Vocabulary1 Flashcards
availability
ensures that information is available when needed
Coaxial
network cabling that has an inner copper core separated by an insulatro from a metallic braid or shield
live forensics
Live forensics Taking a binary image of physical memory, gathering details about running processes, and gathering network connection data.
CPPT
Continuity Planning Project Team?A team comprised of stakeholders within an organization that focuses on identifying who would need to play a role if a specific emergency event were to occur.
IDL
Interface Definition Language?Used by CORBA objects to communicate.
Constrained user interface
Presents a user with limited controls on information, such as an ATM keypad.
Data owner
A management employee responsible for ensuring that specific data is protected.
circumstantial evidence
evidence that serves to establish the circumstances related to particular points or even other evidence
BCP
business continuity plan: long-term plan to ensure the continuity of business operations
baselining
the process of captureing a point-in-time understanding of the current system security configuration
Database view
The result of a database query.
method
Method The function performed by an object.
Diffusion
The order of the plaintext should be dispersed in the ciphertext.
lumen
Lumen The amount of light one candle creates.
honeypot
Honeypot A system designed to attract attackers.
circuit-level proxy
proxy firewall that operates at layer 5
COM
Component Object Model: locates and connects objects locally
Decryption
Converts a ciphertext into plaintext.
Consistency testing
See Checklist testing.
Artificial Intelligence
science of programming electronic computers to “Think” more intelligently, sometimes mimicking the ability of mammal brains
background check
verification of a persons background and experience; also called pre-employment screening
CIRT
Computer Incident Response Team: team that performs incident handling
DSSS
Direct Sequence Spread Spectrum?Uses the entire wireless band at once.
link state
Link state Routing protocols that factor in additional metrics for determining the best route, including bandwidth.
agile software development
flexible software development model that eveolved as a reaction to rigid software development modes such as the waterfall model
Coupling
OOP concept that connects objects to others; highly coupled objects have low cohesion.
entitlements
Entitlements The permissions granted to a user.
knowledge base
Knowledge base Expert system component that consists of ?if/then? statements.
mesh
Mesh Physical network topology that interconnects network nodes to each other.
bottom-up programming
starts with lo-level technical implementation details and works up to the concept of the completed program
ad hoc mode
802.11 peer-to-peer mode with no central AP
graham-denning model
Graham?Denning model Has three parts: objects, subjects, and rules; it provides a more granular approach for interaction between subjects and objects.
entrapment
Entrapment A legal defense where the defendant claims an agent of law enforcement persuaded the defendant to commit a crime that he or she would otherwise not have committed.
genetic programming
Genetic programming Creating entire software programs (usually in the form of Lisp source code) via Darwinian evolution principles.
authorization
actions an individual can perform on a system
lattice-based access controls
Lattice-based access controls Nondiscretionary access control with defined upper and lower bounds implemented by the system.
Black box software testing
gives the tester no internal details; the software is treated as a black box that receives inputs
Caller ID
identifies the calling phone number; sometimes used as a weak authentication method
FDDI
FDDI Fiber Distributed Data Interface?Legacy LAB technology that uses light.
E3
16 E1s.
fitness function
Fitness function Genetic algorithm concept that assigns a score to an evolved algorithm.
Control unit
CPU component that acts as a traffic cop, sending instructions to the ALU.
EAP-FAST
EAP?Flexible Authentication via Secure Tunneling?Designed by Cisco to replace LEAP.
802.11i
first 802.11 wireless security standard that provides reasonable security
DAD
Disclosure, Alteration, and Destruction?The opposite of confidentiality, integrity, and availability.
entity integrity
Entity integrity Requires that each tuple has a unique primary key that is not null.
bluetooth
802.15 networking, a PAN wireless technology
Depth of field
The area that is in focus.
Binary image
bit-level copy of memory
DAC
Discretionary Access Control?Gives subjects full control of objects they have been given access to, including sharing the objects with other subjects.
bytecode
machine-indecednet interpreted code, used by Java
ARM
asynchronous Response Mode: HDLC mode where secondary nodes may initiate communication with the primary
baseline
uniform ways to implement a safeguard; an administrative control
Data warehouse
A large collection of data.
Database
A structured collection of related data.
full disclosure
Full disclosure The controversial practice of releasing vulnerability details publicly.
combinatorial software testing
black box testing method that seeks to identify and test all unique combinations of software inputs
DCE
Data Circuit-Terminating Equipment?A device that networks DTEs, such as a router.
BGP
Border Gateway Protocol: routing protocol used on the internet
MPLS
MPLS Multiprotocol Label Switching?Provides a way to forward WAN data via labels.
facial scan
Facial scan Biometric control compares a picture of a face to pictures stored in a database.
Impact
The severity of damage, sometimes expressed in dollars (value).
Dictionary attack
Password cracking method that uses a predefined list of words, like a dictionary, running each word through a hash algorithm.
ADSL
Asymmetric Digital Subscriber Line–DSL featuring faster download speeds than upload
COBIT
Control Objectives for Information and Related Technology: a control framework for employing information security governance best practices w/in an org
genetic algorithms
Genetic algorithms Creating computer algorithms via Darwinian evolution principles.
IKE
Internet Key Exchange?Manages the IPsec encryption algorithm.
