Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
286 Cards in this Set
- Front
- Back
|
Administrative Controls |
procedures implemented to define the roles, responsibilities, policies, and administrative functions needed to manage the control environment. |
|
|
Annualized rate of occurrence (ARO) |
An estimate of how often a threat will be successful in exploiting a vulnerability over the period of a year. |
|
|
Arms Export Control Act of 1976 |
Authorizes the president to designate those items that shall be considered as defense articles and defense services and control their import and the export. |
|
|
Availability |
The principle that ensures that information is available and accessible to user when needed |
|
|
Breach |
An incident that results in the disclosure or potential exposure of data |
|
|
Compensating Controls |
Controls that substitute for the loss of primary controls and mitigate risk down to an acceptable level. |
|
|
Compliance |
Actions that ensure behavior that complies with established rules. |
|
|
Confidentiality |
Supports the principle of "least privilege" by providing the only authorized individuals, processes, or systems should have access to information on a need-to-know basis |
|
|
Copyright |
Covers the expression of ideas rather than the ideas themselves; it usually protcts artistic property such as writing, recordings, databases, and computer programs. |
|
|
Corrective: Controls |
Controls implemented to remedy circumstance, mitigate damage, or restore controls. |
|
|
Data Disclosure |
A breach for which it was confirmed that data was actually disclosed (not just exposed) to an unauthorized party. |
|
|
Detective Controls |
Controls designed to signal a warning when a security control has been breached |
|
|
Deterrent Controls |
Controls designed to discourage people from violating security directives |
|
|
Directive Controls |
Controls designed to specify acceptable rules of behavior within an organization |
|
|
Due care |
The care a "reasonable person" would exercise under given circumstances. |
|
|
Due dilligence |
Is similar to due care with the exception that it is a pre-emptive measure made to avoid harm to other persons or their property. |
|
|
Enterprise risk management |
A process designed to identify potential events that may affect the entity, risk so it is within its risk appetite, and provide reasonable assurance regarding the achievement of entity objectives. |
|
|
Export administration act of 1979 |
Authorized the president to regulate exports of civilian goods and technologies that have military applications. |
|
|
Governance |
Ensures the business focuses on core activities, clarifies who in the organization has the authority to make decisions, determine accountability for actions and responsibility for outcomes |
|
|
incident |
A security event that compromises the confidentiality, integrity, or availability of an information asset. |
|
|
Integrity |
come in town forms; making sure that information is processed correctly and not modified by unauthorized persons, and protecting information as it transits a network. |
|
|
Information security officer |
accountable for ensuring the protection of all of the business information assets from intentional and unintentional loss, disclosure, alteration, destruction, and unavailability. |
|
|
Least privilege |
Granting users only the accesses that are required to perform their job functions. |
|
|
Logical (Technical) Controls |
Electronic hardware and software solutions implemented to control access to information and information networks. |
|
|
Patent |
Protects novel, useful, and non-obvious inventions |
|
|
Physical Controls |
Controls to protect the organization's people and physical environment, such as locks, fire management, gates, and guards; physical controls may be called "operational controls" in some contexts. |
|
|
preventive controls |
Controls implemented to prevent a security incident or information breach |
|
|
Recovery controls |
Controls implemented to restore conditions to normal after a security incident. |
|
|
Recovery Time Objective (RTO) |
How quickly you need to have that applicaiton's information available after downtime has occurred. |
|
|
Recovery point objective (RPO) |
The point in time to which data must be restored in order to successfully resume processing. |
|
|
Risk |
1. A combination of the probability of an event and its consequence 2. An expectation of loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful results. |
|
|
Risk acceptance |
The practice of accepting certain risk(s), typically based on a business decision that may also weigh the cost versus the benefit of dealing with the risk in another way. |
|
|
Risk avoidance |
The practice of coming up with alternatives so that the risk in question is not realized. |
|
|
Risk mitigation |
The practice of the elimination of or the significant decrease in the level of risk presented. |
|
|
Risk transfer |
The practice of passing on the risk in question to another entity, such as an insurance company. |
|
|
Risk management |
A systematic process for identifying, analyzing, evaluating, remedying, and monitoring risk |
