Glossary E-F

Question 1

EAP (Extensible Authentication Protocol)

Answer 1

Framework for negotiating authentication methods that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication.

Question 2

EAP-FAST (EAP Flexible Authentication via Secure Tunneling)

Answer 2

An EAP method that is expected to address the shortcomings of LEAP.

Question 3

EAPoL (Extensible Authentication Protocol over LAN)

Answer 3

A port-based network access control (PNAC) mechanism that allows the use of EAP authentication when a host connects to an Ethernet switch.

Question 4

EAPoL (Extensible Authentication Protocol over LAN)

Answer 4

A port-based network access control (PNAC) mechanism that allows the use of EAP authentication when a host connects to an Ethernet switch.

Question 5

EAP-TLS (EAP Transport Layer Security)

Answer 5

An EAP method that requires server-side and client-side certificates for authentication using SSL/ TLS.

Question 6

EAP-TTLS (EAP Tunneled Transport Layer Security)

Answer 6

An EAP method that enables a client and server to establish a secure connection without mandating a client-side certificate.

Question 7

east-west traffic

Answer 7

Design paradigm accounting for the fact that data center traffic between servers is greater than that passing in and out (north-south).

Question 8

ECC (elliptic curve cryptography)

Answer 8

An asymmetric encryption algorithm that leverages the algebraic structures of elliptic curves over finite fields to derive public/private key pairs.

Question 9

edge computing

Answer 9

Provisioning processing resource close to the network edge of IoT devices to reduce latency.

Question 10

e-discovery

Answer 10

Procedures and tools to collect, preserve, and analyze digital evidence.

Question 11

EDR (endpoint detection and response)

Answer 11

A software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats.

Question 12

EF (exposure factor)

Answer 12

In risk calculation, the percentage of an asset’s value that would be lost during a security incident or disaster scenario.

Question 13

elasticity

Answer 13

The property by which a computing environment can instantly react to both increasing and decreasing demands in workload.

Question 14

entropy

Answer 14

A measure of disorder. Cryptographic systems should exhibit high entropy to better resist brute force attacks.

Question 15

EOL (end of life)

Answer 15

Product life cycle phase where sales are discontinued and support options reduced over time.

Question 16

EOSL (end of service life)

Answer 16

Product life cycle phase where support is no longer available from the vendor.

Question 17

EPP (endpoint protection platform)

Answer 17

A software agent and monitoring system that performs multiple security tasks.

Question 18

ERM (enterprise risk management)

Answer 18

The comprehensive process of evaluating, measuring, and mitigating the many risks that pervade an organization.

Question 19

error handling

Answer 19

Coding methods to anticipate and deal with exceptions thrown during execution of a process.

Question 20

escrow

Answer 20

In key management, the storage of a backup key with a third party.

Question 21

ESP (Encapsulating Security Protocol)

Answer 21

IPSec sub-protocol that enables encryption and authentication of the header and payload of a data packet.

Question 22

evil twin

Answer 22

A wireless access point that deceives users into believing that it is a legitimate network access point.

Question 23

execution control

Answer 23

The process of determining what additional software may be installed on a client or server beyond its baseline to prevent the use of unauthorized software.

Question 24

exploitation framework

Answer 24

Suite of tools designed to automate delivery of exploits against common software and firmware vulnerabilities.

Question 25

extranet

Answer 25

A private network that provides some access to outside parties, particularly vendors, partners, and select customers.

Question 26

failover

Answer 26

A technique that ensures a redundant component, device, or application can quickly and efficiently take over the functionality of an asset that has failed.

Question 27

fake telemetry

Answer 27

Deception strategy that returns spoofed data in response to network probes.

Question 28

false negative

Answer 28

In security scanning, a case that is not reported when it should be.

Question 29

false positive

Answer 29

In security scanning, a case that is reported when it should not be.

Question 30

FAR (false acceptance rate)

Answer 30

Biometric assessment metric that measures the number of unauthorized users who are mistakenly allowed access.

Question 31

Faraday cage

Answer 31

A wire mesh container that blocks external electromagnetic fields from entering into the container.

Question 32

FC (Fibre Channel)

Answer 32

High speed network communications protocol used to implement SANs.

Question 33

FDE (full disk encryption)

Answer 33

Encryption of all data on a disk (including system files, temporary files, and the pagefile) can be accomplished via a supported OS, third-party software, or at the controller level by the disk device itself.

Question 34

federation

Answer 34

A process that provides a shared login capability across multiple systems and enterprises. It essentially connects the identity management services of multiple systems.

Question 35

FIM (file integrity monitoring)

Answer 35

A type of software that reviews system files to ensure that they have not been tampered with.

Question 36

fingerprint scanner

Answer 36

Biometric authentication device that can produce a template signature of a user's fingerprint then subsequently compare the template to the digit submitted for authentication.

Question 37

first responder

Answer 37

The first experienced person or team to arrive at the scene of an incident.

Question 38

fog computing

Answer 38

Provisioning processing resource between the network edge of IoT devices and the data center to reduce latency.

Question 39

FPGA (field programmable gate array)

Answer 39

A processor that can be programmed to perform a specific function by a customer rather than at the time of manufacture.

Question 40

FRR (false rejection rate)

Answer 40

Biometric assessment metric that measures the number of valid subjects who are denied access.

Question 41

FTK (Forensic Toolkit)

Answer 41

A commercial digital forensics investigation management and utilities suite, published by AccessData.

Question 42

FTPS

Answer 42

A type of FTP using TLS for confidentiality.

Question 43

full backup

Answer 43

A backup type in which all selected files, regardless of prior state, are backed up. full tunnel VPN configuration where all traffic is routed via the VPN gateway.