Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
349 Cards in this Set
- Front
- Back
accounting |
the ability that provides tracking of events |
|
asset |
an item that has value |
|
authorization |
the act of ensuring that an individual or element is genuine |
|
authentication |
the steps that ensure that the individual is who they claim to be |
|
availability |
security actions that ensure that data is accessible to authorized users |
|
California's Database Security Breach Notification Act |
the first state law that covers any stat agency, person, or company that does business in California |
|
confidentiality |
security actions that ensure only authorized parties can view the information |
|
cybercrime |
targeted attacks against financial networks, unauthorized access to information, and the theft of personal information |
|
cybercriminals |
a network of attackers, identity thieves, spammers, and financial fraudsters |
|
cyber-terrorism |
a premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence |
|
cyber-terrorists |
attackers whose motivation may be defined as ideology, or attacking for the sake of their principles or beliefs |
|
exploiting |
the act of taking advantage of a vulnerability |
|
Gramm-Leach-Bliley Act (GLBA) |
a law that requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information |
|
Hacker |
a term used to refer to a person who uses advanced computer skills to attack computers |
|
Health Insurance Portability and Accountability Act (HIPAA) |
a law designed to guard protected health information and implement policies and procedures to safeguard it |
|
identity theft |
stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain |
|
information security |
the tasks of securing information that is in a digital format |
|
integrity |
security actions that ensure that information is correct and no unauthorized person or malicious software has altered the data |
|
risk |
the likelihood that a threat agent will exploit the vulnerability |
|
Sarbanes-Oxley Act (Sarbox) |
a law designed to fight corporate corruption |
|
script kiddies |
individuals who want to break into computers to create damage, yet lack the advanced knowledge of computers and networks needed to do so |
|
spy |
a person who has been hired to break into a computer and steal information |
|
threat |
a type of action that has the potential to cause harm |
|
threat agent |
a person or element that has the power to carry out a threat |
|
vulnerability |
a flaw or weakness that allows a threat agent to bypass security |
|
adware |
a software program that delivers advertising content in a manner that is unexpected and unwanted by the user |
|
backdoor |
software code that gives access to a program or a service that circumvents normal security protections |
|
botnet |
a logical computer network of zombies under the control of an attacker |
|
computer virus (virus) |
a malicious computer code that, like its biological counterpart, reproduces itself on the same computer |
|
dumpster diving |
the act of digging through trash receptacles to find information that can be useful in an attack |
|
hoax |
a false warning |
|
impersonation |
an attack that creates a fictitious character and then plays out the role of that person on a victim |
|
keylogger |
captures and stores each keystroke that a user types on the computer's keyboard |
|
logic bomb |
computer code that lies dormant until it is triggered by a specific logical event |
|
malware |
software that enters a computer system without the user's knowledge or consent, and then performs an unwanted--and usually harmful--action |
|
pharming |
a phishing attack that automatically redirects the user to a fake site |
|
phishing |
sending an e-mail or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information |
|
rootkit |
a set of software tools used by an attacker to hide the actions or presence of other types of malicious software |
|
shoulder surfing |
watching an authorized user enter a security code on a keypad |
|
social engineering |
a means of gathering information for an attack by relying on the weaknesses of individuals |
|
spam |
unsolicited e-mail |
|
spear phishing |
a phishing attack that targets only specific users |
|
spim |
a variation of spam, which targets instant messaging users instead of e-mail users |
|
spyware |
a general term used to describe software that spies on users by gathering information without consent, thus violating their privacy |
|
tailgating |
the act of unauthorized individuals entering a restricted-access building by following an authorized user |
|
Trojan horse (Trojan) |
an executable program advertised as performing one activity, but actually does something else (or it may perform both the advertised and malicious activities) |
|
vishing |
a phishing attack that uses a telephone call instead of using e-mail |
|
whling |
a phishing attack that targets only wealthy individuals |
|
word splitting |
horizontally separating words so that they can still by read by the human eye |
|
worm |