|
|
Single Loss Expectancy (SLE) |
Defined as the difference between the original value and the remaining value of an asset after a single exploit. |
|
|
Single Points of Failure (SPOF) |
Any single input to a process that, if missing, would cause the process or several processes to be unable to function. |
|
|
Trademark |
Any word, name, symbol, color, sound, product shape, device, or combination of these that is used to identify goods and distinguish them from those made or sold by others. |
|
|
Trade secret |
Proprietary business or technical information, processes, designs, practices, etc. that are confidential and critical to the business. |
|
|
vulnerability assessment |
determines the potential impact of disruptive events on the organizations business processes. |
|
|
Wassenaar Arrangement |
Established to contribute to regional and international security and stability by promoting transparency and greater responsibility in transfers of conventional arms and dual - use good and technologies, thus preventing destabilizing accumulations |
|
|
Categorization |
The process of determining the impact of the loss of confidentiality, integrity, or availability of the information to an organization. |
|
|
Clearing |
The removal of sensitive date from storage devices in such a way that there is assurance that the data may note be reconstructed using normal system functions or software file/date recovery utilities. |
|
|
Curie Temperature |
The critical point where a material's intrinsic magnetic alignment changes direction. |
|
|
Data classifcation |
entails analyzing the data that the organization retains, determining its importance and value, and then assigning it to a category. |
|
|
Data custodians |
Ensure important datasets are developed, maintained, and accessible within their defined specifications. |
|
|
Data modeling |
The methodology that identifies that path to meet user requirements. |
|
|
Data Remanence |
The residual physical representation of data that has been in some way erased. |
|
|
data standards |
objects, features, or items that collected, automated or affected by activities or the functions of organizations. |
|
|
Federal Information Processing Standards (FIPS) |
The official series of publications relating to standards and guidelines adopted. |
|
|
Files encryption software |
allows greater flexibility in applying encryption to specific files |
|
|
Framework core |
a set of cyber-security activities, desired outcomes, and applicable references that are common across critical infrastructure sectors. |
|
|
Framework implementation tiers |
provide context on how an organization views cyber-security risk and the processes in place to manage that risk. |
|
|
Framework profile |
Represents the outcomes based on business needs that an organization has selected from the framework categories and subcategories. |
|
|
IT Asset Management (ITAM) |
a broader discipline, adding several dimensions of management and involving a much broader base of stakeholders. |
|
|
media encryption software |
software that is used to encrypt otherwise unprotected storage media such as CDs, DVDs, USB drivers, or laptop hard drives. |
|
|
The National Checklist Program (NCP) |
The US Government repository of publicly available security checklists (or benchmarks) that provide detailed low-level guidance on setting the security configuration of operating systems and applications. |
|
|
NIST computer security division (CSD) |
Focuses on providing measurements and standards to protect information systems against threats to the confidentiality of information, integrity of information and processes, and availability of information and services in order to build trust and confidence |
|
|
Purging |
The removal of sensitive date from a system or storage device with the intent that the data cannot be reconstructed by any known technique. |
|
|
Quality Assurance (QA) |
An assessment of quality based on standards external to the process and involves reviewing of the activities and quality control processes to ensure final products meet predetermined standards of quality. |
|
|
Quality Control (QC) |
An assessment of quality based on internal standards, processes, and procedures established to control and monitor quality. |
|
|
Self-Encrypting USB Drives |
Portable USB drives that embed encryption algorithm within the hard drive, thus eliminating the need to install any encryption software. |
|
|
Abstraction |
involves the removal of characteristics from an entity in order to easily represent its essential properties. |
|
|
Access control matrix |
A two dimensional table that allows for individual subjects and objects to be related to each other |
|
|
Asymmetric Alogorithms |
One way functions, that is, a process that is much simpler to go in one direction (forward) than to go in the other direction (backward or reverse engineering) |
|
|
Address Space Layout Randomization (ASLR) |
Involves randomly arranging the positions of key data areas of a program, including the base of the executable and positions of the stack, heap and libraries in a process's memory address space. |
