the electronic communications privacy act (ECPA) of 1986.

332
Q

User identity management (IDM)

A

Deals with confirming the identity of a user, process, or device accessing the network

333
Q

SHA-3

A

Uses the sponge construction, in which message blocks are XORed into the initial bits of the state, which is then invariably permutated.

334
Q

The federal information security management act (FISMSA)

A

Provides a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support federal operations and assets.

335
Q

SOCKS Proxy

A

SOCKS, an internet Engineering Task Force (IETF) standard, is a proxy server that does not have the special caching abilities of a caching HTTP proxy server

336
Q

The Federal Information act of 2000

A

Makes provision for the discloser of information held by public authorities or by persons providing services for them to amend the data protection act of 1998 and the public records act of 1958.

337
Q

Sandbox

A

This contains the configuration of a containers network stack such as routing table, management of containers interfaces, and DNS settings.

338
Q

The Human Rights act of 1998

A

Buttresses the rights and freedoms guaranteed under the European convention of human rights.

339
Q

Sarbanes Oxley ACT (SOX)

A

Designed to protect investors and the public by increasing the accuracy and reliability of corporate disclosures.

340
Q

Transparent proxy

A

A proxy through which a client system connects to a server without it’s knowledge.

341
Q

Satellite communication (SATCOM)

A

An artificial geostationary satellite that provides services across the globe, but it is much slower.

342
Q

Transport Layer Security (TLS)

A

Ensures a secure communication between client-server applications over the internet

343
Q

Screen Lock

A

A feature in mobile devices that is used to secure data and prevent illegal access by perpetrators

344
Q

True negative (No attack- no alert)

A

A condition that occurs when an IDS identifies an activity as acceptable behavior, and the activity is acceptable

345
Q

Secure hashing algorithm (SHA)

A

Generates a cryptographically secure one-way hash; it was published by the national institute of standards and technology as a US federal Information Processing standard

346
Q

True positive (attack-alert)

A

A condition that occurs when an event is triggers an alarm and causes the IDS to react as if an attack is in progress.

347
Q

Secure hypertext Transfer Protocol (S-HTTP)

A

An application layer level protocol that is used to encrypt web communications carried over HTTP

348
Q

Turnstiles

A

Physical barrier that allows entry to one person at a time

349
Q

Secure Sockets Layer (SSL)

A

A protocol used for providing a secure authentication mechanism between two communicating applications such as a client and server.

350
Q

Two-factor authentication

A

A process where a system confirms the user identification in two steps.

351
Q

Secure VPNs

A

Networks constructed using encryption

352
Q

Secure/Multipurpose Internet Mail Extensions (S/MIME)

A

Application layer protocol which is used by sending digitally signed and encrypted email messages.

353
Q

Security Incident and Event Management (SIEM)

A

Performs real time SOC(Security Operations Center) functions like identifying, monitoring, recording, auditing, and analyzing security incidents.

354
Q

Security Monitoring

A

To address security breaches at early stages and to prevent malicious attacks on an IoT system.

355
Q

Security Policy

A

A well documented set of plans, processes, procedures, standards, and guidelines required to establish an ideal information security status of an organization.

356
Q

Security-as-a-Service (SECaaS)

A

Cloud computing model that integrates security services into corporate infastucture in a cost-effective way.

357
Q

Separation of duties (SoD)

A

Breakdown of the authentication process into various steps.

358
Q

Server virtualization

A

The logical partitioning of a servers hard drive.

359
Q

Service Set Identifier (SSID)

A

A 32-alphanumeric-character unique identifier given to a WLAN that acts as a wireless identifier of the network.

360
Q

Shared key Authentication

A

Each wireless station receives a shared secret key over a secure channel that is distinct from the 802.11 wireless network communication channels.

361
Q

Shared Responsibility

A

Security is a shared Responsibility on cloud systems l, wherein the cloud consumer and service providers have varying levels of control over the available computing resources.

362
Q

Signature Recognition

A

Also known as misuse detection, tries to identify events that indicate an abuse of the system or network resource

363
Q

Simple network management protocol (SNMP) Polling

A

Used for identifying the IP devices attached to a wired network

364
Q

Single Firewall DMZ

A

The network architecture containing the DMZ consists of three network interfaces.

365
Q

Single Sign-on (SSO) authentication

A

Allows users to access multiple applications using a single username and password

366
Q

Single homed bastion host

A

A firewall device with only one network interface

367
Q

Site to site VPNs

A

Extends the companies network, allows access of the organizations network resources from multiple locations

368
Q

Smart card authorization

A

A smart card consists of a small computer chip that stores personal info of the users identification

369
Q

Software firewalls

A

A software program installed on a computer, just like normal software software

370
Q

Software VPNs

A

VPN software is installed and configured on routers, servers and firewalls or as a gateway that functions as a VPN

371
Q

Software as a service (SaaS)

A

Cloud computing service offers software to subscribers on demand over the internet

372
Q

Spam honeypots

A

Specifically target spammers who abuse vulnerable resources such as open email relays and open proxies.