Diskless workstation
Computer systems that contains CPU, memory, and firmware but no hard drive; type of thin client.
DNS
Domain Name System?A distributed global hierarchical database that translates names to IP addresses, and vice versa.
Copyright
Type of intellectual property that protects the form of expression in artistic, musical, or literary works.
IPv6 autoconfiguration
IPv6 autoconfiguration Autoconfiguration of a unique IPv6 address, omitting the need for static addressing or DHCP.
clipper chip
(failed) 1993 Escrowed Encryption Standard (EES) which used the skipjack algorithm
Direct evidence
Testimony provided by a witness regarding what the witness actually experienced.
Context-dependent access control
Adds additional criteria beyond identification and authentication; the context of the access, such as time.
IGP
Interior Gateway Protocol.
mirroring
Mirroring Complete duplication of data to another disk, used by some levels of RAID.
ARPAnet
predecessor to the Internet
Clearance
determinateino, typically made by a senior security professional, about whether or not a user can be trusted with a specific level of information
fraggle attack
Fraggle attack Smurf attack variation that uses UDP instead of ICMP.
MAC (Access Control)
MAC (access control) Mandatory Access Control?System-enforced access control based on subjects? clearances and objects? labels.
Bell-LaPadula
security model focused on maintaining the confidentiality of objects
Distance vector
Routing protocol that uses a simple metric, such as hop count.
minutiae
Minutiae Specific fingerprint details that include whorls, ridges, bifurcation, and others.
CCM
Capability maturity model: maturity framework for evaluating and improving the software development process
DDL
Data Definition Language?Used to create, modify, and delete tables.
Develop the contingency planning policy statement.
First step of the NIST SP 800?34 contingency planning process.
hebern machines
Hebern machines Class of cryptographic devices known as rotor machines, includes Enigma and SIGABA.
Diffie?Hellman key agreement protocol
Key agreement that allows two parties to securely agree on a symmetric key via a public channel with no prior key exchange.
Contraband check
Seeks to identify objects that are prohibited from entering a secure perimeter (such as an airplane).
hacktivist
Hacktivist Hacker activist; someone who attacks computer systems for political reasons.
authroization creep
occurs when employees not only maintain old access rights but also gain new ones as they move from one division to another within an organization
asymmetric encryption
encryption that uses 2 keys–one to encrypt, one to decrypt
Ethics
Ethics Doing what is morally right.
Integration Testing
Integration testing Testing multiple software components as they are combined into a working system.
HDLC
HDLC High-Level Data Link Control?The successor to SDLC.
Callback
modem-based authentication system
application layer proxy
proxy firewall that operates up to layer 7
lock picking
Lock picking The art of unlocking a lock without a key.
“Bad” blocks/clusters/sectors
good disk blocks marked as bad
buffer overflow
condition where an attacker can insert data beyond the end of a buffer variable
Hierarchical database
Hierarchical database Database that forms a tree.
AES
Advanced Encryption Standard: block cipher using 128- 192- or 256-bit keys to encrypt 129-bit blocks of data
CPU
Central Processing Unit?The ?brains? of the computer, capable of controlling and performing mathematical calculations.
color of law
acting on the authority of law enforcement
administrative Controls
implemented by creating and following organizational policy, procedure, or regulation; also called directive controls
BS-25999
continuity standard by the British Standards Institute
book cipher
cyptographic method that uses whole words from a well-known text such as a dictionary as a one-to-one replacement for plaintext
Conduct the Business impact Analysis (BIA)
second step of NIST SP 800-34 contingency planning process
Defense in depth
Application of multiple safeguards that span multiple domains to protect an asset.
Heresay
Hearsay Second-hand evidence.
Degaussing
Destroying the integrity of the magnetization of the storage media, making the data unrecoverable.
Data link layer
Layer 2 of the OSI model; handles access to the physical layer as well as local area network communication.
IPv6
IPv6 Internet Protocol version 6, the successor to IPv4?IPv6 features far larger address space, simpler routing, and simpler address assignment.
first sale doctrine
First sale doctrine Allows a legitimate purchaser of copyrighted material to sell it to another person.
Inheritance
Inheritance Objects inherit capabilities from their parent class.
BCP/DRP project manager
the key POC for ensuring that a BCP/DRP is not only completed but routinely tested
CHAP
challenge Handshake Authentication Protocol: a more secure network authentication protocol that uses a shared secret
FDE
FDE Full Disk Encryption?Also called whole disk encryption.
hubrid attack
Hybrid attack Password attack that appends, prepends, or changes characters in words from a dictionary.
flash memory
Flash memory A specific type of EEPROM, used for small portable disk drives.
full backup
Full backup An archive of all files.
fiber optic network cable
Fiber optic network cable Uses light to carry information.
footcandle
Footcandle One lumen per square foot.
MTTR
MTTR Mean Time to Repair?Describes how long it will take to recover a failed system.
CSIRT
Computer Security Incident Response Team?The group that is tasked with monitoring, identifying, and responding to security incidents.
Cipher
a cryptographic algorithm
enrollment
Enrollment The process of enrolling with a system (such as a biometric authentication system), creating an account for the first time.