|
|
Aggregation |
Combining non-sensitive date from separate sources to create sensitive information |
|
|
Algorithm |
A mathematical function that is used in the encryption and decryption processes. |
|
|
Bell-La Padula Model |
Explores the rules that would have to be in place if a subject is granted a certain level of clearance and a particular mode of access. |
|
|
Brewer-Nash (THe Chinese Wall) Model |
This model focuses on preventing conflict of interest when a given subject has access to objects with sensitive information associated with two competing parties. |
|
|
Cable plant management |
The design, documentation, and management of the lowest layer of the OSI network model - the physical layer. |
|
|
Certificate Authority (CA) |
An entity trusted by one or more users as an authority in a network that issues, revokes, and manages digital certificates |
|
|
Ciphertext or Cryptogram |
The altered form of a plaintext message, so as to be unreadable for anyone except the intended recipients. |
|
|
Cloud Computing |
A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources. (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management. |
|
|
Common Criteria |
Provides a structured methodology for documenting security requirements, documenting and validating secuirty capabilites and promoting international cooperation in the area of IT security. |
|
|
Community Cloud infrastructure |
provisioned for exclusive use by a specifc community of consumers from organizations that have shared concerns. |
|
|
Confusion |
Provided by mixing (changing) the key values used druing the repeated rounds of encryption. When the key is modified for each round, it provides added complxity that the attacker would encounter. |
|
|
Control Objects for information and related technology (COBIT) |
provides a set of generally accepted processes to assist in maximizing the benefits derived using information technology (IT) and developing appropriate IT governance |
|
|
Covert Channels |
Communications mechanisms hidden from the access control and standard monitoring systems of an information system. |
|
|
Cryptanalysis |
The study of techniques for attempting to defeat cryptographic techniques and more generally, information security services. |
|
|
Crypotology |
The science that deals with hidden, disguised, or encrypted communications. It embraces communications security and communications intelligence. |
|
|
Cyber-Physical Systems (CPS) |
Smart networked systems with embedded sensors, processors, and actuators that are designed to sense and interact with the physical world and support real-time, guaranteed performance in safety-critical applications. |
|
|
data hiding |
maintains activities at different security levels to separate these levels from each other |
|
|
data warehouse |
a repository for information collected form a variety of data sources. |
|
|
Decoding |
The reverse process form encoding - converting the encoded message back into its plaintext format |
|
|
Diffusion |
provided by mixing up the location of the plaintext throughout the ciphertext. |
|
|
Digital Certificate |
An electric document that contains the name of an organization or individual, the business address, the digital signature of the certificate authority issuing the certificate, the certificate holder's public key, a serial number, and the expiration date |
|
|
Digital Rights Management (DRM) |
A broad range of technologies that grant control and protection to content provides over their own digital media. |
|
|
Digital signatures |
provide authentication of a sender and integrity of a sender's message |
|
|
Enterprise Security Architecture (ESA) |
Focused on setting the long-term strategy for security services in the enterprise |
|
|
Firmware |
The storage of programs or instructions in ROM |
|
|
Generally Accepted Principles and practices for securing information technology systems (NIST SP 800-14) |
Provides a foundation upon which organization can establish and review information technology security programs |
|
|
Graham Denning |
Primarily concerned with how subjects and objects are created , how subjects are assigned rights or privileges, and how ownership of objects is managed. |
|
|
Inference |
The ability to deduce (infer) sensitive or restricted information from observing available information |
|
|
ISO/IEC 21827:2008, The Systems Security Engineering - Capability Maturity Model (SSE - CMM) |
Describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering. |
|
|
Hash Function |
Accepts an input message o any length and generates, through a one-way operation, a fixed-length output |
|
|
Industrial control systems (ICS) |
Used to control industrial processes such as manufacturing, product handling, production, and distribution |
|
|
IT Infrastructure Library (ITIL) |
Defines the organizational structure and skill requirements of an IT organization as well as the set of operational procedures and practices that direct IT operations and infrastructure, including information security operations. |
|
|
Embedded Systems |
Used to provide computing services in a small form factor with limited processing power |
