vocabularyC Flashcards
CA
A certificate authority is a neutral third party that offers notarization services for digital certificates.
Cable Modem
A high-speed Internet access technology that uses the same physical medium as cable TV delivery.
Cache Memory
Small, high-speed area of memory on the CPU which briefly keeps accessed memory, but does not require multiple clock cycles.
Candidate Key
A collection of fields that can uniquely identify a record in a table.
CBC
Cipher Block Chaining is a DES mode that takes each block and performs an XOR operation with it, and with the preceding block, before encryption.
CCTV
Closed Circuit Television is a security device that records the physical movement of users through the system.
Centralized Authentication
Authentication type where a single identity controls all access to certain objects. It is a strict control with a single point of failure that allows for easy administration.
CER
Crossover Error Rate is the value or system based upon the point at which the FRR and the FAR cross if it were graphed. The CER allows two different biometric methods to be compared.
CFB
Cipher Feedback is a DES mode that takes the previous block of ciphertext, which is encrypted, and performs an XOR operation with the results and with current plaintext.
Checklist Test
The simplest test in which a DRP team member follows each step from the DRP checklist and provides feedback on their findings. It functions both as a test and an awareness training exercise.
Chosen Ciphertext
An attack in which the attacker decrypts portions of the encrypted message, analyzing the decrypted fragments of the message to possibly discover the key.
Chosen Plaintext
An attack in which the attacker encrypts the plaintext message, making it ciphertext, then compares it to another encrypted message to find similarities or matches.
CIA
The security triad consisting of three tenants, Confidentiality, Integrity, and Availability, combined together to make a secure system.
Cipher
The process of altering or rearranging plaintext so that it is unreadable and generating ciphertext.
Ciphertext
The message after it has been encrypted; it is only readable after it has been decrypted.
CIS
CompuServe Information Service is one of the largest online services to provide e-mail services and connection to many different database systems.
CISC
Complex instruction set computing is an instruction set design where each instruction performs multiple steps. The compilers may be simple, but performance can suffer.
CISSP
Certified Information Systems Security Professional is a vendor-neutral certification that covers ten different domains. Develops interest and proficiency in many different areas of security.
Civil Law
A body of laws that are intended to settle disputes between individuals and organizations.
Clark-Wilson Model
A security model designed in 1987 for commercial applications. It enforces integrity.
Client
A computer that requests information from servers.
Clock
A simple circuit that emits pulses at a standard frequency.
Cold Site
A data center alternative facility with basic utilities that may be used after a disaster. It is the least expensive option, but requires the most work and about 24 hours to restore operations.
Column
A group of fields positioned vertically on a datasheet.
Companion Virus
A file infector that uses the same file name as the file being attacked, but with a different extension that has a higher priority.
Computer Fraud and Abuse Act
The original law set forth by the U.S. government to address computer crime that crosses state lines. This law constitutes a crime as any unauthorized access to classified or financial information on a federal system, unauthorized access to a federal system, the use of a federal system to commit fraud, and other similar acts.
Computer Security Act
The law set forth by the U.S. government that assigns responsibility for developing standards and guidelines, provides for the promulgation of those standards, requires security plans for federal systems containing sensitive data, and requires mandatory periodic training for users of machines containing sensitive data.
Confidential
Information that requires the individual to access specific information, but requires a clearance first.
Confidentiality
Part of the security triad that protects data from unauthorized disclosure by means such as physical security or access control.
Control
A safeguard that lessens risk once a high probability of a loss has been realized.
Copyright Law
A law that protects the exclusive right of a creator to control publication and distribution of original works of authorship.
Covert Channels
A method for passing information that is not normally used for communication.
CPU
The central processing unit is the computing part of the computer, made up of the control unit and the arithmetic logic unit. It is also referred to as the processor.
Cracker
A person who attempts to compromise a system for an unauthorized purpose.
Criminal Law
A body of laws that preserve the peace and keep society safe. Criminal cases are prosecuted by the state.
Critical Path Analysis
An analysis that defines relationships between mission critical applications. This type of analysis is performed to show what must happen to stay in business.
CSMA/CD
Carrier Sense Multiple Access with Collision Detection is a protocol used to handle situations in which more than one node is transmitting at the same time, causing a collision.
CU
The control unit is outside of the CPU. It accesses and interrupts the actual instructions and directs what happens from those instructions.