a malicious program designed to take advantage of a vulnerability in an application or an operating system in order to enter a computer and then self-replicate to other computers |
|
add-ons |
programs that provide additional functionality to web browsers |
|
address resolution protocol (ARP) |
part of the tcp/IP protocol for determining the mac address based on the IP address |
|
arp poisoning |
an attack that corrupts the arp cache |
|
attachments |
files that are coupled to e-mail messages |
|
buffer overflow |
an attack that occurs when a process attempts to store data in ram beyond the boundaries of a fixed-length storage buffer |
|
client-side attack |
an attack that targets vulnerabilities in client application that interact with a compromised server or processes malicious data |
|
cookie |
a file on a local computer in which a server stores user-specific information |
|
command injection |
injecting and executing commands to execute on a server |
|
cross-site scripting (XSS) |
an attack that injects scripts into a web application server to direct attacks at clients |
|
denial of service (DoS) |
an attack that attempts to prevent a system from performing its normal functions |
|
directory traversal |
an attack that takes advantage of a vulnerability in the web application program or the web server software so that a user can move from the rot directory to other restricted directories |
|
distributed denial of service (DDos) |
an attack that uses multiple zombie computers (even hundreds or thousands) in a botnet to flood a device with requests |
|
DNS poisoning |
an attack that substitutes DNS addresses so that the computer is automatically redirected to another device |
|
domain name system (DNS) |
a hierarchical name system for matching computer names and numbers |
|
first-party cookie |
a cookie that is created from the web site that currently is being viewed |
|
flash cookie |
a cookie named after the adobe flash player. also known as local shared objects (LSOs). flash cookies cannot be deleted through the browser's normal configuration settings as regular cookies can. typically, they are saved in multiple locations on the hard drive and can take up as much as 100,000 bytes of storage per cookie (about 25 times the size of a normal cookie). flash cookies can also be used to reinstate regular cookies that a user has deleted or blocked |
|
host table |
a list of the mappings of names to computer numbers |
|
HTTP header |
part of the HTTP that is composed of fields that contain the different characteristics of the data that is being transmitted |
|
HTTP header manipulation |
modifying HTTP headers to create an attack |
|
man-in-the-middle |
an attack that intercepts legitimate communication and forges a fictitious response to the sender |
|
persistent cookie (tracking cookie) |
a cookie that is recorded on the hard drive of the computer and does not expire when the browser closes |
|
ping |
a utility that sends an icmp echo request message to a host |
|
ping flood |
an attack that uses the internet control message protocol (ICMP) to flood a victim with packets |
|
privilege escalation |
an attack that exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining |
|
replay |
an attack that makes a copy of the transmission before sending it to the recipient |
|
secure cookie |
a cookie that is only used when a browser is visiting a server using a secure connection |
|
session cookie |
a cookie that is stored in random access memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting a web site |
|
session hijacking |
an attack in which an attacker attempts to impersonate the user by using his session token |
|
session token |
a form of verification used when accessing a secure web application |
|
smurf attack |
an attack that broadcasts a ping request to all computers on the network yet changes the address from which the request came to that of the target |
|
spoofing |
impersonating another computer or device |
|
SQL injection |
an attack that targets SQL servers by injection commands to be manipulated by the database |
|
syn flood attack |
an attack that takes advantage of the procedures for initiating a tcp session |
|
third-party cookies |
a cookie that was created by a third party that is different from the primary web site |
|
transitive access |
an attack involving using a third party to gain access rights |
|
XML (extensible markup language) |
a markup language that is designed to carry data instead of indicating how to display it |
|
XML injection |
an attack that injects XML tags and data into a database |
|
zero day attacks |
attacks that exploit previously unknown vulnerabilities, so victims have no time (zero days) to prepare or defend against the attacks |
|
annualized loss expectancy (ALE) |
the expected monetary loss that can be expected for an asset due to a risk over a one-year period |
|
annualized rate of occurrence (ARO) |
the probability that a risk will occur in a particular year |
|
architectural design |
the process of defining a collection of hardware and software components along with their interfaces in order to create the framework for software development |
