Chapter 1: Getting Started Flashcards

Question

Define doxing

Answer 1

The process of searching for and publishing private information about a target (usually an individual) on the internet, typically with malicious intent.

Answer 2

1. Identify Security Objectives 2. Application Overview 3. Decompose Application 4. Identify Threats 5. Identify Vulnerabilities

Answer 3

Enterprise Information Security Architecture

Answer 4

A collection of requirements and processes that helps determine how an organization's information systems are built and how they work.

Answer 5

* Risk Identification * Risk Assessment * Risk Treatment * Risk Tracking * Risk Review

Answer 6

Any item of value or worth to an organization, whether physical or virtual.

Answer 7

Any circumstance or event with the potential to adversely impact organizational operations, organizational assests, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.

Answer 8

Safeguards or countermeasures to avoid, counteract or minimize security risks.

Answer 9

The potential for damage to or loss of an IT asset

Answer 10

Authentication

Answer 11

Backups and restore

Answer 12

Business Impact Analysis

Answer 13

An organized process to gauge the potential effects of an interruption to critical business operations as a result of a disaster, accident, or emergency.

Answer 14

Maximum Tolerable Downtime

Answer 15

A measurement of the potential cost due to a particular asset being unavailable, used as a means to prioritize the recovery of assests should the worst occur.

Answer 16

Business Continuity Plan

Answer 17

A set of plans and procedures to follow in the event of a failure or a disaster, security related or not, to get business services back up and running. ## Footnote Includes a DRP that addresses exactly what to do to recover lost data or services

Answer 18

Disaster Recovery Plan

Answer 19

A documented set of procedures to recover business infrasstructures in the event of a disaster.

Answer 20

Annualized Loss Expectancy

Answer 21

A measurement of the cost of an asset's value to the organization and the monetary loss that can be expected for an asset due to risk over a one-year period.

Answer 22

ALE = ARO * SLE ## Footnote ARO = Annualized Rate of Occurance SLE = Single Loss Expectancy

Answer 23

Annualized Rate of Occurance

Answer 24

An estimate of the number of times during a year a particular asset would be lost or experience downtime.

Answer 25

Single Loss Expectancy

Answer 26

The monetary value expected from the occurance of a risk of an asset

Answer 27

SLE = AV * EF ## Footnote AV = Asset Value EF = Exposure Factor

Answer 28

Exposure Factor

Answer 29

The subjective, potential percentage of loss to a specific asset if a specific threat is realized.

Answer 30

Confidentiality, Integrity, Availability ## Footnote This is the Holy Trinity of IT security

Answer 31

A security objective that ensures a resource can be accessed only by authorized users. This is alos the security priniciple that stipulates sensitive informatino is not disclosed to unauthorized individuals, entities, or processes.

Answer 32

The security property that data is not modified in an unauthorized and undetected manner. Also, this is the principle of taking measures to ensure that data received is in the same condition and state as when it was originally transmitted.

Answer 33

The condition of a resource being ready for use and accessible by authorized users.

Answer 34

A unique numerical string, created by a hashing algorithm on a given piece of data, used to verify data integrity

Answer 35

A one-way mathematical function that generates a fixed length numerical string (hash) from a given data input. Examples of hashing algorithms: MD5 and SHA-1

Answer 36

Denial of Service

Answer 37

An attack with the goal of preventing authorized users from accessing services and preventing the normal operation of computers and networks.

Answer 38

Target Of Evaluation

Answer 39

What is being tested

Answer 40

Security Target

Answer 41

The documentation describing TOE and security requirements

Answer 42

Protection Profile

Answer 43

A set of secuirty requirements specifically for the type of product being tested.

Answer 44

Restricting access to a resource in some selective manner

Answer 45

Mandatory Access Control

Answer 46

An access control model in which access to system resources is restricted based on the sensitivity of the information contained in the system resource and the formal authorization of users to access information such as sensitivity.

Answer 47

Discretionary Access Control

Answer 48

An access control model in which an individual user, or program operating on the user's behalf, is allowed to specify explicitly the types of access other users may have to information under the user's control.

Answer 49

A document describing the security controls implemented in a business to accomplish a goal.

Answer 50

Identifies the resources that need protection and the rules in place to control access to those resources.

Answer 51

Identifies to employees what company systems may be used for, what they cannot be used for, and what the consequences are for breaking the rules.

Answer 52

Information sensitivity levels and who has access to those levels. Also addresses how data is stored, transmitted, and destroyed.

Answer 53

Everything imaginable about passwords within the organization, including length, complexity, maximum and minimum age, and reuse.

Answer 54

Sometimes also called the e-mail security policy, addresses the proper use of the company e-mail system.

Answer 55

The framework for auditing secrity within the organization. When, where, how, how often, and sometimes even who conducts information security audits are described here.