|
|
Encoding |
The action of changing a message into another format through the use of a code |
|
|
Hybrid Cloud Infrastructure |
A composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability. |
|
|
Initialization Vector (IV) |
A non-secret binary vector used as the initializing input algorithm for the encryption of a plain-text block sequence to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment. |
|
|
Key clustering |
When different encryption keys generate the same ciphertext from the same plaintext message |
|
|
Key length |
The size of a key, usually measured in bits or bytes, which a cryptographic algorithm used in ciphering or deciphering protected information. |
|
|
Key space |
Represents the total number of possible values of keys in cryptographic algorithm or other security measure, such as a password. |
|
|
Message authentication Code (MAC) |
A small block of data that is generated using a secret key and then appended to the message. |
|
|
Message Digest |
A small representation of a larger message and are used to ensure the authentication and integrity of information. |
|
|
Middleware |
A connectivity software that enables a multiple processes running on one or more machines to interact. |
|
|
Multilevel lattice models |
A security model describes strict layers of subjects and objects and defines clear rules that llow or disallow interations between them based on the layers they are in. |
|
|
Non-repudiation |
A service that ensures that sender cannot deny a message was sent and the integrity of the message is intact. |
|
|
OpenID Connect |
An inter-operable authentication protocol based on the OAuth 2.0 family of specifications |
|
|
OWASP |
A nonprofit organization focused on improving the security of software |
|
|
Paging |
Divides the memory address space into equeal-sized blocks called pages. |
|
|
Payment card industry data security standard (PCI-DSS) |
Provides the security architect with a framework of specifications to ensure the safe processing, storing, and transmission of cardholder information |
|
|
Plaintext |
The message in its natural format |
|
|
Primary Storage |
stores data that has a high probability of being requested by the CPU |
|
|
Private Cloud |
In this model, the cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers |
|
|
Protection Keying |
Divides physical memory up into blocks of particular size, each of which has an associate numerical value called a protection key |
|
|
Public Cloud Infrastructure |
Provisioned for open use by teh general public. It may be owned, manged, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. |
|
|
Registration Authority (RA) |
This performs certificate registration services on behalf of a CA |
|
|
Secondary storage |
holds data not currently being used by the CPU and is used when data must be stored for an extended period of time using high-capacity, nonvolatile storage. |
|
|
Security Assertion Markup Language (SAML) |
An XML - based standard used to exchange authentication and authorization information |
|
|
Security zone of control |
An area of grouping within which a defined set of security policies and measures are applied to achieve a specific level of security. |
|
|
Segmentation |
Dividing a computer's memory into segments |
|
|
Sherwood applied business security architecture (SABSA) Framework |
Holistic life cycle for developing security architecture that begins with assessing business requirements and subsequently creating a "chain of tractability" through the phases of strategy, concept, design, implementation, and metrics. |
|
|
State Attacks |
Attempt to take advantage of how a system handles multiple requests |
|
|
State Machine Model |
Describes the behavior of a system as it moves between one state and another, from one moment to another. |
|
|
Stream-based Ciphers |
When a cryptosystem performs its encryption on a bit-by-bit basis. |
|
|
Symmetric Alogorithms |
Operate with a single cryptographic key that is used for both encryption and decryption of the message. |
|
|
Substitution |
The process of exchanging one letter or byte for another |
|
|
System Kernel |
The cores of an OS, and one of its main functions is to provide access to system resources, which includes the systems hardware and processes |
|
|
The Open Group Architecture Framework (TOGAF) |
An architeture contect framework (ACF) to discribe standard building blocks and componets as well as numerous reference models. |
|
|
Transposition |
The process of reordering the plaintext to hide the message. |
|
|
Work Factor |
This represents the time and effort required to break a protective measure. |
|
|
Zachman Framework |
A logical structure for identifying and organizing the descriptive representations (models) that are important in the management of enterprises and to the development of the systems, both automated and manual, that comprise them. |
|
|
ActiveX Data Objects (ADO) |
A Microsoft high-level interface for all kinds of data |
|
|
Capability maturity model for software (CMM or SW-CMM) |
Maturity model focused on quality management processes and has five maturity levels that contain several key practices within each maturity level. |