GAN
GAN Global Area Network?A global collection of WANs.
legal liability
Legal liability Liability enforced through civil law.
compartmentalization
technical enforcement of need to know
Cryptography
Science of creating messages whose meaning is hidden.
analog
communication that sends a continuous wave of information
Cohesion
OOP concept that describes an independent object; objects with high cohesion have low coupling
DES
Data Encryption Standard?A symmetric block cipher using a 56-bit key and 64-bit block size.
* Integrity Axiom
* Integrity axiom Biba property that states ?no write up.?
Cryptographic protocol governance
Describes the process of selecting the right cipher and implementation for the right job.
EF
Exposure Factor?The percentage of value an asset lost due to an incident.
CMP
crisis management plan
IDS
Intrusion Detection System?A detective technical control.
ISAKMP
ISAKMP Internet Security Association and Key Management Protocol?Manages the IPsec Security Association process.
confidentiality
seeks to prevent the unauthorized disclosure of information
full knowledge
Full knowledge test A penetration test where the tester is provided with inside information at the start of the test.
Clark-Wilson model
real-world integrity model that protects integrity by having subjects access objects via programs
bridge
layer 2 device that has two ports and connnects network segments together
Interpreted code
Interpreted code Code that is compiled on the fly each time the program is run.
MAN
MAN Metropolitan Area Network?Typically confined to a city, a Zip Code, or a campus or office park.
Biba
security model focused on maintaining the integrity of objects
COOP
Continuity Of Operations Plan?A plan to maintain operations during a disaster.
Diameter
Successor to RADIUS; designed to provide an improved authentication, authorization, and accounting (AAA) framework.
boot sector virus
virus that infects the boot sector of a PC; the virus loads upon system startup
hash function
Hash Function One-way encryption using an algorithm and no key.
ANN
artificial Neural Networks: networks that simulate neural networks found in humans and animals
HIDS
HIDS Host-based intrusion detection system?A detective technical control.
MIC
MIC Message Integrity Check?Integrity protocol used by WPA2.
MODEM
Modem Modulator/demodulator?Takes binary data and modulates it into analog sound that can be carried on phone networks.
collection limitation principle
OECD privacy guideline principle that states that personal data collection should have limits and that data should be obtained in a lawful manner with the individuals knowledge and approval
hot site
Hot site A backup site with all necessary hardware and critical applications data mirrored in real time.
Inference Engine
Inference engine Expert system component that follows the tree formed by the knowledge base and fires a rule when there is a match.
CORBA
Common Object Request Broker Architecture?An open, vendor-neutral networked object broker framework.
monolithic
Monolithic kernel A statically compiled kernel.
EGP
Exterior Gateway Protocol.
Active-active cluster
involves multiple systems, all of which are online and actively processing traffic or data
Differential backup
An archive of any files that have been changed since the last full backup was performed.
keyboard
Keyboard unit The external keyboard.
ABM
Asynchronous Balanced Mode: HDLC combined mode where nodes may asct as primary or secondary initiaint transmissions w/o receiving permission
BRP
business recovery plan: details steps required to restore normal business operations after recovering from a disruptive event. Aka business resumption plan
IRC
IRC Internet Relay Chat?A global network of chat servers and clients.
Bayesian filtering
uses mathematicla formulas to assign probabilities to make decisions such as identifying spam
Covert channe
l Any communication that violates security policy.
DSL
Digital Subscriber Line?Uses existing copper pairs to provide digital service to homes and small offices.
MTU
MTU Maximum Transmission Unit?The maximum PDU size on a network.
802.11b
Wireless standard 11 Mbps 2.4 GHz
MTD
MTD Maximum Tolerable Downtime?The total time a system can be inoperable before an organization is severely impacted.
CIRP
Cypber Incident Response Plan: plan designed to respond to disruptive cyber events, including network-based attacks, worms, computer viruses, Trojan Horses, etc
Dynamic password
Password that changes at regular intervals.
IP
IP Internet Protocol; includes IPv4 and IPv6.
ISO/IEC-27031
ISO/IEC-27031 Draft business continuity guideline that is part of the ISO 27000 series.
MAC (telecommunications)
MAC (telecommunications) Media Access Control?Layer 2 protocol that transfers data to and from the physical layer.
commandments of computer ethics
the computer ethics institute code of ethics
Chinese wall model
model designed to avoid conflicts of interest by prohibiting one person, such as a consultant, from accessinng multiple conflight of Interest categories
Database replication
Mirrors a live database, allowing simultaneous reads and writes to multiple replicated databases by clients.
exfiltration
Exfiltration Policy-violating removal of sensitive data from a secure perimeter.
ECPA
Electronic Communications Privacy Act?Provides search and seizure protection to non-telephony electronic communications.
magnetic stripe card
Magnetic stripe card Passive device that contains no circuits; sometimes called swipe cards because they are swiped through a card reader.
baseband
network with one channel; can only send one signal at a time
ARCNET
attached Resource Computer Network: legacy LAN technology that uses tokens
Chaining
Block cipher mechanism that seeds the previous encrypted block into the next block to be encrypted
Civil Law
law that resolves disputes between individuals or organizations
Internet Layer
Internet layer TCP/IP model layer that aligns with the Layer 3 of the OSI model and describes IP addresses and routing.