|
attack surface |
the code that can be executed by unauthorized users in a software program |
|
baseline reporting |
a comparison of the present state of a system compared to its baseline |
|
black box |
a test in which the tester has no prior knowledge of the network infrastructure that is being tested |
|
code review |
presenting the code to multiple reviewers in order to reach agreement about its security |
|
design review |
an analysis of the design of a software program by key personnel from different levels of the project |
|
exposure factor (EF) |
the proportion of an asset's value that is likely to be destroyed by a particular risk (expressed as a percentage) |
|
fail-open |
a control that errs on the side of permissiveness in the event of a failure |
|
fail-safe (fail-secure) |
a control that errs on the side of security in the event of a failure |
|
gray box |
a test where some limited information has been provided to the tester |
|
hardening |
the process of eliminating as many security risks as possible and making the system more secure |
|
honeynet |
a network set up with intentional vulnerabilities |
|
honeypot |
a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files, to trick attackers into revealing their attack techniques |
|
penetration testing |
a test by an outsider to actually exploit any weaknesses in systems that are vulnerable |
|
port scanner |
software to search a system for any port vulnerabilities |
|
protocol analyzer (sniffer) |
hardware or software that captures packets to decode and analyze the contents |
|
single loss expectancy (SLE) |
the expected monetary loss every time a risk occurs |
|
vulnerability assesment |
a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm |
|
vulnerability scan |
an automated software search through a system for any known security weaknesses that then creates a report of those potential exposures |
|
vulnerability scanner |
generic term for a range of products that look for vulnerabilities in networks or systems |
|
white box |
a test where the tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications |
|
Xmas tree port scan |
sending a packet with every option set on for whatever protocol is in use to observer how a host responds |
|
access list |
a record or list of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area |
|
access log |
a log that can provide details regarding requests for specific files on a system |
|
anti-spyware |
software that helps prevent computers from becoming infected by different types of spyware |
|
anti-virus (AV) |
software that can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus |
|
audit log |
a log that can track user authentication attempts |
|
audit records |
logs that are the second common type of security-related operating system logs |
|
Bayesian filtering |
spam filtering software that analyzes the contents of every word in an e-mail and determines how frequently a word occurs in order to determine if it is spam |
|
cable lock |
a device that can be inserted into the security slot of a portable device and rotated so that the cable lock is secured to the device to prevent it from being stolen |
|
closed-circuit television (CCTV) |
using video cameras to transmit a signal to a specific and limited set of receivers used for surveillance in areas that require security monitoring |
|
cross-site request forgery (XSRF) |
an attack that uses the user's web browser settings to impersonate the user |
|
data loss prevention (DLP) |
a system that can identify critical data, monitor how it is being accessed, and protect it from unauthorized users |
|
deadbolt lock |
a door lock that extends a solid metal bar into the door frame for extra security |
|
errors (exceptions) |
faults in a program that occur while the application is running |
|
event logs |
logs that can document any unsuccessful events and the most significant successful events |
|
fencing |
securing a restricted area by erecting a barrier |
|
firewall (packet filter) |
hardware or software that is designed to prevent malicious packets from entering or leaving computers |
|
fuzz testing (fuzzing) |
a software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a computer program |
|
GPS tracking |
using the global positioning system (GPS) to detect the location of a portable device |
|
heuristic detection |
creating a virtualized environment to simulate the central processing unit (CPU) and memory of the computer to check for the presence of a virus |
|
host-based software firewall |
a firewall that runs a program on a local system to protect it against attacks |
|
hotfix |
software that addresses a specific customer situation and often may not be distributed outside that customer's organization |
|
input validation |
verifying a user's input to an application |
|
locking cabinet |
a secure storage unit that can be used for storing portable devices |
|
log |
a record of events that occur |
|
mantrap |
a device that monitors and controls two interlocking doors to a small room (a vestibule), designed to separate secure and nonsecure areas |
