IS3440 CHAP 1 SECURITY THREATS TO LINUX Flashcards
____ a web server service used primarily on Linux.
APACHE
____ is a Parkerian hexad concept related to the CIA triad concept of integrity. It can help users and administrators verify that important communications, are genuine.
AUTHENTICITY
___ a CIA triad concept in which users have access to their data when they want it.
AVAILABILTIY
___ is the first thing that is run when you power up an older computer. It identifies and tests connected hardware to a point where an operating system can be loaded from media such as a hard drive.
BASIC INPUT/OUTPUT SYSTEM (BIOS)
___ is a user who wants to break into computer systems and networks with malicious purposes in mind.
BLACK-HAT HACKER
___ is the private company that is the corporate backer of the Ubuntu distribution.
CANONICAL
___ is a vendor-neutral certification for information security created by (ISC) that requires professional experience in multiple security domains.
CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONS (CISSP)
___ this specifies three goals of information security: confidentiality integrity, and availability.
CIA TRIAD
___ is one of the ISECOM channels for security audits.
COMMUNICATIONS SECURITY (COMSEC)
___ in the open source community, this is a malicious user who wants to break into a computer system.
CRACKER
___ is one of several open source licenses used to share the source code for software.
GNU GENERAL PUBLIC LICENSE (GPL)
___ is the open source implementation of PGP, developed by the GNU Foundation.
GNU PRIVACY GUARD (GPG)
___ is a recursive acronym for the work of the GNU Foundation, including the clones of UNIX tools and libraries found in current Linux distributions.
GNU’S NOT UNIX (GNU)
____ is a US law that specifies confidentiality requirements for personal financial data.
GRAMM-LEACH-BLILEY ACT (GLBA)
____ is the organization associated with open source security certification and testing. It qualifies security professionals with four professionals with four certificates.
OSPA; OSPE; SOPT, AND OWPE.
(ISECOM) INSTITUTE FOR SECURITY AND OPEN METHODOLOGIES
___ is a CIA triad concept of trust, verified by means such as GPG key.
INTEGRITY
___ is an organization for security professionals. It qualifies professionals through the SSCP and CISSP certifications.
(ISC)2 INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM
____ is part of the Transmission Control Protocol/Internet Protocol suite of protocols. It is normally used to send error and network status messages.
(ICMP) INTERNET CONTROL MESSAGE PROTOCOL
____ is a version of the Internet Protocol still in common use today that the addresses use 32 bits.
(IPv4) INTERNET PROTOCOL VERSION 4
___ is a more recent version of the Internet Protocol in common use that the addresses use 128 bits.
(IPv6) INTERNET PROTOCOL VERSION 6
____ is a security control system that limits access to objects such as files and directories to specified users and groups.
MANDATORY ACCESS CONTROL
This is a reference to network address translation where private Internet Protocol (IP) addresses on a network ______ with a public IP address, normally the gateway address to the network.
MASQUERADING
___ is a file-sharing system connected to a network, normally using file-sharing protocols such as Samba.
(NFS) NETWORK FILE SYSTEM