vocabularyO2P

Question 1

Object

Answer 1

A collection of data and a collection of methods or functions that operate on that data.

Question 2

Object

Answer 2

An entity that contains or controls data.

Question 3

OFB

Answer 3

Output Feedback is a DES mode similar to CFB, but an XOR operation is performed with a randomly generated, encrypted 64-bit, plaintext value.

Question 4

One-way Function

Answer 4

A generic function that is used for producing output values; input values cannot be exposed from those output values.

Question 5

Online Backup

Answer 5

A backup type that is performed while the Web is being accessed. The database management system manufacturer provides the utility for this type of backup.

Question 6

OOP

Answer 6

Object-oriented programming is a programming model that views a program as a collection of discrete objects.

Question 7

OR

Answer 7

A binary math operator used in cryptography in which if neither of the input values are true or one, then the output is false, if either of the input values are one, then the output is true.

Question 8

OTP

Answer 8

A One-Time Pad is a type of substitution cipher in which a random value is written on a pad and securely given to the intended recipient. The value is then used to encrypt the original message which is then sent separately. The OTP is then used to decrypt the message and is never used again. An OTP is the only known unconditionally secure cipher.

Question 9

P

Answer 9

The 3DES plaintext.

Question 10

Packet Filtering Router

Answer 10

The oldest and most common firewall architecture in which a firewall is placed between the trusted and untrusted networks and uses ACLs to filter the packets.

Question 11

Packet Sniffer

Answer 11

A troubleshooting tool used on a network to examine packets and to isolate problems that could degrade the performance of the network.

Question 12

Parallel Test

Answer 12

The second step of a DRP test that enables full processing functionality at an alternate site.

Question 13

Patent

Answer 13

A property right granted by the U.S. government that protects the inventors right to exclusive control of the creation and distribution of an invention. To warrant a patent, the invention must be new, useful, and nonobvious. A patent lasts for 20 years and is non-renewable.

Question 14

PEM

Answer 14

Privacy Enhanced Mail is a cryptography protocol that is a secure e-mail standard which specifies how to encrypt and exchange e-mail between different clients.

Question 15

Penetration Testing

Answer 15

A legal hacking process of pretending to be a hacker, scanning and probing the systems to see if it can be accessed. A coordinated set of attacks to judge the vulnerability of a system.

Question 16

Phreaks

Answer 16

A cracker whose main goal is to compromise telephone company systems in order to obtain free long distance services.

Question 17

Physical Access Control

Answer 17

Physical implements such as hardware, a fence, or a locked door that stand between an attacker and the information system.

Question 18

Physical Access Controls

Answer 18

Controls which limit physical access to hardware.

Question 19

Physical Data Flow

Answer 19

The manner in which data messages actually travel down the OSI stack on a source machine, across the physical media, and up the OSI stack on the target machine.

Question 20

Physical Layer

Answer 20

The layer of the ISO/OSI reference model that is completely hardware-oriented. The physical layer takes packets that come in to the data-link layer and transmits a bit stream to a physical medium which is where the actual connection to the wire takes place.

Question 21

Physical Preventative Control

Answer 21

A control, such as a badge or access card, which stops something before it occurs.

Question 22

Physical Security

Answer 22

A device that protects an organizations assets from physical threats.

Question 23

Pipelining

Answer 23

The process which allows multiple actions to occur at a single time inside of the execution cycle.

Question 24

Plaintext

Answer 24

The original, readable message that the receiver will see in the end.

Question 25

Polyinstantiation

Answer 25

A process that allows multiple database objects to exist with the same key to avoid interference. This avoids disclosure of existence.

Question 26

Polymorphic Virus

Answer 26

A virus that modifies itself as it travels from system to system.

Question 27

POP

Answer 27

Point of presence is a specific point at which a user may connect using a local telephone to a wide area network.

Question 28

POP3

Answer 28

Post Office Protocol 3 is a component used to read and store messages.

Question 29

Port Scanning

Answer 29

An attack in which an automated query is performed on each port to see if it responds. If the port responds and is active, it generally will contain information about the software listening in on the port.

Question 30

POTS

Answer 30

Plain Old Telephone Service is a dial-up method using a modem to establish a connection between the users computer and the remote system. The connection speed is generally no more than 56 KB.

Question 31

PPP

Answer 31

Point-to-Point Protocol provides router-to-router and host-to-network connections in both synchronous and asynchronous circuits.

Question 32

PPTP

Answer 32

Point-to-Point Tunneling Protocol is an extension of PPP that was designed by Microsoft to enable secure data transfer between a remote client and a VPN server.

Question 33

Presentation Layer

Answer 33

The layer of the ISO/OSI reference model that provides data representation between systems, and provides the interface between the raw format of the data sent between machines and presentation of message types with an application response. The presentation layer provides text formatting, display, and code conversion.

Question 34

PRI

Answer 34

The Primary Rate Interface is an ISDN type that contains twenty-three 64-KB channels and one 16-KB channel.

Question 35

Primary Key

Answer 35

A candidate key that is used to uniquely identify a record and is used to reference a table, fetch data from a table, and enforce referential integrity.

Question 36

Primary Memory

Answer 36

Memory that is available to the CPU. Primary memory is commonly referred to as RAM or real memory.

Question 37

Privileged Mode

Answer 37

The operating mode with no protection from faulty or malicious code. The full instruction set is available.

Question 38

Process Isolation

Answer 38

A security control architecture where each process is confined to its own memory place. This ensures that no process can access memory outside of its own space constraint.

Question 39

PROM

Answer 39

Programmable read-only memory is read-only memory which is shipped from the chip manufacturer with nothing on it. The chip becomes ROM after it has been written to one time.

Question 40

Proprietary Protocol

Answer 40

A protocol that allows communication to take place only between similar machines.

Question 41

Protocol

Answer 41

A set of standards that all computers must agree upon when connected to a network. This makes it possible for each computer to talk with other computers on the network, with a minimal amount of communication breakdown.

Question 42

Prudent Man Rule

Answer 42

A rule or principle set forth by Judge Samuel Putnum to protect investors that use the services of investment advisors from poor or shady investments.

Question 43

Pseudo Flaw

Answer 43

An attack in which a fake vulnerability is introduced and used to entice attackers away from sensitive information.

Question 44

Purple Machine

Answer 44

A famous Japanese encryption machine that was broken by United States mathematicians during WW2.