CompTIA CySA+ CS0-003 Deck 5 Flashcards
Learn key concepts found in the CompTIA CySA+ CS0-003 Exam. (32 cards)
Shibboleth
An identity federation method that provides single sign-on capabilities and enables websites to make informed authorization decisions for access to protected online resources.
Trust Model
In PKI, a description of how users and different CAs exchange information and certificates.
(CASB)
Cloud Access Security Broker
(CASB) Cloud Access Security Broker
Enterprise management software designed to mediate access to cloud services by users across all types of devices.
Forward proxy
A server that mediates the communications between a client and another server. It can filter and often modify communications as well as provide caching services to improve performance.
Reverse proxy
A type of proxy server that protects servers from direct contact with client requests.
(DLP)
Data loss prevention
(DLP) Data loss prevention
A software solution that detects and prevents sensitive information from being stored on unauthorized systems or transmitted over unauthorized networks.
(PII)
Personally Identifiable Information
(PII) Personally Identifiable Information
Data that can be used to identify or contact an individual (or, in the case of identity theft, to impersonate them).
(PHI)
Protected Health Information
(PHI) Protected Health Information
Data that can be used to identify an individual and includes information about past, present, or future health, as well as related payments and data used in the operation of a healthcare business.
(PIFI)
Personal Identifiable Financial Information
(PIFI) Personal Identifiable Financial Information
Personal information about a consumer provided to a financial institution that can include account number, credit/debit card number, name, social security number and other information.
(CHD)
Cardholder data
Cardholder data (CHD)
Any type of personally identifiable information (PII) associated with a person who has a payment card, such as a credit or debit card.
(IP) Intellectual Property
Data that is of commercial value and can be granted rights of ownership, such as copyrights, patents, and trademarks.
(PKI)
Public key infrastructure
(PKI) Public key infrastructure
Framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities.
(SSL)
Secure Socket Layer
(SSL) Secure Socket Layer
The original, obsolete version of the security protocol now developed as TLS.
What is the acronym for the three-digit security code typically located on the signature strip of a credit card?
CVV
(SIEM)
Security Information and Event Management
(SIEM) Security Information and Event Management
A solution that provides real-time or near-real-time analysis of security alerts generated by network hardware and applications.