CIDR
Classless Inter-Domain Routing: allows for many network sizes beyond the arbitraty stateful network sizes
BCI
business Continuity Institute
MOR
MOR Minimum Operating Requirements?Describes the minimum environmental and connectivity requirements in order to operate computer equipment.
layering
Layering Separates hardware and software functionality into modular tiers.
EOC
EOC Emergency Operations Center?The command post established during or just after an emergency event.
CSU/DSU
Channel Service Unit/Data Service Unit?DCE device.
Agents of law enforcement
private citizens carrying out actions on behalf of law enforcement
high availability cluster
High availability cluster Multiple systems that can be seamlessly leveraged to maintain the availability of the service or application being provided; also called a failover cluster.
COCOM
committee for multilateral export control: munitiions law that was in effect from ‘47-‘94. Designed to control export of criticial technologies (including crypto) to Iron Curtain countries
Executive Session planning
Executive succession planning Determining an organization?s line of succession.
CSRF
Cross-Site Request Forgery?Third-party redirect of static content within the security context of a trusted site.
encapsulation (network)
Encapsulation (network) Takes information from a higher network layer and adds a header to it, treating the higher layer information as data.
faraday cage
Faraday cage Shields enclosing objects from EMI.
configuration management
process of developing a consistnet system security confiruration that can be leveraged throughout an organization
ITIL
ITIL Information Technology Infrastructure Library?A framework for providing best services in IT service management.
maintenance hook
Maintenance hook Shortcut installed by system designers and programmers to allow developers to bypass normal system checks during development.
feedback
Feedback Stream cipher mechanism that seeds the previous encrypted bit into the next bit to be encrypted.
Criminal law
Law where the victim can be seen as society itself.
Define the classes of gates
I: residential gate designed for home use II: commercial, such as a parking garage gate III: Industril/limited access such as a large loading dock IV: Restrictued access such as prison or airport
L2F
L2F Layer 2 Forwarding?Designed to tunnel PPP.
botnet
central bot command and control network managed by humans referred to as bot herders
ACL
Access control list
EAPOL
EAP Over LAN?A Layer 2 protocol for varying EAP.
clipping level
minimum reporting threshold level
L2TP
L2TP Layer 2 Tunneling Protocol?Combines PPTP and L2F.
Access control matrix
table defining what access permissions exist between specific subjects and objects
Computer bus
primary communication channel on a computer system
802.11g
Wireless standard 54 Mbps 2.4 GHz
DBA
Database Administrator?Person responsible for the installation, configuration, upgrade, administration, monitoring, and maintenance of databases.
Code of Ethics Canons
- Act honorably, honestly, justly, responsibly, and legally 3. 4. Advance and protect the profession
Change managemnt
the process of understanding, communicazting, and documenting changes
Customary law
Customs or practices that are so commonly accepted by a group that the custom is treated as a law.
ACK
TCP flag–acknowledge received data
compiler
converts source code, suce as C or Basic, and compiles it into machine code
Identification
Association of an individual.
hypervisor mode
Hypervisor mode Allows guests to operate in ring 0, controlled by a hypervisor in ring ??1.?
mandatory leave
Mandatory leave Forcing staff to take vacation or time away from the office; also known as forced vacation.
Initial
Initial Phase 1 of CMM.
Eradication
Eradication phase Incident response phase that cleans a compromised system.
Data mining
Used to search for patterns, such as fraudulent activity, in a data warehouse.
awareness
security control designeed to change user behavior
expert systems
Expert systems Seeks to replicate the knowledge and decision-making capability of human experts.
administrative law
law enacted by gov’t agencies, aka regulatory law
FTP
FTP File Transfer Protocol?Used to transfer files to and from servers.
common criteria
an internatinoally agreed upon standard for describing and testing the security of IT products
attribute
a column in a relational database table
EAP-TLS
EAP?Transport Layer Security?Uses PKI, requiring both server-side and client-side certificates.
GFS
GFS Grandfather?Father?Son?A backup rotation method.
Iris Scan
Iris scan Passive biometric scan of the iris (colored portion of the eye).
EAP Extensible Authentication Protocol
?A Layer 2 authentication framework that describes many specific authentication protocols.
emanations energy
Emanations Energy that escapes an electronic system and may be remotely monitored under certain circumstances.
enticement
Enticement Making the conditions for commission of a crime favorable for those already intent on breaking the law.
ALU
arithmetic logic unit: CPU component that performs mathematical calculations
Best practice
a consensus of the best way to protect the confidentiality, integrity, and availability of assets
CBC
cipher Block Chaining: a block mode of DS that XORs the previous encrypted block of ciphertext to the next block ofplaintext to be encrypted
Data dictionary
Contains a description of the database tables, including the schema, database view information, and information about authorized database administrator and user accounts.
Due diligence
The management of due care.
hacker
Hacker Controversial term that may mean explorer or someone who maliciously attacks systems.
managed mode
Managed mode 802.11 mode that clients use to connect to an AP.
Integrity
Integrity Seeks to prevent unauthorized modification of information.
Machine code
Machine code Software that is executed directly by the CPU.
Ethernet
Ethernet Dominant local area networking technology that transmits network data via frames.
