Glossary Flashcards

Question

Code of conduct

Answer 1

A policy that may apply to individuals to ensure that they behave in a certain way.

Answer 2

Acting in accordance with a set of rules or a policy.

Answer 3

The principle of ensuring that sensitive information is only accessed or disclosed by authorized individuals and protected from unauthorized access or disclosure.

Answer 4

Security measures and actions taken in response to identified security incidents, vulnerabilities, or non-compliance issues to mitigate risks, rectify the situation, and prevent future occurrences. (A form of Risk treatment)

Answer 5

An action taken to counteract a threat.

Answer 6

The minimum time for which information must remain secret.

Answer 7

Cross-Site Request Forgery (CSRF) is an attack where an attacker tricks a user's browser into performing unwanted actions on a trusted website without the user's knowledge or consent.

Answer 8

A type of web vulnerability that allows attackers to inject malicious scripts or code into web pages viewed by other users. Occurs when a website or web application does not properly validate or sanitize user input, such as input entered into input fields or parameters in URLs.

Answer 9

The practice of analysing and deciphering encrypted data or cryptographic systems with the goal of uncovering the original information, discovering weaknesses in the encryption algorithms, or finding methods to bypass or break the encryption.

Answer 10

The art and science of encoding information to secure it from unauthorized access or modification during transmission or storage.

Answer 11

Measures taken to prevent the unauthorised extraction of data from an organisation.

Answer 12

The process of taking encrypted information and returning it to a state of Plaintext.

Answer 13

A security strategy that involves implementing multiple layers of defence mechanisms and controls to protect against various types of threats and attacks. Rather than relying on a single security measure, defence in depth seeks to create overlapping layers of security that complement and reinforce one another.

Answer 14

The Deming Cycle, also known as the Plan-Do-Check-Act (PDCA) cycle, is a continuous improvement model used to achieve quality control and process improvement. It involves four iterative steps: planning (identifying objectives and processes), doing (implementing the plan), checking (monitoring and evaluating the results), and acting (making necessary adjustments and standardizing improvements) in order to continually enhance performance and efficiency.

Answer 15

A malicious attack or deliberate action that disrupts or overwhelms a computer system, network, or service, rendering it inaccessible or unusable for legitimate users.

Answer 16

Security measures that use policies, procedures, and guidelines to provide explicit instructions and guidance to individuals or entities, ensuring compliance with security requirements and mitigating risks.

Answer 17

The process and strategies put in place to restore and recover critical systems, data, and infrastructure after a disruptive event or disaster, aiming to minimize downtime and resume normal operations as efficiently and effectively as possible.

Answer 18

A cyber attack where multiple compromised devices or systems flood a target network or server with a massive volume of traffic, rendering it inaccessible to legitimate users.

Answer 19

A form of risk treatment, these are tactical controls that identify events while they are taking place.

Answer 20

An electronic document that uses a digital signature to bind a public key with an identity -information such as the name of a person or an organisation, their address and so forth.

Answer 21

A mathematical scheme for demonstrating the authenticity of a digital message or document.

Answer 22

The malicious script or code manipulates the Document Object Model (DOM) of a web page, affecting its behaviour and potentially compromising the security of the user's session.

Answer 23

A domain is a unique and recognizable name associated with a website or network that allows users to access resources on the internet.

Answer 24

The process of encoding messages (or information) in such a way that eavesdroppers or hackers cannot read it but authorised parties can.

Answer 25

the systematic assessment and analysis of something to determine its effectiveness, quality, and value, providing insights for decision-making and improvement.

Answer 26

An indication that something has been detected or has happened when in fact, it has not happened.

Answer 27

A technological barrier designed to prevent unauthorised or unwanted communications between computer networks or hosts.

Answer 28

The General Data Protection Regulation (GDPR) is a comprehensive EU law that regulates the processing and protection of personal data to ensure individuals' privacy rights are upheld.

Answer 29

A comprehensive data protection and privacy regulation introduced by the European Union (EU) in 2018. It establishes rules and guidelines for the collection, processing, and storage of personal data of individuals within the EU, and grants them greater control and rights over their personal information, while imposing obligations on organizations that handle such data to ensure its protection and lawful use.

Answer 30

Governance refers to the processes, policies, and practices implemented by an organization or governing body to ensure effective decision-making, accountability, and the proper management of resources. It involves establishing frameworks, structures, and controls to guide the actions and behaviours of individuals and entities within an organization, with the ultimate goal of achieving organizational objectives and fulfilling responsibilities to stakeholders.

Answer 31

Hardening refers to the process of strengthening and securing a computer system, network, or software application to reduce vulnerabilities and enhance resistance against potential threats and attacks. It involves implementing security measures, such as configuring system settings, removing unnecessary services, applying patches and updates, enforcing access controls, and implementing encryption, to minimize the attack surface and improve the overall security posture of the system. Hardening measures aim to protect against unauthorized access, data breaches, and other security risks.

