Terms Deck 3

Question 1

honeypot

Answer 1

A decoy system designed to attract hackers. A honeypot usually has all its logging and tracing enabled, and its security level is lowered on purpose. Such systems often include deliberate lures or bait, in the hopes of attracting would-be attackers who think they can obtain valuable items on these systems.

Question 2

honeyfile

Answer 2

A file used as bait intended to attract an attacker.

Question 3

honeynet

Answer 3

A network used as bait to attract an attacker.

Question 4

infrastructure as a service (IaaS)

Answer 4

A cloud computing model in which hardware, storage, and networking components are virtualized and provided by an outsourced service provider.

Question 5

platform as a service (PaaS)

Answer 5

The delivery of a computing platform, often an operating system with associated services, over the Internet without downloads or installation.

Question 6

software as a service (SaaS)

Answer 6

A cloud computing model in which software applications are virtualized and provided by an outsourced service provider.

Question 7

edge computing

Answer 7

Computing that happens near the edge of a network, close to where it’s used or needed.

Question 8

container

Answer 8

A technology that packages applications and services together with their runtime environment, allowing them to be run anywhere.

Question 9

software-defined networking (SDN)

Answer 9

A method by which organizations can manage network services through a decoupled underlying infrastructure that allows for quick adjustments based on changing business requirements.

Question 10

software-defined visibility (SDV)

Answer 10

Visualization combined with the capability to dynamically respond to events across software-defined networks.

Question 11

virtualization

Answer 11

A technology developed to allow a guest operating system to run along with a host operating system with one set of hardware.

Question 12

integrity measurement

Answer 12

A method that uses attestation challenges from computed hashes of system or application information to obtain confidence in the trustworthiness and identity of a platform or software.

Question 13

normalization

Answer 13

The conversion of data to its anticipated, simplest known form.

Question 14

obfuscation

Answer 14

The act of making something difficult to understand.

Question 15

Open Web Application Security Project (OWASP)

Answer 15

A nonprofit organization that provides resources to improve the security of software.

Question 16

elasticity

Answer 16

The capability to expand and reduce cloud resources as needed.

Question 17

scalability

Answer 17

The capability to handle the changing needs of a system, process, or application within the confines of the current resources.

Question 18

authentication

Answer 18

The process of identifying users.

Question 19

federation

Answer 19

A way to connect identity management systems by allowing identities to cross multiple jurisdictions.

Question 20

time-based one-time password (TOTP)

Answer 20

An algorithm that computes a one-time password from a shared secret key and the current time.

Question 21

HMAC-based one-time password (HOTP)

Answer 21

An algorithm that relies on a shared secret and a moving factor or counter.

Question 22

multifactor authentication (MFA)

Answer 22

A type of authentication that requires more than just a password for account access. Multifactor authentication involves two or more of the types of authentication (something you know, something you have, something you are, something you do, and somewhere you are), not simply multiple credentials or keys of the same type.

Question 23

redundancy

Answer 23

Replication of a component in identical copies to compensate for random hardware failures.

Question 24

redundant array of inexpensive disks (RAID)

Answer 24

Multiple disks arranged as a large, high-performance logical disk to provide redundancy in case of disk failure.

Question 25

full backup

Answer 25

A complete backup of all data. This is the most time- and resource-intensive form of backup, requiring the largest amount of data storage.

Question 26

differential backup

Answer 26

A backup that provides only the data that has changed since the last full backup. It is incomplete without the last full backup.

Question 27

incremental backup

Answer 27

A backup that includes only the data that has changed since the last incremental backup. It resets the archive bit.

Question 28

snapshot

Answer 28

A picture that preserves the entire state and data of a virtual machine at the time it is taken.

Question 29

defense in depth

Answer 29

A term rooted in military strategy that requires a balanced emphasis on people, technology, and operations to maintain information assurance (IA).

Question 30

supervisory control and data acquisition (SCADA)

Answer 30

A subset of systems considered to be critical infrastructure systems.

Question 31

industrial control system (ICS)

Answer 31

A system that is considered to be critical to the infrastructure, such as manufacturing, a logistics and transportation network, energy and utilities, telecommunication services, agriculture, and food production networks.

Question 32

Internet of Things (IoT)

Answer 32

A network of connected devices that perform specific functions using embedded systems and sensors.

Question 33

heating, ventilation, air conditioning (HVAC)

Answer 33

A form of environmental control that warms, cools, and transports air for the purpose of thermal and humidity regulation.

Question 34

real-time operation system (RTOS)

Answer 34

A small operating system used in embedded systems and IoT applications that typically run in a SoC environment.

Question 35

system on chip (SoC)

Answer 35

Integration between a microcontroller, an application, or a microprocessor and peripherals.

Question 36

mantrap

Answer 36

access control vestibule - A two-door configuration used in high-security facilities that allows only one person to pass at a time.

Question 37

air gap

Answer 37

A physical isolation gap between a system or network and the outside world.

Question 38

digital signature

Answer 38

A U.S. standard for the generation and verification of digital signatures to ensure authenticity.

Question 39

key stretching

Answer 39

A technique that involves running a password through an algorithm to produce an enhanced key, usually of at least 128 bits.

Question 40

salting

Answer 40

An additional input of random data to a function that hashes a password.

Question 41

key exchange

Answer 41

A technique in which a pair of keys is generated and then exchanged between two systems (typically, a client and server) over a network connection to allow them to establish a secure connection.

Question 42

elliptical curve cryptography (ECC)

Answer 42

A method in which elliptic curve equations are used to calculate encryption keys for use in general-purpose encryption.

Question 43

perfect forward secrecy (PFS)

Answer 43

A mechanism to prevent the compromise of a private key used to create session keys from compromising past session keys.

Question 44

ephemeral

Answer 44

A key that is used for only a single session.

Question 45

blockchain

Answer 45

A digital ledger where transactions are grouped into blocks, each linked to the previous block through a cryptographic hash and shared with the network.