Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
19 Cards in this Set
- Front
- Back
- 3rd side (hint)
Nmap |
Network scanning tool- an open source Linux command-line used for network exploration, host discovery, and security auditing. Smaller scale internet tool. |
* Defining Scope and Objectives |
|
Zmap |
Porter to a scanner. LARGE scale, speeds up the process |
|
|
Censys was created at the University of Michigan by the team of researchers who also develop what wide scale internet scaling tool? |
Zmap |
|
|
The best describe open source intelligence is |
Any information or data obtaining via Publicly available sources that is used to aid or drive decision- making processes |
Open-source intelligence OSINT collection frameworks. Are used to effectively manage sources of collected information. |
|
Which method of collecting open source intelligent consists of the collection of published documents, such as Microsoft Office or PDF files, and parsing the information hidden within to reveal user names, email addresses, or sensitive data? |
Metadata analysis |
|
|
This search engine is not used by f o c a when searching for documents |
Yahoo |
Bing, Google is used by FOCA |
|
What is the process by which large data sets are analyzed to reveal patterns or hidden anomalies? |
Data Mining |
|
|
What does CHD stand for? |
Cardholder data |
|
|
GDPR |
General Data Protection Regulation |
It is a protection law implemented in May in 2018 to protect personal data |
|
SAD |
Sensitive Authentication Data |
The most common SAD element is the card verification code/values(ie., CVC, CVV, CID), the 3 or 4 digits code on the front or back of the card |
|
NIST |
National Institute of Standards and Technology |
|
|
NIST 800-53 "Security In Privacy Controls for the Information Systems and Organizations" |
Offers a comprehensive set of security and privacy controls that organizations can use to safeguard their operations, assets, personnel, and other organizations from various threats in the risk |
|
|
Per NIST 800-53, in which control category does the media protection lie? |
Physical |
|
|
Per NIST 800-53, In which control category does the incident response lie? |
Administrative |
|
|
Which phase(name) NIST 800-53 compliance best practices results in correlating identify assets and permissions? |
Map phase |
|
|
Information Security Management and Compliance |
Protect information assets from unauthorized access, use, disclosure, interruptions alteration, and destruction |
|
|
Compliance |
Refers to observing information security- related legal, regulatory contractual, and industry-specific standards. |
|
|
Which ISO/IEC 2701 component Involve selecting and implementing controls to reduce the identified risk to an acceptable level? |
Risk Treatment |
|
|
In SOC 2 generic controls, Which control shows that the system remains available? |
Availability |
|