Answer 32

A hash digest, also known as a hash value or hash code, is the output generated by a hash function when it processes input data. A hash function is a mathematical algorithm that takes an input (such as a file, message, or data) and produces a fixed-size alphanumeric string, which represents a unique "digest" of the input. The hash function processes the input in a way that any slight change in the input will result in a significantly different hash value. Hash functions are commonly used in cryptography, data integrity verification, password storage, and digital signatures.

Answer 33

Hashing is the process of applying a hash function to input data in order to generate a fixed-size output, known as a hash value or hash code. The hash function takes the input and applies a mathematical algorithm to produce a unique and representative hash value. The resulting hash value is typically used to verify the integrity of data, compare files or messages for similarity, store passwords securely, and provide quick data retrieval in data structures like hash tables

Answer 34

The process of confirming the identity of an individual or entity.

Answer 35

Integrity refers to the quality or state of information or data being complete, accurate, and unaltered throughout its lifecycle.

Answer 36

Mitigation is the process of implementing measures to reduce the potential impact or severity of a threat or risk.

Answer 37

Acceptance is the conscious decision to tolerate a risk without implementing additional measures to mitigate or control it.

Answer 38

MTD refers to the maximum duration of time that an organization can tolerate being without its critical business functions or IT systems after a disruption or disaster occurs. It represents the upper limit of acceptable downtime beyond which the organization's viability and objectives may be seriously compromised.

Answer 39

Non-repudiation is the assurance that the originator of a message cannot deny their involvement or the authenticity of the message sent.

Answer 40

The Open Security Architecture (OSA) is a framework related to technical and functional security controls. OSA offers a comprehensive overview of crucial security components, principles, issues, and concepts that underlie architectural decisions involved in designing effective security architectures. However, OSA can only be used if the security architecture has already been designed.

Answer 41

Penetration testing, often referred to as pen testing, is a systematic process of evaluating the security of a computer system, network, or application by simulating real-world attacks. It involves authorized attempts to exploit vulnerabilities and identify weaknesses in order to assess the overall security posture and potential risks.

Answer 42

The processes, controls, and technologies implemented to manage and secure the access and activities of privileged users within an organization. It involves identifying and managing accounts with elevated privileges, such as system administrators or IT administrators, and implementing measures to control and monitor their access to sensitive systems, data, and resources. PUM aims to mitigate the risks associated with privileged access, ensure accountability, and protect against unauthorized or malicious actions by privileged users.

Answer 43

The malicious script or code is embedded in a URL or input field and is then reflected back to the user in the website's response. The script is executed when the user clicks on the manipulated link or interacts with the vulnerable input field.

Answer 44

a central location in which data is stored and managed.

Answer 45

RPO represents the maximum tolerable amount of data loss that an organization can afford during a disruption or disaster. It defines the point in time to which data must be recovered in order to resume operations with an acceptable level of data integrity. RPO is often measured in terms of time, indicating the maximum acceptable time gap between the last data backup and the occurrence of the disruption.

Answer 46

RTO is the targeted duration of time within which a business process, system, or service needs to be restored after a disruption. It defines the time frame within which the organization aims to recover its critical functions and resume normal operations following a disaster. RTO typically includes the time required for incident response, recovery procedures, and restoration activities.

Answer 47

The Sherwood Applied Business Security Architecture, is a policy-driven framework. It helps define the critical questions that security architecture can only answer: what, why, when, and who. The goal of SABSA is to ensure that after the design of security services, they are then delivered and supported as an integral part of the enterprise’s IT management. One downside, however, is that SABSA doesn’t get into specifics regarding technical implementation.

Answer 48

is a structured approach or model that provides guidelines and principles for designing and implementing effective security measures within an organization's infrastructure and systems. Examples: TOGAF, SABSA, OSA.

Answer 49

It is a centralized facility or team within an organization that is responsible for monitoring, detecting, analysing, and responding to cybersecurity incidents and threats. The primary function of a SOC is to maintain the security of an organization's systems, networks, and data by actively monitoring and managing security events and incidents in real-time.

Answer 50

Is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It focuses on evaluating the effectiveness of internal controls over financial reporting (ICFR) within a service organization. This report assesses the design effectiveness of the controls at a specific point in time.

Answer 51

is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It focuses on evaluating and reporting on the controls implemented by service organizations related to security, availability, processing integrity, confidentiality, and privacy of customer data. This report assesses the design effectiveness as well as the operating effectiveness of the controls over a specified period (generally six to twelve months).