|
patch |
a general software security update intended to cover vulnerabilities that have been discovered |
|
pop-up blocker |
either a program or a feature incorporated within a browser that stops pop-up advertisements from appearing |
|
proximity reader |
a device that detects an emitted signal in order to identify the owner |
|
remote wipe/sanitation |
a technology that can remotely erase data from a portable device and reset it to its default factory settings |
|
safe |
a ruggedized steel box with a lock |
|
security logs |
logs that are considered the primary source of log data |
|
security policy |
a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure |
|
service pack |
software that is a cumulative package of all security updates plus additional features |
|
signature file |
a sequence of bytes (a string) found in the virus as a virus signature |
|
voice encryption |
using encryption to mask the content of voice communications |
|
all-in-one network security appliance |
network hardware that provides multiple security functions |
|
anomaly-based monitoring |
a monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against eh baseline. whenever a significant deviation from this baseline occurs, an alarm is raised |
|
behavior-based monitoring |
a monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it |
|
demilitarized zone (DMZ) |
a separate network that rests outside the secure network perimeter; untrusted outside users can access the DMZ but cannot enter the secure network |
|
heuristic monitoring |
a monitoring technique used by an IDS that uses an algorithm to determine if a threat exits |
|
host intrusion detection system (HIDS) |
a software-based application that runs on a local host computer that can detect an attack as it occurs |
|
intrusion detection system (IDS) |
a device designed to be active security; it can detect an attack as it occurs |
|
load balancer |
a device that can direct request to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server |
|
network access control (NAC) |
a technique that examines the current state of a system or network device before it is allowed to connect to the network |
|
network address translation (NAT) |
a technique that allows private IP addresses to be used on the public internet |
|
network intrusion detection system (NIDS) |
a technology that watches for attacks on the network and reports back to a central device |
|
network intrusion prevention system (NIPS) |
a technology that monitors network traffic to immediately react to block a malicious attack |
|
proxy server |
a computer or an application program that intercepts a user request form the internal secure network and then processes that request on behalf of the user |
|
remote access |
any combination of hardware and software that enables remote users to access a local internal network |
|
reverse proxy |
a computer or an application program that routes incoming request to the correct server |
|
router |
a device that can forward packets across computer networks |
|
signature-based monitoring |
a monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature |
|
subnetting (subnet addressing) |
a technique that uses IP addresses to divide a network into network, subnet, and host |
|
switch |
a device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices |
|
virtual LAN (VLAN) |
a technology that allows scattered users to be logically grouped together even though they may be attached to different switches |
|
virtual private network (VPN) |
a technology to use an unsecured public network, such as the internet, like a secure private network |
|
VPN concentrator |
a device that aggregates hundreds or thousands of VPN connections |
|
web application firewall |
a special type of firewall that looks more deeply into packets that carry HTTP traffic |
|
web security gateway |
a device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site) |
|
cloud computing |
a pay-per-use computing model in which customers pay only for the computing resources that they need, and the resources can be easily scaled |
|
disabling unused ports |
a security technique to turn off ports on a network device that are not required |
|
file transfer protocol (FTP) |
an unsecure TCP/IP protocol that is commonly used for transferring files |
|
flood guard |
a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack |
|
FTP using secure sockets layer (FTPS) |
a TCP/IP protocol that uses secure sockets layer/ transport layer security (SSL/TLS) to encrypt commands sent over the control port (port 21) in an FTP session |
|
IEEE 802.1x |
a standard that blocks all traffic on a port-by-port basis until the client is authenticated using credentials stored on an authentication server |
|
internet control message protocol (ICMP) |
a TCP/IP protocol that is used by devices to communicate updates or error information to other devices |
|
internet protocol version 6 (IPv6) |
the next generation of the IP protocol that addresses weaknesses of IPv4 and provides several significant improvements |
