vocabularyT

Question 2

TACACS

Answer 2

Terminal Access Controller Access Control System is a centralized authentication type that provides single factor authentication and authorization for direct access. The TACACS+ version implements two-factor authentication.

Question 3

Tailor Training

Answer 3

A method of training that matches the level of scope of the security training to the organizations security requirements.

Question 4

TCB

Answer 4

Trusted Computing Base is a collection of hardware, software, and controls that work together to enforce the security policy.

Question 5

TCP/IP

Answer 5

Transmission Control Protocol/Internet Protocol is a set of communication protocols developed by the U.S. Department of Defense that enables dissimilar computers to share information over a network.

Question 6

TCSEC

Answer 6

Trusted Computer System Evaluation Criteria is a book commonly referred to as the Orange Book, that was put together by the US Department of Defense in 1985 to specify categories that can be used to rate the functionality and assurance of a system.

Question 7

Technical Control

Answer 7

Pieces of software or hardware that help to secure an organizations assets.

Question 8

Terrorist Attack

Answer 8

A type of attack that attempts to alter the normal lifestyle of a group of people, generally in order to make a point. This type of attack generally targets infrastructure machines or other high-visibility entities.

Question 9

Threat

Answer 9

Any weakness that may include natural disasters, physical factors, or threats engineered by people.

Question 10

Ticket

Answer 10

A multiple component message that is sent back and forth in Kerberos. The message contains the ticket and an authentication message specifying that the subject is authenticated or that a subject has been authenticated and is valid to access a specific object.

Question 11

TOC/TOU

Answer 11

Time of check/time of use is an attack that exploits timing vulnerabilities by modifying the object between the time of check, which verifies permissions and attributes, and the time of use, which is when the object is actually used.

Question 12

Token Device

Answer 12

A small device that generates passwords based on synchronous or asynchronous query to a centralized server. An example would be a smart card.

Question 13

Token Ring

Answer 13

A network technology developed by IBM that has become the industry standard. The logical topology is always a ring and physical topology will generally be a star.

Question 14

Top Secret

Answer 14

Information that is an elevated security label and ensures the information can only be viewed by the top information gathers or users. Must have top secret clearance and must need to know the information.

Question 15

Trade Secret

Answer 15

Any intellectual property critical to a business that is not divulged to outside parties.

Question 16

Trademark

Answer 16

A word, collection of words, slogan, or logo that identifies an organization or product. A registered trademark lasts for ten years and is renewable.

Question 17

Transparency

Answer 17

An operating system-level feature that allows users to access resources without knowing whether the resource is local or remote.

Question 18

Transport Layer

Answer 18

The layer of the ISO/OSI reference model that handles end-to-end transmission integrity, accurate delivery, and quality of service. This layer is also concerned with error detection and correction.

Question 19

Transport Mode

Answer 19

A mode of IPSec operation in which VPNs are used to connect two different systems. It sends a clear text header, but an encrypted payload.

Question 20

Transposition Cipher

Answer 20

A cipher that starts off with a key word on a table. The ordinal values are listed based on a letters position in the alphabet, the plaintext message is written in a tabular form, and the individual columns are then read.

Question 21

Trap Door

Answer 21

An attack using an entry point put into the code by the developer that bypasses all access controls.

Question 22

Tree Topology

Answer 22

A LAN topology comprised of two or more bus architectures in which at least one node is connected to both buses.

Question 23

Trojan Horse

Answer 23

A program that does damage to a system but does not copy or replicate itself.

Question 24

Tunnel Mode

Answer 24

A mode of IPSec in which everything is encrypted. It is commonly used to connect two different networks

Question 25

Tunneling

Answer 25

A transmission method based on protocols that is used over the Internet. A packet based on a protocol is encapsulated in a second packet based on whatever differing protocol is needed to allow it to travel over the network.

Question 26

Turnstile

Answer 26

A type of gate that regulates the direction and capacity of the opening. A turnstile is a type of physical access control.

Question 27

Twisted Pair

Answer 27

Regular copper wire with each pair twisted around the other. This improves the signal quality and increases the length of the span between different systems.