|
|
Common Object Request Broker Architecture (CORBA) |
A set of standards that addresses the need for interoperablity between hardware and software products |
|
|
Computer virus |
a program written with functions and intent to copy and disperse itself without the knowledge and cooperation of the owner or user of the computer |
|
|
Configuration Management (CM) |
monitoring and managing changes to a program or documentation |
|
|
Covert Channel |
An information flow that is not controlled by a security control |
|
|
Encryption |
The conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties |
|
|
Data Mining |
The practice of examining large databases in order to generate new information |
|
|
Database management systems (DBMS) |
A suite of application programs that typically manages large, structured set of persistent data |
|
|
Database model |
describes the relationships between the data elements and provides a framework for organizing the data. |
|
|
DevOps |
an approach based on lean and agile principles in which business owners and the development, operations, and quality assurance departments collaborate. |
|
|
Log |
A record of the events occurring within an organizations systems and networks. |
|
|
Integrated prodcut and process development (IPPD) |
A management technique that simultaneously integrates all essential acquisition activities through the use of multidisciplinary teams to optimize the design, manufacturing and supprotablity processes. |
|
|
Iterative models |
development models that allow for successive refinements of requirements, design, and coding |
|
|
Knowledge discovery in databases (KDD) |
A mathematical, statistical, and visualization method of identifying valid and useful patterns in data. |
|
|
metadata |
information about the data |
|
|
Rapid application development (RAD) |
A form of rapid prototyping that requires strict time limits on each phase and relies on tools that enable quick development |
|
|
software assurance (SWA) |
The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, and that it functions in the intended manner |
|
|
Time multiplexing |
allows the operating system to provide well defined and structured access to processes that need to use resources according to a controlled and tightly manged schedule |
|
|
Time of check/Time of use (TOC/TOU) Attacks |
Takes advantage of the dependency on the timing of events that takes place in a multitasking operating system |
|
|
Trusted computing bases (TCB) |
The collection of all of the hardware, software, and firmware within a computer system that contains all elements of the system responsible for supporting the security policy and the isolation of objects. |
|
|
waterfall development model |
a development model in which each phase contains a list of activities that must be performed and documented before the next phase begins |
|
|
2011 CWE/SANS Top 25 Most Dangerous Software Errors |
A list of the most widespread and cirtical errors that can lead to serious vulnerabilites in software |
|
|
Audit records |
Contain security event information such as successful and fail authentication attempts, file accesses,security policy changes, account changes, and user of privileges. |
|
|
Architecture security reviews |
A manual review of the architecture to ensure that it fulfills the necessary security requirements. |
|
|
Automated vulnerbility scanners |
Tests an application for the use of system components or configurations that are know to be insecure. |
|
|
Condition coverage |
This criteria requires sufficient test cases for each condition in a program decision to take on all possible outcomes at least once. It differs from branch coverage only when mutliple conditions must be evaluated to reach a decision |
|
|
Data flow coverage |
This criteria requires sufficient test cases for each feasible data flow to be executed at least once |
|
|
Decision (Branch) Coverage |
Considered to be a minimum level of coverage for most software products, but decision coverage alone is insufficient for high-integrity applications. |
|
|
information security continuous monitoring |
Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions |
|
|
Intrusion detection systems (IDS) |
Real-time montoring of events as they happen in a computer system or network, using audit trail records and network traffic and analyzing events to detect potential intrusion attempts. |
|
|
Intrusion prevention systems |
Any hardware or software mechanism that has the ability to detect and stop attacks in progress. |
|
|
Loop coverage |
This criteria requires a sufficnet test cases for all program loops to be eexcuted for zero, one, two, and many iterations covering initialization, typical running, and termination conditions. |
|
|
Misuse Case |
A use case from the point of view of an actor hostile to the system under design |
|
|
Mulit-conditon coverage |
This criteria requires sufficient test cases to exercise all possible combinations of conditions in a program decision |
|
|
negative testing |
ensures the application can gracefully handle invalid input or unexpected user behavior |