|
IP telephony |
using a data-based IP network to add digital voice clients and new voice applications onto the IP network |
|
loop protection |
preventing broadcast storms by using the IEEE 802.1d standard spanning-tree algorithm (STA) |
|
MAC limiting and filtering |
a security technique to limit the number of media access control (MAC) addresses allowed on a single port |
|
rule-based management |
the process of administration that relies on following procedural and technical rules |
|
secure copy protocol (SCP) |
a TCP/IP protocol used mainly on UNIX and Linux devices that securely transports files by encrypting files and commands |
|
secure FTP (SFTP) |
a secure TCP/IP protocol that is used for transporting files by encrypting and compressing all data and commands |
|
simple network management protocol (SNMP) |
a TCP/IP protocol that exchanges management information between networked devices. it allows network administrators to remotely monitor, manage, and configure devices on the network |
|
transmission control protocol/internet protocol (TCP/IP) |
the most common protocol suite used today for local area networks (LANs) and the internet |
|
virtualization |
a means of managing and presenting computer resources by function without regard for their physical layout or location |
|
AES-CCMP |
the encryption protocol standard for WPA2 |
|
bluejacking |
an attack that sends unsolicited messages to Bluetooth-enabled devices |
|
bluesnarfing |
an attack that accesses unauthorized information from wireless device through a Bluetooth connection, often between cell phones and laptop computers |
|
bluetooth |
a wireless technology that uses short-range radio frequency (RF) transmissions and provides for rapid ad hoc device pairings |
|
evil twin |
an AP set up by an attacker to mimic an authorized AP and capture transmissions, so a user's device will unknowingly connect to this evil twin instead |
|
Extensible authentication protocol (EAP) |
a framework for transporting authentication protocols that defines the format of the messages |
|
initialization vector (IV) |
a 24-bit value used in WEP that changes each time a packet is encrypted |
|
keystream attack (IV attack) |
a method of determining the keystream by analyzing two packets that were created from the same initialization vector (IV) |
|
lightweight EAP (LEAP) |
a proprietary EAP method developed by Cisco Systems requiring mutual authentication used for WLAN encryption using Cisco client software |
|
media access control (MAC) address filtering |
a method for controlling access to a WLAN based on the device's MAC address |
|
preshared key (PSK) |
a key value that must be created and entered into both the access point and all wireless devices ("Shared") prior to ("pre") the devices communicating with he AP |
|
protected EAP (PEAP) |
an EAP method designed to simplify the deployment of 802.1x by using Microsoft Windows logins and passwords |
|
rogue access point |
an unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks |
|
service set identifier (SSID) |
the user-supplied network name of a WLAN; it can generally be alphanumeric from 2 to 32 characters |
|
SSID broadcast |
the transmission of the SSID from the access point to wireless devices |
|
temporal key integrity protocol (TKIP) |
a WPA encryption technology |
|
war chalking |
the process of documenting and then advertising the location of wireless LANs for others to use. wireless networks were identified by drawing on sidewalks or walls around the area of the network |
|
war driving
|
searching for wireless signals from an automobile or on foot using a portable computing device |
|
Wi-Fi protected access (WPA) |
the original set of protections form the Wi-Fi alliance in 2003 designed to protect both present and future wireless devices |
|
Wi-Fi protected access 2 (WPA2) |
the second generation of WPA security from the Wi-Fi alliance in 2004 to address authentication and encryption on WLANs |
|
Wired Equivalent Privacy (WEP) |
an IEEE 802.11 security protocol designed to ensure that only authorized parties can view transmitted wireless information. WEP has significant vulnerabilities and is not considered secure |
|
access control |
the mechanism used in an information system to allow or restrict access to data or devices |
|
access control list (ACL) |
a set of permissions that are attached to an object |
|
access control model |
a standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications |
|
account expiration |
the process of setting a user's account to expire |
|
discretionary access control (DAC) |
the least restrictive access control model in which the owner of the object has total control over it |
|
extended TACACS |
the second version of the Terminal Access Control Access Control System (TACACS) authentication service |
|
implicit deny |
rejecting access unless a condition is explicitly met |
|
job rotation |
the act of moving individuals from one job responsibility to another |
|
kerberos |
an authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users |