Answer 52

It is a programming language used for managing and manipulating relational databases. SQL is commonly used to create, retrieve, update, and delete data stored in databases, as well as to define database schemas, create tables, and establish relationships between tables. It is widely used in the field of database management systems and plays a crucial role in interacting with and managing data in relational databases.

Answer 53

SQL (Structured Query Language) injection is a web security vulnerability that allows an attacker to insert malicious SQL code into a web application's database query, potentially gaining unauthorized access, manipulating data, or executing arbitrary commands.

Answer 54

The malicious script or code is permanently stored on the target website or web application. Whenever a user accesses the affected page, the script is executed. For example, let's say there is a vulnerability in the platform's comment system that does not properly sanitize user input. The attacker takes advantage of this vulnerability by posting a comment containing a malicious script. The script is stored on the platform's server and becomes part of the comment's content. When other users view the affected comment, their web browsers execute the malicious script unknowingly. The script can perform various actions, such as stealing sensitive information (like login credentials or personal data), redirecting users to malicious websites, or even initiating unauthorized actions on behalf of the user.

Answer 55

Symmetric refers to a cryptographic system or algorithm that uses the same key for both encryption and decryption processes.

Answer 56

A threat is a potential event or circumstance that can cause harm, damage, or compromise to an organization's assets, operations, or information systems.

Answer 57

The Open Group Architecture Framework, helps determine which problems need to be solved within the security infrastructure in a business. Its primary focus is on the organization’s goal and scope, as well as the preliminary phases of security architecture. TOGAF does not, however, give specific guidance on ways to address security issues.

Answer 58

A type of malicious software (malware) that disguises itself as a legitimate or harmless program, file, or attachment to deceive users and gain unauthorized access to their computer systems or networks.

Answer 59

A type of cyber attack that takes advantage of a previously unknown vulnerability or weakness in software, hardware, or a computer system. It occurs before the vulnerability is discovered or a patch is released, making it challenging to defend against and potentially causing significant damage.

Answer 60

Administrative controls are policies, procedures, or rules implemented to manage and regulate behaviours, actions, and responsibilities within an organization, aiming to ensure compliance, accountability, and effective security management.

Answer 61

A security practitioner is an individual who specializes in the field of security and is responsible for implementing and managing various security measures to protect information, systems, networks, or physical assets from threats and risks.

Answer 62

A policy is a formal document that outlines the rules, guidelines, and principles that govern the behavior, decisions, and actions within an organization to achieve specific objectives or address specific concerns

Answer 63

A procedure is a documented sequence of steps or actions that provides specific instructions for carrying out a particular task, process, or activity within an organization.

Answer 64

A law is a binding and enforceable rule or regulation established by a governing authority to govern the behaviour of individuals or groups within a society.

Answer 65

A standard is a documented set of criteria, guidelines, or specifications that provide a reference for consistent and reliable practices, processes, or products in a specific industry or field.

Answer 66

It is an access control model where access permissions are based on the roles assigned to users.

Answer 67

It is a security model where access to resources is based on set policies and rules defined by a central authority or system administrator.

Answer 68

It is an access control model where access to resources is determined by the discretion of the resource owner or manager.

Answer 69

Redundancy is the duplication or backup of critical resources to ensure continuous operation and minimize the impact of failures or disruptions.

Answer 70

Intrusion Prevention System (IPS) is a security technology that actively monitors and analyses network traffic to detect and block potential threats or malicious activities in real-time.

Answer 71

Intrusion Detection System (IDS) is a security technology that passively monitors and analyses network traffic to identify and alert about potential security breaches or unauthorized activities.

Answer 72

refers to the set of processes and activities undertaken to ensure that a product or service meets specified quality standards. It involves monitoring and evaluating the development or production process, identifying defects or deviations from requirements, and implementing corrective actions to improve quality and prevent issues.

Answer 73

Source code analysis is the process of examining the source code of a software application to identify programming errors, security vulnerabilities, and adherence to coding standards.

Answer 74

Packet sniffing, also known as network sniffing or packet analysis, is the practice of capturing and inspecting network traffic in order to gather information or analyse its contents. It involves intercepting and examining the packets of data that are transmitted over a network, allowing an attacker to potentially access sensitive information, such as usernames, passwords, or other confidential data.

Answer 75

White noise generation is a technique used to create a random, non-stop, and uniform sound signal that covers a wide range of frequencies. It is often used as a physical security control to mask or interfere with the detection of genuine electromagnetic emanations from computing equipment. The purpose is to confuse or prevent eavesdropping or unauthorized interception of sensitive information.

Answer 76

Quantitative refers to a type of analysis or measurement that involves the use of numerical data and mathematical models to assess and quantify risks, impacts, probabilities, or other factors related to a particular subject or situation. It involves the use of quantitative methods and techniques to derive objective and measurable results.