|
|
Path Coverage |
This criteria requires sufficient test cases for each feasible path, basis path, etc., from start to exit of a define program segment, to be eecuted at least once. |
|
|
Positive Testing |
Determines that your application works as expected. |
|
|
Real user monitoring (RUM) |
An approach to web monitoring that aims to capture and analyze very transaction of every user of a website or applciation |
|
|
Regression Analysis |
The determination of the impact of a change based on review of the relevant documentation |
|
|
security log management |
The process for generating, transmitting, storing, analyzing, and disposing of computer security log data |
|
|
statement coverage |
This criteria requires sufficient test cases for each program statement to be executed at least once; however, its achievement is insufficient to provide confidence in a software product's behavior. |
|
|
Static source code analysis (SAST) |
Analysis of the application source code for finding vulnerabilities without actually executing the application. |
|
|
Synthetic performaance montiroing |
involves having external agents run scripted transactions again a web application |
|
|
system events |
operational actions performed by OS components, such as shutting down the system or starting a service. |
|
|
Threat modeling |
a process by which developers can understand security threats to a system, determine risks from those threats and establish appropriate mitigation. |
|
|
Use Cases |
Abstract episodes of interaction between a system and its environment |
|
|
validation |
the determination of the correctness, with respect to the user needs and requirements, of the final program or software produced from a a development project. |
|
|
verification |
the authentication process by which the biometric system matches a captured biometric against the person's stored template |
|
|
vulnerability management software |
Log the patch installation history and vulnerability status of each host, which includes know vulnerabilities and miss software updates |
|
|
web proxies |
intermediate hosts through which websites are accessed. |
|
|
White-box testing |
A design that allows one to peek inside the box and focuses specifically on using internal knowledge of the software to guide the section of test data. |
|
|
Access badges |
used to enter secured areas of a facility and are used in conjunction with a badge reader to read information stored on the badge |
|
|
Access control systems |
Physical or electornic systmes designed to control who,or what has access to a network |
|
|
Account management systems |
Systems that attempt to streamline the administration of user identity across multiple systems |
|
|
Authentication |
The process of verifying the identity of the user |
|
|
Authorization |
The process of defining the specific resources a user needs and determining the type of access to those resources the user may have |
|
|
cryptographic device |
A hardware device that contains non-programmable logic and non volatile storage dedicated to all cryptographic operations and protection of private keys |
|
|
electronic authentication (e-authentication) |
The process of establishing confidence in user identities electronically presented to an information system |
|
|
Facility access control |
protects enterprise assets and provides a history of who gained access and when the access was granted. |
|
|
identity as a Service (IDaaS) |
cloud-based services hat broker identity and access management functions to target systems on customers premises and or in the cloud |
|
|
Identity proffing |
the process of collecting and verifying information about a person for the purposes proving that a person who has requested an account, a credential, or other special privileged is indeed who he or she claims to be and establish a reliable relationship |
|
|
Kerberos |
developing standard for authenticating network users. Offers two key benefits: its funcatins in a multi-vendor network and it does not transmit passwords over the network. |
|
|
Logical access controls |
protection mechanisms that limit users access to information and restrict their forms of access on the system to only what is appropriate for them. |
|
|
MAC address |
A 48-bit number (typically represented in hexadecimal format) that is supposed to be globally unique |
|
|
Mandatory access controls (MACs) |
Access control that requires the system itself to manage access controls in accordance with the organization security policies |
|
|
multi-factor authentication |
ensures that a user is who they claim to be. The more factors used to determine a person's identity, the greater the trust of authenticity. |
|
|
password management system |
A system that manages passwords consistently acrosss the enterprise |
|
|
Physical access control systmes (PACS) |
Allows authorized security personnel to simultaneously manage and monitor multiple entry points from a single, centralized location |
|
|
RAdio Frequency identifcation (RFID) |
A non-contact, automatic identification technology that uses radio signals to identify track, sort, and detect a variety of objects including people vehicles goods and assets without the need for direct contact |