|
least privelege |
providing only the minimum amount of privileges necessary to perform a job or function |
|
LDAP injection attack |
an attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information form the LDAP database or modify its content |
|
Lightweight directory access protocol (LDAP) |
a protocol for a client application to access an X.500 directory |
|
mandatory access control (MAC) |
the most restrictive access control model, typically found in military settings in which security is of supreme importance |
|
mandatory vacations |
requiring that all employees take vactions |
|
remote authentication dial in user service (RADIUS) |
an industry standard authentication service with widespread support across nearly all vendors of networking equipment |
|
role based access control (RBAC) |
a "real-world" access control model in which access is based on a user's job function within the organization |
|
rule based access control (RBAC) |
an access control model that dynamically assigns roles to subjects based on a set of rules defined by a custodian |
|
separation of duties |
the practice of requiring that processes should be divided between two or more individuals |
|
TACACS+ |
the current version of the TACACS authentication service |
|
Terminal Access Control Access Control System (TACACS) |
an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server. |
|
time of day restrictions |
limitations imposed as to when a user can log on to a system |
|
behavioral biometrics |
authenticating a user by the normal actions that the user performs |
|
brute force attack |
a password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched with those in a stolen password file |
|
cognitive biometrics |
authenticating a user through the perception, thought process, and understanding of the user |
|
common access card (CAC) |
a department of defense (DoD) smart card used for identification for active-duty and reserve military personnel along with civilian employees and special contractors |
|
dictionary attack |
a password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file |
|
hybrid attack |
a password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling word backward, slightly misspelling words, or including special characters |
|
multifactor authentication |
using more than one type of authentication credential |
|
password |
a secret combination of letters, numbers, and/or characters that only he user should know |
|
personal identity verification (PIV) |
a government standard for smart cards that covers all government employees |
|
rainbow tables |
larger pregenerated data sets of encrypted passwords used in password attacks |
|
single sign-on (SSO) |
using one authentication credential to access multiple accounts or applications |
|
single-factor authentication |
using one type of authentication credentials |
|
smart card |
a card that contains an integrated circuit chip that can hold information used as part of the authentication process |
|
standard biometrics |
using fingerprints or other unique physical characteristics of a person's face, hands, or eyes for authentication |
|
token |
a small device that can be affixed to a keychain with a window display that shows a code to be used for authentication |
|
trusted operating system (trusted OS) |
a hardened operating system that can keep attackers from accessing and controlling critical parts of a computer system |
|
advanced encryption standard (AES) |
a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES |
|
algorithm |
procedures based on a mathematical formula; used to encrypt data |
|
asymmetric cryptographic algorithm |
encryption that uses two mathematically related keys |
|
block cipher |
a cipher that manipulates an entire block of plaintext at one time |
|
blowfish |
a block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits |
|
ciphertext |
data that has been encrypted |
|
cryptography |
the science of transforming information into a secure form while it is being transmitted or stored so that unauthorized persons cannot access it |
|
cleartext |
unencrypted data |
|
data encryption standard (DES) |
a symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks |
|
decryption |
the process of changing ciphertext into plaintext |
|
digital signature |
an electronic verification of the sender |
|
elliptic curve cryptography (ECC) |
an algorithm that uses elliptic curves instead of prime numbers to compute keys |
|
encryption |
the process of changing plaintext into ciphertext |
|
GNU privacy guard (GPG) |
free and open-source software that is commonly used to encrypt then decrypt e-mail messages |
|
hardware security module (HSM) |
a secure cryptographic processor |
|
hash |
the unique digital fingerprint created by a hashing algorithm |
|
hashed message authentication code (HMAC) |
a variation of a hash that encrypts the hash with a shared secret key before transmitting it |
|
hashing |
the process for creating a unique digital fingerprint signature for a set of data |
|
key |
