ITPROTV Security Glossary Flashcards

Question

Alert

Answer 1

Notification that a specific attack has been directed at the information system of an organization .

Answer 2

Cryptanalysis attack that exploits vulnerabilities within the intrinsic algebraic structure of mathematical functions .

Answer 3

Set of mathematical and logic rules used in cryptographic functions .

Answer 4

Continuously varying electromagnetic wave that represents and transmits data .

Answer 5

Cryptanalysis attack that exploits vulnerabilities within the algorithm structure .

Answer 6

Annual expected loss if a specific vulnerability is exploited and how it affects a single asset . SLE x ARO = ALE .

Answer 7

Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring, or administrative privileges .

Answer 8

Software interface that enables process-to-process interaction . Common way to provide access to standard routines to a set of software programs .

Answer 9

Component of the CPU that carries out logic and mathematical functions as they are laid out in the programming code being processed by the CPU .

Answer 10

Tools that convert assembly code into the necessary machine-compatible binary language for processing activities to take place .

Answer 11

A low-level programming language that is the mnemonic representation of machine-level instructions .

Answer 12

Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy .

Answer 13

Check-list and process of examining the security-relevant parts of a system (TCB, reference monitor, security kernel) and assigning the system an assurance rating .

Answer 14

– Encryption method that uses two different key types, public and private . Also called public key cryptography

Answer 15

When a computer has two or more CPUs and one CPU is dedicated to a specific program while the other CPUs carry out general processing procedures .

Answer 16

Transmission sequencing technology that uses start and stop bits or similar encoding mechanism . Used in environments that transmit a variable amount of data in a periodic fashion .

Answer 17

Employs a challenge/response scheme to authenticate the user .

Answer 18

Attempt to gain unauthorized access to an information system’s services, resources, or information, or the attempt to compromise an information system’s integrity, availability, or confidentiality .

Answer 19

Components available to be used by an attacker against the product itself .

Answer 20

Gradual loss in intensity of any kind of flux through a medium . As an electrical signal travels down a cable, the signal can degrade and distort or corrupt the data it is carrying .

Answer 21

A column in a two-dimensional database .

Answer 22

Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures .

Answer 23

Chronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event .

Answer 24

To verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an information system, or to establish the validity of a transmission .

Answer 25

Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s authorization to receive specific categories of information .

Answer 26

– Protocol within the IPSec suite used for integrity and authentication .

Answer 27

Cryptosystem or process used for authentication .

Answer 28

Means used to confirm the identity of a station, originator, or individual .

Answer 29

A type of code signing, which is the process of digitally signing software components and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was digitally signed . Authenticode is Microsoft’s implementation of code signing .

Answer 30

Access privileges granted to a user, program, or process .

Answer 31

– Reliable and timely access to data and resources is provided to authorized individuals .

Answer 32

Algorithm design requirement so that slight changes to the input result in drastic changes to the output .

Answer 33

Hidden software or hardware mechanism used to circumvent security controls . Synonymous with trap door .

Answer 34

Copy of files and programs made to facilitate recovery, if necessary .

Answer 35

Display on an information system that sets parameters for system or data use .

Answer 36

Beginning of address space assigned to a process . Used to ensure a process does not make a request outside its assigned memory boundaries

Answer 37

– Uses the full bandwidth for only one communication channel and has a low data transfer rate compared to broadband .

Answer 38

A highly exposed device that will most likely be targeted for attacks, and thus should be properly locked down .

Answer 39

Allowing the suspicious code to execute within the operating system and watches its interactions with the operating system, looking for suspicious activities .

Answer 40

A formal state transition model of computer security policy that describes a set of access control rules that uses security labels on objects and clearances for subjects . It was developed by David E . Bell and Leonard J . LaPadula . Bell-LaPadula security model is for meeting the confidentiality security objective only .

Answer 41

A formal state transition access control security model that focuses on data integrity in an information system . In general, Biba integrity model has three goals – Prevent data modification by unauthorized subject, prevent unauthorized data modification by authorized subject, and maintain internal and external consistency . It is defined by Kenneth J . Biba .

Answer 42

Process of associating a specific communications terminal with a specific cryptographic key or associating two related elements of information

Answer 43

Automated methods of authenticating or verifying an individual based upon a physical or behavioral characteristic .

Answer 44

A type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory . This attack can be used to abuse communication between two or more parties . The attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations) .

Answer 45

Ratio between the number of bits incorrectly received and the total number of bits transmitted in a telecommunications system .

Answer 46

Symmetric algorithm type that encrypts chunks (blocks) of data at a time .

Answer 47

– Block symmetric cipher that uses 64-bit block sizes and variable-length keys .

Answer 48

The protocol that carries out core routing decisions on the Internet . It maintains a table of IP networks, or “prefixes,” which designate network reachability among autonomous systems .

Answer 49

– Software applications that run automated tasks over the Internet, which perform tasks that are both simple and structurally repetitive . Malicious use of bots is the coordination and operation of an automated attack by a botnet (centrally controlled collection of bots) .

Answer 50

Software, hardware, or physical barrier that limits access to a system or part of a system .

Answer 51

Divides the bandwidth of a communication channel into many channels, enabling different types of data to be transmitted at one time .

Answer 52

– Act of searching through information system storage to locate or acquire information, without necessarily knowing the existence or format of information being sought .

Answer 53

– Too much data is put into the buffers that make up a stack . Common attack vector used by hackers to run malicious code on a target system .

Answer 54

Simultaneous encryption of all channels of a multichannel telecommunications link .

