CySA+ Study Notes 13 Flashcards
(10 cards)
??? is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP). … ??? transactions use Extensible Markup Language (XML) for standardized communications between the identity provider and service providers.
SAML
??? messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP).
SOAP
special “trusted” network computer performing a variety of cryptographic operations: key management, key exchange, encryption etc. … Actively hides and protects cryptographic material.
HSM
defends against software-based attacks aimed at stealing sensitive information by corrupting system or BIOS code, or modifying a platform’s configuration.
Trusted Execution
CPU hardware-level isolation and memory encryption on every server, by isolating application code and data from anyone with privileges, and encrypting its memory. With additional software, ??? enable the encryption of both storage and network data for simple full stack security.
*** allows changes to users pc to be detected by authorized parties.
Secure Enclave / Attestation
??? technique used by cyber attackers to generate new domain names and IP addresses for malware’s command and control servers. Executed in a manner that seems random, it makes it nearly impossible for threat hunters to detect and contain the attack.
Domain Generation Algorithm
special files that record significant events on your computer, such as when a user logs on to the computer or when a program encounters an error.
Event Logs
block of text appended to the end of an email message often containing the sender’s name, address, phone number, disclaimer or other contact information …
Email Signature Block
??? is the process of adding additional information to your existing contacts for more complete data.
??? an ongoing stream of data related to potential or current threats to an organization’s security. … Sources of threat intelligence data include free indicator feeds, paid feeds, bulletins, internal intelligence gathering and strategic partnerships.
Data Enrichment / Threat Feed Combination
a method for using specific standards to help organizations automate vulnerability management and policy compliance evaluation. ??? comprises numerous open security standards, as well as applications which use these standards to check systems for vulnerabilities and misconfigurations.
SCAP