a mathematical value entered into the algorithm to produce ciphertext |
|
message digest (MD) |
a common hash algorithm of several different versions |
|
message digest 5 (MD5) |
a revision of MD4 that is designed to address its weaknesses |
|
nonrepudiation |
the process of proving that a user performed an action |
|
NTLM (new technology LAN manager) hash |
a password hash for Microsoft Windows systems that is no longer recommended for use
|
|
NTLMv2 (new technology LAN manager version 2) hash |
an updated version of NTLM that uses HMAC with MD5 |
|
one-time pad (OTP) |
using a unique truly random key to create ciphertext |
|
plaintext |
data input into an encryption algorithm |
|
pretty good privacy (PGP)
|
a commercial product that is commonly used to encrypt e-mail messages |
|
private key |
an asymmetric encryption key that does have to be protected |
|
private key cryptography |
cryptographic algorithms that use a single key to encrypt and decrypt a message |
|
public key |
an asymmetric encryption key that does not have to be protected |
|
public key cryptography |
encryption that uses two mathematically related keys |
|
quantum cryptography |
an asymmetric cryptography that attempts to use the unusual and unique behavior of microscopic objects to enable users to securely develop and share keys |
|
RACE integrity primitives evaluation message digest (RIPEMD) |
a hash algorithm that uses two different and independent parallel chains of computation and then combines the result at the end of the process |
|
RC4 |
an RC stream cipher that will accept keys up to 128 bits in length |
|
Rivest Cipher (RC) |
a family of cipher algorithms designed by Ron Rivest |
|
RSA
|
an asymmetric algorithm published in 1977 and patented by MIT in 1983 |
|
Secure Hash Algorithm (SHA) |
a secure hash algorithm that creates hash values of longer lengths than message digest (MD) algorithms |
|
steganography |
hiding the existence of data within a text, audio, image, or video file |
|
stream cipher |
an algorithm that takes one character and replaces it with one character |
|
symmetric cryptographic algorithm |
encryption that uses a single key to encrypt and decrypt a message |
|
triple data encryption standard (3DES) |
a symmetric cipher that was designed to replace DES |
|
trusted platform module (TPM) |
a chip on the motherboard of the computer that provides cryptographic services |
|
twofish |
a later derivation of the blowfish algorithm that is considered to be strong |
|
whole disk encryption |
cryptography that can be applied to entire disks |
|
bridge trust model |
a trust model with one CA that acts as a facilitator to interconnect all other CAs |
|
certificate authority (CA) |
a trusted third-party agency that is responsible for issuing the digital certificates |
|
certificate repository (CR) |
a publicly accessible centralized directory that contains digital certificates that can be used to view the status of a digital certificate |
|
certificate revocation list (CRL) |
a repository that lists revoked digital certificates |
|
digital certificate |
a technology used to associate a user's identity to a public key, in which the user's public key is "digitally signed" by a trusted third party |
|
direct trust |
a type of trust model in which a relationship exists between two individuals because one person knows the other person |
|
distributed trust model |
a trust model that has multiple CAs that sign digital certificates |
|
hierarchical trust model |
a trust model that has a single hierarchy with one master CA |
|
hypertext transport protocol over secure sockets layer (HTTPS) |
a secure version of HTTP sent over SSL/TLS |
|
IP security (IPsec) |
a set of protocols developed to support the secure exchange of packets |
|
key escrow |
a process in which key are managed by a third party, such as a trusted CA called the root |
|
key recovery agent (KRA) |
a highly trusted person responsible for recovering lost or damaged digital certificates |
|
M-of-N control |
a technique to recover a private key by distributing parts to different individuals |
|
public key infrastructure (PKI) |
a framework for all of the entities involved in digital certificates for digital certificate management |
|
registration authority (RA) |
a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users |
|
Secure shell (SSH) |
a UNIX-based command interface and protocol for securely accessing a remote computer |
|
secure sockets layer (SSL) |
a protocol developed by Netscape for securely transmitting documents over the Internet that uses a private key to encrypt data |
|
third-party trust |
a trust model in which two individuals trust each other because each individually trusts a third party |
|
transport layer security (TLS) |
a protocol that is an extension of SSL and guarantees privacy and data integrity between applicationstr |
|
trust model |
the type of trusting relationship that can exist between individuals or entities |
|
trust model |
the type of trusting relationship that can exist between individuals or entities |
|
X.509 |