Keyboard dynamics
Keyboard dynamics Biometric control that refers to how hard a person presses each key and the rhythm by which the keys are pressed.
allocated space
portions of a disk partition that are marked as actively containing data
Due care
Requires that key organizational stakeholders are prudent in carrying out their duties, aka the ?prudent man rule.?
backdoor
a shortcut in a systme that allows a user to bypass security checks
Cryptology
The science of secure communications.
Cipher Disk
cryptographic device that uses two concentric disks, each with an alphabet around the periphery
HAVAL
HAVAL Hash of Variable Length?A hash algorithm that creates message digests of 128, 160, 192, 224, or 256 bits in length using three, four, or five rounds.
Enigma
Enigma Rotor machine used by German Axis powers during World War II.
half duplex
Half duplex Sends or receives at one time only (not simultaneously), like a walkie-talkie.
broadband
network with multiple channles; can send multiple signals at a time, like cable tv
client-side attaks
attack where a user downloads malicious content
Intellectual property
Intellectual property Intangible property that resulted from a creative act.
ISM
ISM Industrial, Scientific, and Medical?Wireless bands set aside for unlicensed use.
bollard
post designed to stop a car, typically deployed in front of buildings
EPROM
EPROM Erasable programmable read-only memory?Memory that may be erased with ultraviolet light.
HTTPS
HTTPS Hypertext Transfer Protocol Secure?HTTP using SSL or TLS.
lock bumping
Lock bumping Attack on locks using a shaved key, which bumps the pins, allowing the lock to turn.
Digital
Communication that transfers data in bits: ones and zeroes.
CISC
Complex Instruction Set Computer: CPU instructions that are longer and more powerful
Kerberos
Kerberos A third-party authentication service that may be used to support single sign-on.
microkernels
Microkernels A modular kernel.
compensatory damages
damages provides as compensation
LCP
LCP Link Control Protocol?The initial unauthenticated connection used by CHAP.
DBMS
Database Management System?Controls all access to the database and enforces database security.
Directory path traversal
Escaping from the root of a Web server (such as /var/www) into the regular file system by referencing directories such as ?../..?.
E1
Dedicated 2.048-megabit circuit that carries 30 channels.
Identify preventive controls
Third step of the NIST SP 800?34 contingency planning process.
accreditation
the data owner’s acceptance of the risk represented by a system
Computer Fraud and Abuse Act
title 18 US Code Section 1030
Dual-homed host
Host with two network interfaces: one connected to a trusted network, and the other connected to an untrusted network.
harrison-ruzzo-ullman model
Harrison?Ruzzo?Ullman model Maps subjects, objects, and access rights to an access matrix. It is considered a variation of the Graham?Denning model.
Instance
Instance One copy of an object.
Cable Modem
provide internet access via broadband cable TV
Hold down timer
Hold-down timer Distance vector routing protocol safeguard that avoids flapping.
Cryptanalysis
The science of breaking encrypted messages (recovering their meaning).
Individual participation principle
OECD privacy guideline principle that states that individuals should have control over their data.
Crossover
Genetic algorithm concept that combines two algorithms.
Cybersquatting
Registering Internet domain names associated with another organization?s intellectual property.
collusion
an agreement betweeen two or more individuals to subvert the security of a system
hardcopy data
Hardcopy data Any data that is accessed through reading or writing on paper rather than processing through a computer system.
monoalphabetic
Monoalphabetic cipher Substitution cipher using one alphabet.
cold site
back up site with raised floor, power, utilities, and phyusical security and no configured systems or data
Field of view
Field of view The entire area viewed by a camera.
Caesar Cipher
a Rot-3 substitution cipher
Ciphertext
an encrypted message
EU Data Protection Directive
EU Data Protection Directive Privacy directive that allows for the free flow of information while still maintaining consistent protections of each member nation?s citizen?s data.
DCOM
Distributed Component Object Model?Locates and connects objects across a network.
KDC
KDC Key Distribution Center?A Kerberos service that authenticates principals.
firewall
Firewall Device that filters traffic based on Layer 3 (IP addresses) and Layer 4 (ports).
All pairs testing
aka pairwise testing
broadcast
traffic that is sent to all stations on a LAN
CSMA
Carrier Sense Multiple Access?A method used by Ethernet networks to allow shared usage of a baseband network and avoid collisions.
Develop an IT contingency plan
. Fifth step of the NIST SP 800?34 contingency planning process.
GIG
GIG Global Information Grid?The U.S. DoD global network, one of the largest private networks in the world.
asset
a resource that is valuable to an organization and must be protected
Detective controls
Controls that alert during or after a successful attack.
CCMP
Counter Mode CBC MAC protocol: used by WPA2 to create a MIC
closed source
software released in executable form; the source code is kept confidential
multicast
Multicast One-to-many network traffic, where the ?many? is preselected.
encapsulation (object)
Encapsulation (object) Contains and hides the details of an object?s method.
Application Layer
layer 7 of OSI model: where the user interfaces with the computer application – OR – TCP/IP model that combines layer 5-7 of OSI model
Chain of Custody
requires that, once evidence is acquired, full documentation be maintained regarding what the evidence is, who handled the evidence, when the evidence was handled, and where the evidence was handled
ephemeral
Ephemeral ports TCP/IP ports 1024 and higher.
encryption
Encryption Converts the plaintext to a ciphertext.
