Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
57 Cards in this Set
- Front
- Back
|
ACCESS TOKEN
|
a data structure that contains authorization information for a user or group. a system uses access token to control access to securable objects and to control the ability of a user to perform various sysstem related operations on a local computer.
|
|
|
ADMINISTRATIVE VULNERABILITY
|
failure to observe administrative best practices, such as using a weak paswod or loggin on to an account that has more user rights than the user requires to perform a specific task.
|
|
|
ADWARE
|
advertising that is integrated into software. adware is often combined with a host application that is provided at no charge as long as the user agrees to accept adware.
|
|
|
ANONYMITY
|
a condition in which an individuals true identity is unknown.
|
|
|
ATTACK
|
a deliberate attempt to compromise the security of a computer system or deprive others of the use of the system.
|
|
|
AUTHENTICATION
|
the process of validating the credentials of a person, computer process, or device. authentication requires that the person, process or device making the request provide a credential that proves it is what or who it says it is. common forms of credentials are digital signatures, smart cards, biometric data, and a combination of user names and passwords.
|
|
|
AUTHORIZATION
|
the process of granting person, computer process, or device access to certain information, services, or functionality. authorization is derived from the identity of the person, computer process, or device requesting access, which is verified through authentication.
|
|
|
AV
|
antivirus software
|
|
|
AVAILABILITY
|
the property of a system resources that ensuresit is accessible and usable on demand by and authorized system user. availability is one of the core characteristics of a secure system.
|
|
|
BACK DOOR
|
a hardware of software based hidden entrance to c omputer sustem that can be used to bypass the systems security policies.
|
|
|
BBBONLINE
|
a privacy seal program established by the better business bureau which certifies that certain websites conform to baseline privacy standards. microsoft is a sponsor of bbbonline.
|
|
|
BUDDY FIX
|
see private fix.
|
|
|
BUFFER
|
a region of memory reserved for us as an intermediate repository in which data is temprarily held before it is transferred between two locations or devices.
|
|
|
BUFFER OVERRUN
|
a condition that results from adding more information to a buffer than it was designed to hold. an attacker may exploit this vulnerability to take over a system.
|
|
|
CERTIFICATE
|
an encrypted file containing user or server identification information, which is used to verify identity and to help establish a security enhanced link.
|
|
|
ACCESS MASK
|
in windows based systems, a value that specifies the permissions that are allowed or denied in an access control entry of an access control list. the access mask is also used in an access request to specify the access permissions that the subject requires when accessing an object.
|
|
|
ACCESS CONTROL LIST
(ACL) |
in windows based systems, a list of access control entries that apply to an entire object, a set of the objects properties, or an individual property of an object and that define the access granted to one or more security principles.
|
|
|
ACCESS CONTROL ENTRY
(ACE) |
in windows based systems, an entry in an access control list containing the security identifier for a user or group and an access mask that specifies which operations by the user or group are allowed.
|
|
|
ACCESS CONTROL
|
the mechanisms for limiting access to certain information based on users identity and membership in various predefined groups.
|
|
|
CHANGE MANAGEMENT
|
the practice of administering changes with the help of tested methods and techniques in order to avoid new errors and minimize the impact of changes.
|
|
|
CHILDRENS ONLINE PRIVACY PROTECTION ACT
(COPPA) |
a u.s. law that took effect on april 21, 2000 and requires parental consent for certain websites to knowingly collect personally identifiable information on children under the age of 13.
|
|
|
CHOICE
|
an individuals ability to determine whether and how personally identifiable information collected from hime or her maybe used, especially for purposes beyond those for which the information was originally provided. choice is an element of the fair information practices.
|
|
|
CIPHER
|
the method used to transform a readable message (called plaintext or cleartext) into an unreadable, scrambled or hidden message (called ciphertext).
|
|
|
CIPHERTEXT
|
data that has been encrypted. cyphertext is the output of the encryption process and can be trans formed into a readable form plaintext with the appropriate decryption key.
|
|
|
CLICKSTREAM DATA
|
information that users generate as they move from pagen to page and click on items within a website, usually stored in log files. website designers can use clickstream data to improve users experiences with a site.
|
|
|
COMPUTER SECURITY
|
the protection of information assets through the use of technology, processes and training.
|
|
|
CONTENT ADVISOR
|
a tool in microsoft internet explorer that lets you control which sites users on your computer can visit.
|
|
|
COOKIE
|
a small data file that is stored on a users local computer for record-keeping purposes and which contains information nabout the user that is pertinent to a website, such as user preferences.
|
|
|
COPPA
|
childrens online privacy protection act.
|
|
|
CREDENTIALS
|
information that includes identification and proof of identification that is used to gain access to local and network resources. examples of credentials are user names and passwords, smart cards, and certificates.