the most widely accepted format for digital certificates as defined by the international telecommunication union (ITU) |
|
asymmetric server cluster |
a technology in which a standby server exists only to take over for another server in the event of its failure |
|
backout/contingency option |
rolling back a disaster recovery implementation to the starting point so that a different approach can be taken |
|
business continuity |
the ability of an organization to maintain its operations and services in the face of a disruptive event |
|
business continuity planning and testing |
the process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient |
|
business impact analysis (BIA) |
an analysis of the most important mission-critical business functions, which identifies and quantifies the impact such a loss of the functions may have on the organization in terms of its operational and financial position |
|
chain of custody |
a process of documentation that shows that the evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the evidence |
|
cold site |
a remote site that provides office space; the customer must provide and install all the equipment needed to continue operations |
|
computer forensics |
using technology to search for computer evidence of a crime |
|
data backups |
the process of copying information to a different medium and storing it (preferably at an off-site location) so that it can be used in the event of a disaster |
|
disaster recovery |
the procedures and processes for restoring and organizations's IT operations following a disaster |
|
disaster recovery plan (DRP) |
a written document that details the process for restoring IT resources following an event that causes a significant disruption in service |
|
Faraday cage |
a metallic enclosure that prevents the entry or escape of an electromagnetic field |
|
forensics (forensic science) |
the application of science to questions that are of interest to the legal profession |
|
heating, ventilation, and air conditioning (HVAC) |
systems that provide and regulate heating and cooling |
|
high availability |
a system that can function for an extended period of time with little downtime |
|
hot aisle/cold aisle |
a layout in a data center that can be used to reduce heat by managing the air flow |
|
hot site |
a duplicate of the production site that has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link |
|
mean time between failures (MTBF) |
a statistical value that is the average time until a component fails, cannot be repaired, and must be replaced |
|
mean time to restore (MTTR) |
the average time needed to reestablish services to their former state |
|
order of volatility |
the sequence of volatile data that must be preserved in a computer forensic investigation |
|
RAID (redundant array of independent drives) |
a technology that uses multiple hard disk drives for increased reliability and performance |
|
recovery point objective (RPO) |
the maximum length of time that an organization can tolerate between backups |
|
recovery time objective (RTO) |
the length of time it will take to recover the data that has been backed up |
|
server cluster |
a combination (clustering) of two or more servers that are interconnected to appear as one |
|
single point of failure |
a component or entity in a system which, if it no longer functions, would adversely affect the entire system |
|
succession planning |
determining in advance who will be authorized to take over in the event of the incapacitation or death of key employees |
|
symmetric server cluster |
a technology in which every server in the cluster performs useful work and if one server fails, the remaining servers continue to perform their normal work as well as that of the failed server |
|
system image |
a snapshot of the current state of the computer that contains all settings and data |
|
warm site |
a remote site that contains computer equipment but does not have active internet or telecommunication facilities, and does not have backups of data |
|
acceptable use policy (AUP) |
a policy that defines the actions users may perform while accessing systems and networking equipment |
|
change management |
a methodology for making modifications to a system and keeping track of those changes |
|
incident management |
the "framework" and functions required to enable incident response and incident handling within an organization |
|
peer-to-peer (P2P) network |
a network that does not have servers, so each device simultaneously functions as both a client and a server to all other devices connected to the network |
|
privacy policy |
a policy that outlines how the organization uses personal information it collects |
|
security policy |
a written document that states how an organization plans to protect the company's information technology assets |
|
social networking |
grouping individuals and organizations into clusters or groups based on a like affiliation |
|
social networking sites |
web sites that facilitate linking individuals with common interests like hobbies, religion, politics, or school or work contacts |