Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
44 Cards in this Set
- Front
- Back
|
As an information security officer, what are the information security goals that you need to have in mind while defining the protection you will need?(select all that apply)
Prevention Auditing Recovery Detection
|
Prevention Recovery Detection |
|
|
3DES |
A symmetric encryption algorithm that encrypts data by processing each block of data three times, using a different DES key each time. |
|
|
802.11n |
A wireless standard for home and business implementations that adds QoS features and multimedia support to 802.11a and 802.11b. |
|
|
802.11 |
A family of specifications developed by the IEEE for wireless LAN technology. |
|
|
802.11a |
A fast, secure, but relatively expensive protocol for wireless communication. The 802.11a protocol supports speeds up to 54 Mbps in the 5GHz frequency. |
|
|
802.1a |
An IEEE standard used to provide a port-based authentication mechanism over a LAN or wireless LAN. |
|
|
access control |
In security terms, the process of determining and assigning privileges to various resources, objects, and data. |
|
|
802.11 ac |
A wireless communication protocol that improves upon 802.11 n by adding wider channels to increase bandwidth. |
|
|
802.11 b |
The first specification to be called Wi-Fi, The least expensive wireless network protocol used to transfer data among computers with wireless network cards. or between a wireless computer or device and a wired LAN. It provides for an 11 Mbps transfer rate in the 2.4 GHz frequency. |
|
|
802.11 g |
A specification for wireless data throughput at the rate of up to 54 Mbps in the 2.4 GHz band that is a potential replacement for 802.11 b. |
|
|
account federation |
The practice of linking a single account across many different management systems. |
|
|
account management |
A common term used to refer to the processes, functions, and policies used to effectively manage user accounts within an organization. |
|
|
account phishing |
In social networking, an attack where an attacker creates an account and gets on the friends list of an individual just to try to obtain information about the individual and their circle of friends or colleagues. |
|
|
account policy |
A document that includes an organization's user account management guidelines. |
|
|
ALE |
(annual loss expectancy) The total risk to an organization on an annual basis. |
|
|
account privileges |
Permissions granted to users that allow them to perform various actions such as creating, deleting, and editing files, and also accessing systems and services on the network. |
|
|
al-in-one security appliance |
A single network device that is used to perform a number of security functions to secure a network. |
|
|
accountability |
In security terms, the process of determining who to hold responsible for a particular activity or event. |
|
|
accounting |
In security terms, the process of tracking and recording system activities and resource access. |
|
|
anomaly-based monitoring |
A monitoring system that uses a database of unacceptable traffic patterns identified by analyzing traffic flows. |
|
|
ACL |
(access control list) In a DAC access control scheme, this is the list that is associated with each object, specifying the subjects that can access the object and their levels of access. |
|
|
anti-malware software |
A category of software programs that scan a computer or network for known viruses, Trojans, worms, and other malicious software. |
|
|
anti-spam |
A program that will detect specific words that are commonly used in spam messages. |
|
|
Active Directory |
The standards-based directory service from Microsoft that runs on Microsoft Windows servers. |
|
|
anti-spyware |
Software the is specifically designed to protect systems against spyware attacks. |
|
|
antivirus software |
An application that scans files for executable code that matches specific patterns that are known to be common to viruses. |
|
|
adware |
Software that automatically displays or downloads advertisements when it is used. |
|
|
API |
(application programming interface) A mechanism that defines how software elements interact with each other. |
|
|
AES |
(Advanced Encryption Standard) A symmetric 128-, 192-, or 256-bit block cipher based on the Rijndael algorithm developed by Belgian cryptographers Joan Daemen and Vincent Rojmen and adopted by the U.S. government as its encryption standard to replace DES. |
|
|
application attacks |
Attacks that are targeted at web-based and other client-server applications. |
|
|
application aware device |
A network device that manages information about any application that connects to it. |
|
|
application blacklisting |
The practice of preventing undesirable programs from running on a computer, computer network, or mobile device. |
|
|
attack |
Any technique that is used to exploit a vulnerability in any application on a computer system without the authorization to do so. |
|
|
attack surface |
The portion of a system or application that is exposed and available to attackers. |
|
|
application whitelisting |
The practice of allowing approved programs to run on a computer, computer network, or mobile device. |
|
|
attackers |
A term for users who gain unauthorized access to computers and networks for malicious purposes. |
|
|
arbitrary code execution |
Am attack that exploits an application vulnerability into allowing the attacker to execute commands on a user's computer. |
|
|
archive bit |
A file property that essentially indicates whether the file has been modified since the last back up. |
|
|
auditing |
The final phase of a hack in which the attacker steals data, disrupts traffic, or damages systems. |
|
|
armored virus |
A virus that is able to conceal its location or otherwise render itself harder to detect by anti-virus malware programs. |
|
|
authentication |
In security terms, the process of validating a particular individual or entity's unique credentials. |
|
|
ARO |
(annual rate of occurrence) How many times per year a particular loss is expected to occur. |
|
|
authorization |
In security terms, the process of determining what rights and privileges a particular entity has. |
|
|
ARP |
(Address Resolution Protocol) The mechanism by which individual hardware MAC addresses are matched to an IP address on a network. |