|
|
Role Based Access Control (RBAC) |
An access control model that bases the access control authorization on the roles (or functions) that the user is assigned within an organization. |
|
|
Rule-Based access control |
An access control model that based on a list of predefined rules that determine what access should be granted |
|
|
security assertion markup language 2.0 (SAML 2.0) |
a version of the SAML OASIS standard for exchanging authentication and authorization data between security domains |
|
|
single factor authentication |
involves the use of simply one of the three available factors solely in order to carry out the authentication process be requested. |
|
|
single sign-on (SSO) |
A unified login experience (from the viewpoint of the end user) when accessing one more systems |
|
|
Trusted platform modules (TPM) |
A local hardware encryption engine and secured storage encryption keys |
|
|
User ID |
provides the system with a way of uniquely identifying a particular user amongst all the users of the system |
|
|
Acoustic sensors |
device that uses passive listening devices |
|
|
administrator accounts |
Accounts that are assigned only to named individuals that require administrative access to the system to perform maintenance activities, and should be different and separate form a user's normal account. |
|
|
balanaced magnetic switch (BMS) |
devices that use a magnetic field or mechanical contact to determine if an alarm signal is initiated |
|
|
chain of custody |
The who,what,when, where, and how the evidence was handled. from its id through its entire life cycle, which ends with destruction, permanent, archiving, or returning to owner. |
|
|
Cipher Lock |
A lock controlled by touch screen, typically 5 to 10 digits that when pushed in the right combination the lock will release and allow entry |
|
|
Configuration management (CM) |
a discipline for evaluating, coordinating, approving and implementing changes in artifacts that are used to construct and maintain software systems. |
|
|
data leak prevention (DLP) |
a suite of technologies aimed at stemming the loss of sensitive inoformation that occurs in the enterprise |
|
|
Egress filtering |
The practice of monitoring and potentially restricting the flow of information outbound from one network to another |
|
|
Infrared linear beam sensors |
A focused infrared (IR) light beam is projected from an emitter and bounced off of a reflector that is placed at the other side of the detection area |
|
|
instant keys |
provide a quick way to disable a key by permitting one turn of the master key to change a lock |
|
|
Intrusion detection system (IDS) |
A technology that alerts organization to adverse or unwanted activity |
|
|
Indemnification |
The party to party litigation cost resulting from its breach of warranties |
|
|
intursion prevention system (IPS) |
a technology that monitors activity like an IDS but automatically take proactive preventative action if it detects unacceptable activity |
|
|
Honeypot |
decoy servers or systems setup to gather information regarding an attacker or intruder into your system |
|
|
Honeyfarm |
A centralized collection of honeyots and analysis tools |
|
|
Honeynet |
Two or more honeypots on a network |
|
|
Live evidence |
data that are dynamic and exist in running processes or other volatile locations (e.g. system/device RAM) that disappear in a relatively short time once that system is powered down |
|
|
Locards exchange principle |
States that when a crime is commited, the prerpetratoors leave something behind and take something with them |
|
|
magnetic stripe (mag stripe) cards |
Consist of a magnetically sensitive strip fused onto the surface of a PVC material like a credit card |
|
|
Mortise lock |
A lock or latch that is recessed into the edge of a dorr, rather than being mounted to its surface |
|
|
Power users |
Accounts granted greater privileges that normal user accounts when it is necessary for the user to have greater control over the system, but where administrative access in not required |
|
|
protocal anomaly-based IDS |
Identifies any unacceptable deviation from expected behavior based on known network protocols |
|
|
proximity card (prox card) |
user embedded antenna wires connected to a chip within the card through RF |
|
|
Records and information management (RIM) |
essential activities to protect business information and can be established in compliance with laws regulations or corporate governance |
|
|
Remance |
The measure of the exisitng magnetic field on the media after degaussing |
|
|
Rim Lock |
A lock or latch typically mounted on the surface of a door typically associated with a dead bolt type of lock |
|
|
Sandboxing |
A form of software virtualization that lets programs and processes run in their own isolated virtual environment |
|
|
Security information and event management (SIEM) |
A group of technologies which aggregate information about access controls and selected system activity to store for analysis and correlation |
|
|
service accounts |