373
Q

Spider honeypots

A

Also called spider traps. These honeypots are specifically designed to trap we crawlers and spiders

374
Q

Standards

A

Comprise specific low-level mandatory controls or controls related to the implementation of a specific tech.

375
Q

Star topology

A

Each device on the network is connected to a central hub that manages the traffic through the network

376
Q

State full multi-layer inspection firewall

A

Combines the aspects of the other three types

377
Q

Storage area network (SAN)

A

A specialized, dedicated, and discreet high speed network that connects storage devices with high speed I/O interconnect

378
Q

Storage Device Virtualization

A

Virtualization of storage devices using techniques such as data striping and data mirroring

379
Q

Subject

A

Defined as a user or a process that attempts to access objects

380
Q

Symmetric encryption

A

Requires that both the sender and the receiver of the message have the same encryption key.

381
Q

System access controls

A

Used for the restriction of access to data according to the sensitivity of data, clearance level of users, user rights, and permissions.

382
Q

System Specific Security Policy (SSSP)

A

Directs users while configuring or maintaining a system

383
Q

VPN Concentrators

A

A network device used to create secure VPN connections

384
Q

WLAN

A

Connects users in a local area with a network. The area may range from a single room to an entire campus

385
Q

VPN Topologies

A

Specifies how the peers and networks within a VPN are connected

386
Q

WMAN

A

Accesses broadband area networks by using an exterior antenna. It is a good alternative to a fixed line network

387
Q

Vein structure Recognition

A

Analyzes thickness and location of veins to identify a person

388
Q

WPA2 Enterprise

A

Integrated EAP standards with WPA2 encryption.

389
Q

Video Surveillance

A

Refers to Monitoring activities in and around the premises using CCTV (Close Circuit Television) systems.

390
Q

WPA2

A

An upgrade to WPA, and it includes mandatory support for counter mode with cypher blocks chaining message Authentication Code protocol (CCMP), an AES-based encryption mode with strong security.

391
Q

Virtual Private Network

A

A private network constructed using public networks, such as the internet.

392
Q

WPA3

A

An advanced implementation of WPA2 providing trailblazing protocols and uses the AES-GCMP encryption algorithm.

393
Q

Virtualization

A

Refers to a software-based virtual representation of an IT infastucture that includes network, devices, applications, storage, ect.

394
Q

WPAN

A

Interconnects devices positioned around an individual, in which the connections are wireless. It has a very short range.

395
Q

Voice Recognition

A

Identifies a person based on voice and speech patterns.

396
Q

WWAN

A

Covers an area larger than the WLAN. It can cover a particular region,nation,or a globe.

397
Q

Warm backup (Nearline)

A

The system updates are turned on to receive periodic updates.

398
Q

Warning signs

A

Used to ensure someone does not inadvertently intrude on any restricted areas

399
Q

Wi-Fi protected access (WPA)

A

An advanced encryption protocol using TKIP and message integrity check(MIC) to provide strong encryption and authentication

400
Q

Wi-Fi

A

Radio waves or microwaves to allow electronic devices to exchange data or connect over the internet

401
Q

WiMAX

A

The worldwide interoperability for microwave access (WiMAX) tech uses long range wireless networking and high speed internet

402
Q

Windows Information Protection (WIP)

A

WIP has an endpoint data loss prevention (DLP) capability that can be helpful in protecting local data at rest on endpoint devices

403
Q

Wired equivalent privacy (WEP)

A

A security protocol defined by the 802.11b standard; it was designed to provide wireless LAN with a level of security and privacy comparable to that of a wired LAN

404
Q

Wired Network Scanning

A

Wired network scanners such as Nmap are used for identifying a large number of devices on a network by sending specifically crafted TCP packets to the device (Nmap-TCP fingerprinting).

405
Q

Wireless bridge

A

Connects multiple LANs at the medium access control (MAC) layer.

406
Q

Wireless Gateways

A

A key component of a wireless network. It is a device that allows Internet-enabled devices to access the network.

407
Q

Wireless Modem

A

A device that allows PCs to connect to a wireless network and access the internet connection directly with the help of an ISP.

408
Q

Wireless network cards (NIC)

A

Cards that locate and communicate to an AP with a powerful signal, giving network access to users.

409
Q

Wireless Networks

A

Use radio frequency (RF) signals to connect wireless-enabled devices to a network

410
Q

Wireless Repeater (range expanders)

A

The device retransmits the existing signal captured from the wireless router or an AP to create a new network.

411
Q

Wireless Router

A

A device in a WLAN which interconnects two types of Networks using radio waves to the wireless enabled devices such as computers, laptops, and tablets.

412
Q

Wireless Scanning

A

Performs an active wireless network scanning to detect the presence of wireless APs in the vicinity

413
Q

Wireless USB Adapter

A

Connects different devices to a wireless network in order to access the internet without a computer, router, or any other network device.

414
Q

Yagi antenna

A

Also called a Yagi-Uda antenna, is a unidirectional antenna commonly used in communications using the frequency band from 10 MHz to very high frequency (VHF) and ultra-high frequency (UHF)