LAN
LAN Local Area Network?A comparatively small network, typically confined to a building or an area within one.
hybrid risk analysis
Hybrid risk analysis Combines quantitative and qualitative risk analysis.
Deadbolt
A rigid locking mechanism that is held in place by a key and prevents a door from being opened or fully closed when extended.
blowfish
block cipher using from 32- through 448-bit (default is 128) keys to encypt 64 bits of data
ECB
Electronic Code Book mode?The simplest and weakest mode of DES.
common law
legal system that places significant emphasis on particular cases and judicial precedent as a determinant of laws
Deterrent controls
Controls that deter users from performing actions on a system.
malware
Malware Malicious software, or any type of software that attacks an application or system.
Develop recovery strategies
. Fourth step of the NIST SP 800?34 contingency planning process.
FRR
FRR False Reject Rate?Occurs when an authorized subject is rejected as invalid; also known as a type I error.
Abstraction
hide unnecessary details from the user
extranet
Extranet A connection between private Intranets.
MD5
MD5 Message Digest 5?A hash function that creates a 128-bit message digest.
CCTV
Closed-Circuit TV: a detective device used to aid guards in detecting the presence of intruders in restricted areas
Cracker
A black hat hacker.
bus
physical network topology that connects network nodes in a string
CASE
computer Aided Software Engineering: uses programs to assist in the creation and maintenance of other ocmputer programs
ESP
ESP Encapsulating Security Payload?IPsec protocol that primarily provides confidentiality by encrypting packet data.
FIdM
FIdM Federated Identity Management?Applies single sign-on at a much wider scale, ranging from cross-organization to Internet scale.
ATM
asynchronous Transfer Mode: WAN technology that uses fixed length cells
CWR
Congestion Window Reduced?New TCP flag.
HMAC
HMAC Hashed Message Authentication Code?Provides integrity by combining symmetric encryption with hashing.
IMAP
Internet Message Access Protocol?An email client protocol.
Intranet
Intranet A privately owned network running TCP/IP.
Differential cryptanalysis
Seeks to find the difference between related plaintexts that are encrypted.
ARO
Annual Rate of Occurrence: the numgber of losses suffered per year
802.11n
wireless standard 144 Mbps 2.4/5 GHz
Ipsec
IPsec Internet Protocol Security?A suite of protocols that provide a cryptographic layer to both IPv4 and IPv6.
HIPAA
HIPAA Health Insurance Portability and Accountability Act?U.S. regulation that protects the privacy of healthcare information.
BRI
basic Rate interface: provides 2 64-K digital ISDN channels
Certificate Authority
PKI component that authenticatews the identity of a person or organization before issuring a certificate to them
FHSS
FHSS Frequency Hopping Spread Spectrum?Uses a number of small-frequency channels throughout the wireless band and ?hops? through them in pseudorandom order.
firmware
Firmware Stores small programs that do not change frequently, such as a computer?s BIOS.
collision
two or more plaintexts that share the same hash
Dumpster diving
A physical attack in which a person recovers trash in hopes of finding sensitive information that has been merely discarded in whole rather than being destroyed.
black hat
unethical hacker or researcher
DNS reflection attack
Spoofed DoS attack using third-party DNS servers.
ITSEC
ITSEC Information Technology Security Evaluation Criteria?The first successful international evaluation model.
Classful addresses
Ipv4 networks in classes A through E
4GL
Fourth generation programming language designed to increase programmer’s efficiency by automating the cation of computer programming code
DRAM
Dynamic Random Access Memory?Stores bits in small capacitors (like small batteries); less expensive but slower than SRAM.
Dynamic signatures
Biometric control that measures the process by which someone signs his or her name.
Bot
computer system running malware that is controlled by a botnet
Detection phase
Incident response phase that analyzes events in order to determine whether they might comprise a security incident.
802.1x
port-based network access control, layer 2 authentication
DoS
Denial of Service?An attack on availability.
DDoS
Distributed Denial of Service?An availability attack using many systems.
Disassembler
Attempts to convert machine language into assembly.
ECE
Explicit Congestion Notification Echo?New TCP flag.
DARPA
Defense Advanced Research Projects Agency.
CRL
Certificate Revocation List?PKI component that lists digital certificates that have been revoked.
EULA
EULA End-User License Agreement?A form of software licensing agreement.
logic bomb
Logic bomb A malicious program that is triggered when a logical condition is met, such as after a number of transactions have been processed, or on a specific date.
Electronic backups
Electronic backups Data that is stored electronically and can be retrieved in case of a disruptive event or disaster.
gross negligence
Gross negligence The opposite of due care.
Digital signature
Provides non-repudiation, which includes authentication of the identity of the signer and proof of the document?s integrity.
ISO 17799
ISO 17799 A broad-based approach for information security code of practice by the International Organization for Standardization.
Centralized Access Control
concentrates access control in one logicla point for a system or crossover
MTBF
MTBF Mean Time Between Failures?Quantifies how long a new or repaired system will run on average before failing.
Demarc
Demarcation point, where the ISP?s responsibility ends and the customer?s begins.
CCD
Charge-Coupled Discharge: a digital CCTV
microwave motion detector
Microwave motion detector Active motion detector that uses microwave energy.
