Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
49 Cards in this Set
- Front
- Back
- 3rd side (hint)
ACL |
Access Control List. A table or data file that specifies whether a user or group has access to a specific resource on a computer or Network. |
|
|
AP |
Access Point. The point at which access to a network is accomplished. This term is often used in relation to a wireless access point. |
Access Point |
|
Active Response |
A response generated in real time |
|
|
Alarm |
A notification that an unusual condition exists and should be investigated. |
|
|
Alert |
An indication that an unusual condition could exist and should be investigated. |
|
|
All-in-One Appliance |
Also known as Unified Threat Management (UTM). An appliance that performs multiple functions. |
|
|
Analyzer |
The component or process that analyzes the data collected by the sensor. |
|
|
Anomalies |
Variations from normal operations. |
|
|
AD-IDS |
An Anomaly-Detection Intrusion Detection System that works by looking for deviations from a pattern or normal Network traffic. |
|
|
Appliance |
A free-standing device that operates in a largely self-contained to manner. |
|
|
Application-Level Proxy |
A device or software that recognizes application-specific commands and offers granular control over them. |
|
|
AH |
Authentication Header. An ipsec header used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays. |
Authentication Header |
|
Clustering |
A method of balancing loads and providing fault tolerance. |
|
|
Compensating controls |
Gap controls that fill in the coverage between other types of vulnerability mitigation techniques. (Where there are holes in coverage. We compensate for them) |
|
|
DLP |
Data Loss Prevention. Any systems that identify, monitor and, protect data to prevent it from unauthorized use, modification, destruction, egress or exfiltration from a location. |
Data Loss Prevention |
|
ESP |
Encapsulating Security Payload. An IPSec header used to provide a mix of security services in IPv4 and IPv6. ESP can be used alone or in combination with the IP Authentication Header. (AH) |
Encapsulating Security Payload. |
|
Encapsulation |
The process of enclosing data in a packet. |
|
|
False Negative |
And event that should be flagged but isn't. |
|
|
False Positive |
A flagged event that isn't really an event and has been falsely triggered. |
|
|
Firewall |
A combination of hardware and software filters placed between trusted and untrusted networks intended to protect the network from Attack by hackers who could gain access to public networks, including the internet. |
|
|
HIDS |
Host-Based IDS. An intrusion detection system that is host-based. And alternative is an intrusion detection that is network-based. |
|
|
HSM |
Hardware Security Module. A software or Appliance Standalone used to enhance Security in commonly used with PKI systems. |
Hardware Security Module |
|
Implicit deny |
A condition that states that unless otherwise given, the permission will be denied. |
|
|
IPSec |
Internet Protocol Security. A set of protocols that enable encryption, authentication, and integrity over IP. IPSec is commonly used with a virtual private networks(VPNs) and operates at layer 3. |
Internet Protocol Security |
|
IDS |
Intrusion Detection System. Tools that identify attacks using defined rules or logic and are considered passive. And ideas can be network-based or host-based. |
Intrusion Detection System |
|
IPS |
Intrusion Prevention System. Tools that respond to attacks using defined rules and logic and are considered active. And IPS can be network based or host-based. |
Intrusion Prevention System |
|
Key Management |
The management of all aspects of cryptographic keys in a cryptosystem, including key generation, exchange, storage, use, destruction and replacement. |
|
|
Load Balancing |
Dividing a load for greater efficiency of management among multiple devices. |
|
|
NAC |
Network Access Control. Set of Standards defined by the network for clients attempting to access it. Usually, NAC requires that clients be virus free and adhere to specific policies before allowing them on the network. |
Network Access Control |
|
NIPS |
Network Intrusion Prevention System. An intrusion prevention system that is network-based. |
Network Intrusion Prevention System |
|
NIDS |
Network-Based IDS. An approach to an intrusion detection system; it attaches the system to a point in yhe network where it can monitor and report on all Network traffic. |
Network-Based IDS |
|
Passive Response |
A non-active response, such as logging. Passive response is the most common type of response to many intrusions. In general, passive responses are the easiest to develop and implement. |
|
|
Proxy |
A type of system that prevents direct communication between a client and a host by acting as an intermediary. |
|
|
Proxy Firewall |
A proxy server that also acts as a firewall, blocking network access from external Networks. |
|
|
Proxy Server |
A type of server that makes a single internet connection and services requests on behalf of many users. |
|
|
SSL |
Secure Sockets Layer. A protocol that secures a messages by operating between the application layer(http) and the transport layer. |
Secure Sockets Layer |
|
SIEM |
Security Information and Event Management. Software that combined security information management and security event management functions to provide real-time analysis of security alerts. |
Security Information and Event Management |
|
Signature-based System |
A system that acts based on the digital signature it sees and offers no repudiation to increase the Integrity of a message. |
|
|
SSID Broadcast |
An access point's broadcasting of the network name |
|
|
Stateful Inspection |
Inspections that occur at all levels of the network and provide additional security using a state table that tracks every Communications Channel. |
|
|
Switch |
A network device that can replace a router or Hub in a local network and get data from a source to a destination. Switching allows for higher speeds. |
|
|
WORM |
Write-once-read-many. Information, once written, cannot be modified, that's for sure and that the data cannot be tampered with once it is written to the device. |
|
|
STP |
Spanning Tree Protocol. Prevents loops in switches, enables Bridge switch interfaces to be assigned a value that is in used to control the learning process and prevent problems. |
Spanning Tree Protocol |
|
Decrypts encrypted traffic, inspects it, and then re-encrypts it before sending it on to its destination. |
SSL decryptors |
|
|
Tunnel configuration where only some requests are rounded and encrypted over the VPN. |
Split tunnel |
|
|
SSL Accelerator |
Off loads in the public key encryption to a separate Hardware plug-in card. |
|
|
Heuristic based detection |
Uses and algorithm to analyze traffic passing through the network. |
|
|
Signature based detection |
Evaluates attacks based on attack signatures. |
|
|
Behavior based detection |
Looks for anomalies in network behavior. |
|