Answer 56

1. promiscuous - wide open 2. permissive - blocks only things that are known to be dangerous 3. prudent - provides maximum security but allows some potentially and know dangerous services because of business needs 4. paranoid - locks everythingn down, not even allowing the user to open so much as an internet browser

Answer 57

Mandatory rules used to achieve consistency

Answer 58

Provides the minimum security level necessary

Answer 59

Flexible, recommended actions users are to take in the event there is no standard to follow.

Answer 60

Detailed step-by-step instructions for accomplishing a taak or goal.

Answer 61

Someone who manipulates telecommunications systems in order to make free calls.

Answer 62

An ethical hacker. Engaged to test the security of an organization, and work solely within the bounds of an agreement that has been signed and afreed upon by all parties before the assessment begins.

Answer 63

An attacker who breaks into computer systems with malicious intent, with-out the owner's knowledge or permission.

Answer 64

A skilled hacker who straddles the line between white hat (ethical) and black hat (malicious). Sometimes perform illegal acts to exploit technology with the intent of achieving better security.

Answer 65

The act or actions of a hacker to put forward a cause or political agenda, to affect some societal change, or to shed light on something the hacker feels to be a political injustice. Usually illegal in nature.

Answer 66

A hacker who aims to bring down critical infrastructure for a "cause" and does not worry about the penalties associated with their actions.

Answer 67

Derogatory term used to describe an attacker, usually new to the field, who uses simple, easy-to-follow scripts or programs developed by others to attack computer systems and networks and deface websites.

Answer 68

Someone motivated by religious or political beliefs to create fear and large-scale systems disruption.

Answer 69

A hacker employed by the government.

Answer 70

1. Operating system attacks 2. Application-level attacks 3. Shrink-wrapped code attacks 4. Misconfiguration attacks

Answer 71

1. Reconnaissance 2. Scanning and enumeration 3. Gaining access 4. Maintaining access 5. Covering tracks

Answer 72

The steps taken to gather evidence and information on the targets you want to attack.

Answer 73

Gathering information about your target without their knowledge.

Answer 74

Using tools and techniques that may or may not be discovered but put your activities as a hcaker at more risk of discovery.

Answer 75

Taking the information gathered during reconnaissance and actively apply tools and techniques to gather more in-depth information on the targets.

Answer 76

When true attacks are leveled againsed the targets enumerated in the scanning and enumeration phase.

Answer 77

Hackers attempt to ensure they have a way back into the machine or system they've already compromised.

Answer 78

A machine used to launch further attacks from

Answer 79

Attackers attempt to conceal their success and avoid detection by security professionals. ## Footnote Ex. altering log files, hiding files with hidden attribures or directories, etc.

Answer 80

Security Incident and Event Manager

Answer 81

Indicator Of Compromise

Answer 82

Clues (identifiers, tidbits of information or settings, etc.) that you can readily identify as a strong sympton you've been hacked.

Answer 83

1. E-mail indicators - senders' addresses, subject lines, types of attachments 2. Network indicators - URLs, domain names, IP addresses 3. Host-based indicators - filenames, hashes, registry keys 4. Behavioral indicators - PowerShell executions, remote command executions, etc.

Answer 84

A group of people gathered together by a business entity, working to address a specific problem or goal.

Answer 85

A method of evaluating the security of a computer system or network by simulating an attack from a malicious source. A clearly defined, full-scale test of the security controls of a system or network in order to identify security risks and vulnerabilities.

Answer 86

1. Preparation - time period during which the actual contract is hammered out 2. Assessment - the actual assault on the security controls 3. Conclusion - final reports are prepared

Answer 87

When the ethical hacker has absolutely no knowledge of the TOE. Used to simulate an outside, unknown attacker.

Answer 88

When the pen testers have full knowledge of the network, system, and infrastructure they're targeting. Used to simulate a knowledgeable internal threat such as a disgruntled network admin or other trusted user.

Answer 89

When the ethical hacker has limited knowledge of the intended target. Used to simulate an internal but non-system-admin.

Answer 90

Health Insurance Portability and Accountability Act

Answer 91

1. Electronic Tansactions and Code Sets 2. Privacy Rule 3. Security Rule 4. National Identifier Requirements 5. Enforcement

Answer 92

Sarbanes-Oxley Act

Answer 93

Makes corporate disclosures more accurate and reliable in order to protect the public and investors from shady behavior.

Answer 94

Payment Card Industry Data Security Standard

Answer 95

The security standard for organizations handling credit cards, ATM cards, and other point-of-sale cards.

Answer 96

1. Install and maintain firewall configuration 2. Remove vendor-supplied default passwords and other default security features 3. Protect stored data 4. Encrypt transmission of cardholder data 5. Install, use, and update antivirus 6. Develop secure systems and applications 7. Use "need to know" as a guideline to restric access to data 8. Assign a unique ID to each stakeholder in the process 9. Restrict any physical access to the data 10. Monitor all access to data and network resources 11. Test security procedures and systems regularly 12. Create and maintain an information security policy

Answer 97

A standard that provides requirements for creating, maintaining and improving organizational information security systems.

Chapter 1: Getting Started Flashcards

(122 cards)