DNSSEC
Domain Name Server Security Extensions?Provides authentication and integrity to DNS responses via the use of public key encryption.
FAR
FAR False Accept Rate?Occurs when an unauthorized subject is accepted as valid; also known as a type II error.
Key lock
Key lock Preventive device that requires a physical key to unlock.
confusion
the relationship between the plaintext and ciphertext should be confused (or random) as possible
Data quality principle
OECD privacy guideline principle that states that personal data should be complete, accurate, and maintained in a fashion consistent with the purposes for the data collection.
DTE/DCE
Connection that spans the demarc.
DRP
Disaster Recovery Plan?A short-term plan to recover from a disruptive event.
CTR
Counter?A stream mode of DES that uses a counter for feedback.
BOOTP
Bootstrap Protocol: used for bootstrapping via a nweork by diskless systems
account lockout
disables an account after a set number of failed logins, sometimes during a specific time period
Database journal
A log of all database transactions; should a database become corrupted, the database can be reverted to a backup copy, and then subsequent transactions can be ?replayed? from the journal, restoring database integrity.
flat file
Flat file Text file that contains multiple lines of data, each in a standard format.
HTTP
HTTP Hypertext Transfer Protocol?A protocol to transmit Web data via a network.
Crippleware
Partially functioning proprietary software, often with key features disabled; the user is typically required to make a payment to unlock the full functionality.
assembly language
low-level computer programming language with instrucctionst hat are short mnemonics that match to machine language instructions
modes of operation
Modes of operation Dedicated, system-high, compartmented, and multilevel.
Content-dependent access control
Adds additional criteria beyond identification and authentication; the actual content the subject is attempting to access.
exigent circumstances
Exigent circumstances With respect to evidence acquisition, justification for the seizure of evidence without a warrant due to the extreme likelihood that the evidence will be destroyed.
authentication
proof of an identity claim
Certification
a detailed inspection that verifies whether a system meets the documented security requirements
foreign key
Foreign key A key in a related database table that matches a primary key in the parent database.
EAP-TTLS
EAP Tunneled Transport Layer Security?Simplifies EAP-TLS by dropping the client-side certificate requirement.
business interruption testing
partial or complete failover to an alternate site
DTE
Data Terminal Equipment?A network ?terminal,? such as a desktop, server, or actual terminal.
freeware
Freeware Software that is free of charge.
compensating controls
additional security controls put in place to compensate for weaknesses in other controls
mobile sites
Mobile sites DRP backup site option that is a ?data centers on wheels,? towable trailers that contain racks of computer equipment, as well as HVAC, fire suppression, and physical security.
Kernel
Kernel The heart of the operating system, usually running in ring 0; it provides the interface between hardware and the rest of the operating system, including applications.
IaaS
IaaS Infrastructure As A Service?Provides an entire virtualized operating system, which the customer configures from the OS on up.
hypervisor
Hypervisor Software or operating system that controls access between virtual guests and host hardware.
monitor mode
Monitor mode 802.11 read-only mode used for sniffing.
antivirus software
software desinged to prevent and detect malware infections
formal access approval
Formal access approval Documented approval from the data owner for a subject to access certain objects.
DML
Data Manipulation Language?Used to query and update data stored in the tables.
lux
Lux One lumen per square meter.
circuit-switched network
network that provides a dedicated circuit or channel between two nodes
HDSL
HDSL High-Data-Rate DSL?Matches SDSL speeds using two copper pairs.
Corroborative evidence
Evidence that provides additional support for a fact that might have been called into question.
Managed
Managed Phase 4 of CMM.
Database shadowing
Two or more identical databases that are updated simultaneously.
IDEA
International Data Encryption Algorithm?A symmetric block cipher using a 128-bit key and 64-bit block size.
linear cryptanalysis
Linear cryptanalysis Known plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key.
closed system
system using proprietary hardware or software
EEPROM
Electrically Erasable Programmable Read-Only Memory?Electrically erasable memory via the use of a flashing program.
Big Bang Testing
integration testing that tests all integrated software components
Corrective controls
Controls that correct a damaged system or process.
BIOS
Basic Input/Output System: typically stored in firmware
GLBA
GLBA Gramm?Leach?Bliley Act?Requires financial institutions to protect the confidentiality and integrity of consumer financial information.
hub
Hub Layer 1 network access device that acts as a multiport repeater.
applet
small pieces of mobile code that are embedded in other software such as web browsers
multipart virus
Multipartite virus Virus that spreads via multiple vectors; also called multipart virus.
ActiveX controls
the functional equivalent of Java applets;’ they use digital certificates instead of a sandbox to provide security
Defined
Phase 3 of CMM.
Continuity of support plan
Focuses narrowly on support of specific IT systems and applications.
aggregation
mathematical attack where a user is able to use lower level access to learn restricted information
full duplex
Full duplex Two-way simultaneous transmission, like two people having a face-to-face conversation.
AV
asset value: the value of a protected asset
hand geometry
Hand geometry Biometric control that uses measurements from within specific points on the subject?s hand.
Fingerprint scan
Fingerprint scan Biometric scan of the minutiae (specific details of the fingerprint).
middleware
Middleware Connects programs to programs.
Interrupt
Interrupt Indicates an asynchronous CPU event has occurred.