accounts used to provide privileged access used by system services and core applications |
|
|
Smart Cards |
Credential cards with one ore more microchip processing that accepts or processes information and can be contact or contact less. |
|
|
Statiscal anamaly-based IDS |
analyses event data by comparing it to typical, known, or predicted traffic profiles in an effort to find potential security breaches. |
|
|
steganography |
the science of hiding information |
|
|
Traffic anomaly-based IDS |
Identifies any unacceptable deviation from expected behavior based on actual traffic structure. |
|
|
Time domain reflectometry (TDR) |
Send induced radio frequency (RF) signals down a cable that is attached to the fence fabric. |
|
|
Bastion hosts |
serve as a gateway between a trusted and untrusted network that gives limited, authorized access to untrusted hosts |
|
|
Bridges |
Layer 2 devices that fileter traffic between segments based on Media Access Control (MAC) addresses |
|
|
Common application service element (CASE) |
Sublayer that provides services for the application layer and request services from the session layer |
|
|
Concentrtors |
Multiplex connected devices into one signal to be transmitted on a network |
|
|
Direct-Sequence spread spectrum (DSSS) |
A wireless technology that spreads a transmission over much larger frequency band and with corresponding smaller amplitude |
|
|
Decryption |
The process of transforming encrypted data back into its original form, so it can be understood |
|
|
Fibre channel over ethernet (FCoE) |
A lightweight ecncapsulation protcoal and lacks the reliable data transport of the TCP layer |
|
|
File Transfer protocol (FTP) |
A stateful protocol that requires two communication channels |
|
|
Firewalls |
Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules |
|
|
Frequency-Hopping Spread Spectrum (FHSS) |
The wireless technology spreads its signal over rapidly changing frequencies |
|
|
Internet control message protocol (ICMP) |
provides a means to send error messages for non transient error conditions and provides a way to prob the network in order to determine general characteristics about the network |
|
|
Layer 1 |
Physical layer |
|
|
Layer 2 |
data link layer |
|
|
Layer 3 |
Network Layer |
|
|
Layer 4 |
Transport Layer |
|
|
Layer 5 |
session layer |
|
|
Layer 6 |
presentation layer |
|
|
Layer 7 |
Application Layer |
|
|
Lightweight directory access protocol (LDAP) |
A client/server - based directory query protocol loosely based upon X.50 commonly used managing user informtion |
|
|
Modems |
Allow users remote access to a network via analog phone lines |
|
|
OSI reference model |
Layering model structured into seven layers |
|
|
ping scanning |
basic network mapping technique that helps narrow the scope of an attack |
|
|
public-key encryption |
involves a pair of keys-a public key and a private key associated with an entity that need to authenticate its identity electronically or to sign or encrypt data |
|
|
Specific application service element (SASE) |
sublayer that provides applicaton specific services (protocols) |
|
|
security perimeter |
The first line of protection between trusted and untrusted networks |
|
|
Screen scraper |
a program which can extract data from output on a display intended for a hum |
|
|
Remote procuere calls (RPC) |
represent the ablity to allow for the executing of objects across hosts |
|
|
Remote authentication dial-in user service (RADIUS) |
An authentication protocol used mainly in networked environments, such as ISPs, or for similar services requiring single sign-on for layer 3 network access, for scalable authentication combined with an acceptable degree of security |
|
|
User datagram protocol (UDP) |
provides a lightweight service for connctionless data transfer without error detection and correction |
|
|
Transmission control protocol (TCP) |
provides connect-oriented data management and reliable data transfer |
|
|
Traceroute |
A diagnostic tool that displays the path a packet traverses between a source and destination host |
|
|
TCP/IP or Department of Defnese (DoD) model |
layering model structured into four layers (link, network, transport, application) |
|
|
Spread spectrum |
a method commonly used to module information into the manageable bits that are sent over the air wirelessly |
|
|
Wireless metropolitan area networks |
A type of wireless network that connects several wireless LANs |
|
|
Wireless personal area networks (WPANs) |
interconnect device within a relatively small area that is generally within a persons reach |
|
|
Wireless mesh network |
a wireless network made up of radio nodes organized in a mesh topology |
|
|
Wireless local area network (WLAN) |
links two or more devices over a short distance using a wireless distribution method, usually providing a connection through an access point for internet access. |
|
|
Voice over internet protocal (VoIP) |
A technology that allows you to make voice calls using a broadband internet connect instead of a phone line. |
|
|
Virtual private network (VPN) |
an encrypted tunnel between two hosts that allows them to securely communicate over an untrusted network |