Answer 77

Qualitative refers to a type of analysis or assessment that focuses on non-numerical data and subjective factors to understand and evaluate a subject or situation. It involves gathering and interpreting qualitative data such as observations, opinions, interviews, and descriptions to gain insights, identify patterns, and make subjective judgments. Qualitative analysis often involves a more subjective and interpretive approach compared to quantitative analysis.

Answer 78

Static testing is a software testing technique that is performed without executing the code. It involves analysing the software artifacts such as requirements, design documents, and source code to identify defects, compliance issues, and other quality concerns. Static testing techniques include code reviews, walkthroughs, inspections, and other forms of manual or automated analysis. The objective of static testing is to improve the quality of the software by identifying and addressing issues early in the development process.

Answer 79

Dynamic testing is a software testing technique that involves executing the software and observing its behaviour to evaluate its performance, functionality, and other dynamic characteristics. It is performed by running the software with various inputs and verifying if the actual output matches the expected output. Dynamic testing can include activities such as functional testing, integration testing, system testing, performance testing, and security testing. The goal of dynamic testing is to ensure that the software functions correctly and meets the specified requirements.

Answer 80

The Systems Security Engineering Capability Maturity Model (SSE-CMM) is a process-oriented information system evaluation method. It focuses on assessing and improving the capability of an organization's security engineering processes. It provides a framework for evaluating and improving an organization's ability to manage and secure its information systems throughout their lifecycle. The SSE-CMM emphasizes the process aspects of security engineering rather than assurance aspects.

Answer 81

User input validation is a security countermeasure that involves validating and sanitizing user input to ensure it adheres to expected formats and does not contain malicious code or characters. By implementing proper input validation techniques, such as parameterized queries or prepared statements, an application can effectively prevent SQL injection attacks by ensuring that user input is treated as data rather than executable code.

Answer 82

Hexadecimal is a number system commonly used in computing and digital systems. It is a base-16 numbering system that uses digits from 0 to 9 and letters A to F to represent values from 0 to 15. In hexadecimal, each digit represents a four-bit binary value, making it a convenient way to represent and manipulate binary data. Hexadecimal numbers are often used to represent memory addresses, colour values, and binary data in programming and computer systems

Answer 83

A virus is a type of malicious software that replicates itself and infects computer systems, causing damage and spreading to other computers.

Answer 84

A worm is a type of malicious software that can self-replicate and spread across computer networks without requiring user interaction, often causing harm to the network or consuming system resources.

Answer 85

A repudiation attack refers to an unauthorized attempt to deny or reject the validity or involvement in a transaction, communication, or action. In other words, it involves one party falsely denying their participation or responsibility in an event, transaction, or communication. This type of attack can have serious consequences in various domains, such as e-commerce, digital signatures, legal agreements, and financial transactions, where proof of authenticity and accountability is crucial.

Answer 86

It is an access control model that determines access to resources based on attributes associated with users, objects, and the environment. In ABAC, access decisions are made by evaluating the attributes of the requesting entity, the attributes of the resource being accessed, and the environmental conditions. This model allows for more fine-grained access control, as access decisions can be based on multiple attributes and conditions rather than relying solely on roles or permissions. ABAC offers flexibility and adaptability in managing access control policies, making it suitable for complex and dynamic environments.

Answer 87

a person who uses existing computer scripts or codes to hack into computers, lacking the expertise to write their own.

Answer 88

It is a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability. An ISMS typically involves a set of policies, procedures, processes, and controls designed to manage risks and protect information assets. The implementation of an ISMS helps organizations establish a framework for identifying, assessing, and managing information security risks, as well as defining and implementing security controls to mitigate those risks. The goal of an ISMS is to ensure the confidentiality, integrity, and availability of information assets while meeting legal, regulatory, and business requirements. It often follows international standards such as ISO/IEC 27001 for establishing and maintaining an effective information security management system.

Answer 89

Tangible assets are the physical assets of an organization, the assets that can be seen and touched. Examples of tangible assets include computers, desks, and buildings.

Answer 90

An intangible asset is a non-monetary asset that cannot be seen or touched.

Answer 91

give (someone) the authority or means to do something; make it possible for.

Answer 92

Corrective action refers to the steps taken to address and resolve identified problems, errors, or non-conformities in order to prevent their recurrence and improve overall performance or compliance.

Answer 93

A honeypot is a security mechanism designed to attract and deceive potential attackers, allowing organizations to observe and analyse their tactics, techniques, and behaviours.

Answer 94

A trapdoor is a hidden and deliberate vulnerability or backdoor intentionally built into a system or software, allowing unauthorized access or bypassing of security measures.

Answer 95

PKI stands for Public Key Infrastructure, which is a system of technologies, policies, and procedures that enables the creation, distribution, and management of digital certificates and cryptographic keys to secure communication and verify the authenticity of users, devices, and data.