DMZ
Demilitarized Zone?Used to separate trusted from untrusted networks.
JSON
JSON JavaScript Object Notation?A data interchange format.
master mode
Master mode 802.11 mode used by APs.
access aggregation
the collective entitlementts granted by multiple systems to one user; can lead to authorization creep
Dynamic testing
Tests code while executing it.
Incremental backup
An archive of all files that have changed since the last backup of any kind was performed.
Checklist Testing
lists all necessary component required for successful recovery and ensures that they are, or will be, readily available should a disaster occur; also known as consistency testing
fair use doctrine
Fair use doctrine Allows someone to duplicate copyrighted material without requiring the payment, consent, or even knowledge of the copyright holder.
DHCP
Dynamic Host Configuration Protocol?Assigns temporary IP address leases to systems, as well as DNS and default gateway configuration.
active RFID
powered RFID tags that can operate via larger distances
backward chaining
expert system mode that starts with a premise and works backwards
Bastion host
any host placed on the internet that is not protected by another device
IPv4
IPv4 Internet Protocol version 4, commonly called IP?IPv4 is the fundamental protocol of the Internet.
Dual-factor authentication
See Strong authentication.
Acceptance Testing
testing to ensure that he software meets the customer’s operational requirements
HTML
HTML Hypertext Markup Language?Used to display Web content.
MAC address
MAC address Layer 2 address of a NIC.
Installation testing
Installation testing Testing software as it is installed and first operated.
HIPS
HIPS Host-based Intrusion Prevention System?Preventive device that processes information within the host.
ALE
Annualized Loss Expectancy: the cost of loss due to a risk over a year
Convergence
All routers on a network agree on the state of routing.
802.11a
Wireless standard 54 Mbps using 5 GHz
brute force attack
attck that attemptst every possible key or combination
cache memory
the fastest memory on the system; required to keep up with the CPU as it fetches and executes instructions
Containment phase
Incident response phase that attempts to keep further damage from occurring as a result of the incident.
Internet
Internet A global collection of peered networks running TCP/IP.
Disaster
Any disruptive event that interrupts normal system operations.
Custodian
Provides hands-on protection of assets.
802.11
Wireless networking standard
DEA
Data Encryption Algorithm?Described by DES.
active-passive cluster
involves devices or systems that are already in place, configured, powered on, and ready to begin processing network traffic should a failure occur on the primary
Jefferson disks
Jefferson disks Cryptographic device invented by Thomas Jefferson that used multiple wheels, each with an entire alphabet along the ridge.
guideline
Guideline A recommendation; an administrative control.
fuzzing
Fuzzing A type of black box testing that enters random malformed data as inputs into software programs to determine if they will crash.
Best evidence rule
requires use of the strongest possible evidence
civil law (legal system)
legal system that leverages codified laws or statutes to determine what is considered within the bounds of law
LAND attack
LAND attack DoS attack that uses a spoofed SYN packet that includes the victim?s IP address as both source and destination.
Fetch and execute
Fetch and execute Mechanism that allows the CPU to receive machine language instructions and execute them; also called fetch, decode, execute, or FDX.
accountability principle
OECD privacy guideline principle that states indivisuald should have the right to challenge the content of any personal data being held and can update that data
accountability
holds individuals accountable for their actions
candidate keys
any attribute (column) in the table with unique values
free software
Free software Controversial term that is defined differently by different groups. ?Free? may mean free of charge, or ?free? may mean users are free to use the software in any way they would like, including modifying it.
mantrap
Mantrap A preventive physical control with two doors; each door requires a separate form of authentication to open.
CER
crossover error rate: Describes the point where the false reject rate (FRR) and False Acept Rate (FAR) are equal
memory
Memory Volatile or nonvolatile computer storage.
motherboard
Motherboard Contains computer hardware including the CPU, memory slots, firmware, and peripheral slots such as peripheral component interconnect (PCI) slots.
AH
Authentication Header–Ipsec protocol that provides authentication and integrity for each packet of network data
commit
makes changes to a database permenant
breach notification
notification of persons whose personal data has been, or is likely to have been, compromised
asynchronous dynamic token
authentication token that is not synchronized with a central server; includes challenge-response tokens
Inference
Inference Deductive attack where a user is able to use lower level access to learn restricted information.
CFB
Cipher Feedback: stream-mode DES that is similar to block mode CBC
electronic vaulting
Electronic vaulting Batch process of electronically transmitting data that is to be backed up on a routine, regularly scheduled time interval.
LLC
LLC Logical Link Control?Layer 2 protocol that handles LAN communications.
label
Label Security level assigned to an object, such as confidential, secret, or top secret.
Java
Java An object-oriented language used not only to write applets but also as a general-purpose programming language.
forward chaining
Forward chaining Expert system mode that starts with no premise and works forward to determine a solution.
IPS
IPS Intrusion Prevention System?A preventive device designed to prevent malicious actions.
brewer-nash model
same as chinese wall model
LEAP
LEAP Lightweight Extensible Authentication Protocol?A Cisco proprietary protocol released before 802.1X was finalized.
ISDN
ISDN Integrated Services Digital Network?Provides digital service via copper pair.
Domains of trust
Access control model used by Windows? Active Directory.