|
|
|
CRITICAL UPDATE
|
a broadly released fix for specific problem addressing a critical, non-security- related bug.
|
|
|
CRYPTOGRAPHY
|
the study or analysis of codes and encoding method used to secure information. cryptographic techniques can be used to enable and ensure confidentiality, data integrity, authentication (entity and data origin), and nonrepudation.
|
|
|
DATA TRANSFER
|
as a key principle ofprivacy, the movement of personally identifiable information between entities, such as a customer list being shared between two different companies.
|
|
|
DDoS
|
distributed denial of service
|
|
|
DECEPTIVE TRADE PRACTICES
|
misleading or misrepresenting products or services to consumers or customers. in the united states these practices are regulated by the federal trade commission at the national level and typically by the attorney generals office of consumer protection at the state level.
|
|
|
DECRYPTION
|
the process of converting encrypted content back into its original form, often the process of converting ciphertext to plain text. decryption is the opposite of encrytpion.
|
|
|
DENIAL OF SERVICE ATTACK (DoS)
|
an attempt of a malicious (or unwitting) user, process or sytem to prevent legitimate users from accessing a resource (usually a network service) by exploiting a weakness or design limitation in an information system. examples of DoS attacks include flooding network connections, filling disk storage, disabling ports, or removing power.
|
|
|
DIGITAL CERTIFICATE
|
a digitally signed statement that binds the identifying information of a user, computer or service to public/private key pair. a digital certificate is commonly used in the process of authentication and for securing information on networks.
|
|
|
DIGITAL RIGHTS MANAGEMENT
(DRM) |
any technology used to protect the interests of owners of content and services (such as copyright owners). typically, authorized recipients or users must acquire a license in order to consume the protected material-files, music, movies according to the rights or business rules set by the content owner.
|
|
|
DISCLOSURE
|
a component of the notice principle, wherein a company should make available its data handling practices, including notices on how it collects, uses and shares personally identifiable information.
|
|
|
DISTRIBUTED DENIAL OF SERVICE (DDoS)
|
a type of service attack in which an attacker uses malicious code installed on various computers to attack a single target. an attacker may use this method to have a greater effect on the target than is possible with a single attacking machine.
|
|
|
DoS
|
denial of service attack
|
|
|
DOWNLOAD
|
to transfer a copy of a file from a remote computer to requesting computer by means of a modem or network.
|
|
|
DRM
|
digital rights management
|
|
|
EFS
|
encrypting file system
|
|
|
.adm
|
the file name extension for administrative templaste files.
|
|
|
.msi
|
the file name extension for windows installer package files
|
|
|
3DES
|
triple DES, (3DES) an implementation of data encryption standard (DES)encryption that employs three iterations of cryptographic operations on each segment of data. each iteration uses a 56-bit key for encryption, which yeilds a 168-bit encryption for the data. although 3DES is slower than DES because of the additional cryptographic calculations, its protection is far stronger than DES.
|
|
|
ACCOUNT DOMAIN
|
a windows nt domain that holds user account data. also known as a master user domain.
|
|
|
ACCOUNT LOCKOUT
|
a windows security feature that locks a user account if a number of failed lofin attempt occur within a specified amount of time, based on security policy lockout settings. locked accounts cannot log in.
|
|
|
ACTIVE DIRECTORY
|
the windows based directory service. active directory stores information about objects on a network and makes this information available to users and network administrators. active directory gives network users access t permitted resources anywhere on the network usinga dingle logon process. it provides network administrators with an intuitive, hirarchical view of the network and a single point for all network objects. ( directory partition, directory service; domain; forest.
|
|
|
ACTIVE DIRECTORY CONNECTOR
(ADC) |
an active directory synchronization agent that provides an automated way of keeping directory information consistent between directories.
|
|
|
ACTIVE DIRECTORY INSTALLATION WIZARD
|
the tool that is used to install and remove active directory.
|
|
|
ACTIVE DIRECTORY REPLICATION
|
the synchronization of active directory partition replicas between domain controllers replication automatically copies the changes that originate on a writable directory partition replica to all other domain controllers that hold the same directory partition replica. more specifically , a destination domain controller pulls these changes from the source domain controller. (global catalog, replica)
|
|
|
ACTIVE DIRECTORY SERVICE
(ADSI) |
a directory service model and set of component objects model (COM)interfaces. ADSI enables windows applications and active directory clients to access several network directory services, including active directory. ADSI is supplied as a software development kit(SDK).
|
|
|
ACTIVEX
|
a set of technologies that allows software components to interact with one another in a network environment regardless of the language in which the components were created.
|
|
|
ADC
|
active directory connector, in systems management server, addresses are used to connect sit
|