Answer 55

Systems are connected to a single transmission channel (i .e ., network cable), forming a linear construct .

Answer 56

the overarching approach to managing all aspects of BCP and DRP .

Answer 57

Contains strategy documents that provide detailed procedures that ensure critical business functions are maintained and that help minimize losses of life, operations, and systems . A BCP provides procedures for emergency responses, extended backup operations, and post-disaster recovery .

Answer 58

A systematic process to determine and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident or emergency .

Answer 59

A device that provides bidirectional data communication via radio frequency channels on cable TV infrastructures . Cable modems are primarily used to deliver broadband Internet access to homes .

Answer 60

Fast memory type that is used by a CPU to increase read and write operations .

Answer 61

Simple substitution algorithm created by Julius Caesar that shifts alphabetic values three positions during its encryption and decryption processes

Answer 62

Procedure for identifying and authenticating a remote information system terminal, whereby the host system disconnects the terminal and reestablishes contact . Synonymous with dial back .

Answer 63

A process improvement approach that provides organizations with the essential elements of effective processes, which will improve their performance .

Answer 64

A capability table specifies the access rights a certain subject possesses pertaining to specific objects . A capability table is different from an ACL because the subject is bound to the capability table, whereas the object is bound to the ACL .

Answer 65

Used with Wireless Networks . Carrier sense (CS): The initial idea is that participants may only send data over the network if the transmission medium is free . The carrier status detection checks the channel any time, and data is not sent until it’s available . Multiple access (MA): Several stations share a transmission medium . It is crucial for functioning communication that all of them adhere to a binding protocol . Collision avoidance (CA): A complex schedule tries to ensure that two or more participants do not start a transmission at the same time to avoid collisions . If overlapping does occur, this will be detected and the transmission will be tried again .

Answer 66

Used in Wired Ethernet networks . Carrier sense (CS): The carrier state detection makes sure that all network participants check whether the medium is currently free – only then does the protocol initiate data transmission Multiple access (MA): Several participants (computers connected to the network) share a transmission medium Collision detection (CD): The collision detection is an extension of the original protocol and regulates how to proceed in case data packets happen to collide .

Answer 67

Cipher block chaining message authentication code uses encryption for data integrity and data origin authentication .

Answer 68

An intersection of a row and a column .

Answer 69

A technique used to hide specific cells that contain sensitive information .

Answer 70

The physical building used to house inside plant equipment including telephone switches, which make telephone calls “work” in the sense of making connections and relaying the speech information .

Answer 71

A silicon component made up of integrated chips with millions of transistors that carry out the execution of instructions within a computer .

Answer 72

Digital identity used within a PKI . Generated and maintained by a certificate authority and used for authentication .

Answer 73

– Process whereby certificates are generated, stored, protected, transferred, loaded, used, and destroyed .

Answer 74

List that is maintained by the certificate authority of a PKI that contains information on all of the digital certificates that have been revoked .

Answer 75

Technical evaluation of the security components and their compliance to a predefined security policy for the purpose of accreditation .

Answer 76

– (C&A) Official responsible for performing the comprehensive evaluation of the security features of an information system and determining the degree to which it meets its security requirements . (PKI) Trusted entity authorized to create, sign, and issue public key certificates . By digitally signing each certificate issued, the user’s identity is certified, and the association of the certified identity with a public key is validated .

Answer 77

– Product of the certification effort documenting the detailed results of the certification activities .

Answer 78

Individual responsible for making a technical judgment of the system’s compliance with stated requirements, identifying and assessing the risks associated with operating the system, coordinating the certification activities, and consolidating the final certification and accreditation packages .

Answer 79

Prearranged procedure in which a subject requests authentication of another and the latter establishes validity with a correct reply .

Answer 80

– The process of controlling the changes that take place during the life cycle of a system and documenting the necessary change control activities .

Answer 81

A line bridging device for use with T-carriers, and that is required by PSTN providers at digital interfaces that terminate in a Data Service Unit (DSU) on the customer side . The DSU is a piece of telecommunications circuit terminating equipment that transforms digital data between telephone company lines and local equipment .

Answer 82

Cipher text generated by cryptographic logic to detect failures in cryptography .

Answer 83

Determines if sufficient supplies are stored at the backup site, telephone number listings are current, quantities of forms are adequate, and a copy of the recovery plan and necessary operational manuals are available . Under this testing technique, the recovery team reviews the plan and identifies key components that should be current and available . The checklist test ensures that the organization complies with the requirements of the disaster recovery plan .

Answer 84

Value computed on data to detect error or manipulation during transmission .

Answer 85

– Cryptanalysis attack where the attacker chooses a ciphertext and obtains its decryption under an unknown key .

Answer 86

Cryptanalysis attack where the attacker can choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts .

Answer 87

Another name for algorithm .

Answer 88

Enciphered information .

Answer 89

Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts .

Answer 90

A formal security model to preserve information integrity in an information system . The model focuses on “well-formed” transaction using a set of enforcement and certification rules . It is developed by David D . Clark and David R . Wilson .

Answer 91

Variable-length subnet masking, which allows a network to be divided into different-sized subnets . The goal is to increase the efficiency of the use of IP addresses since classful addressing schemes commonly end up in unused addresses .

Answer 92

Formal security determination by an authorized adjudicative office that an individual is authorized access, on a need to know basis, to a specific level of collateral classified information (TOP SECRET, SECRET, CONFIDENTIAL) .

Answer 93

Input validation is done at the client before it is even sent back to the server to process .

Answer 94

A threshold .

Answer 95

– Environment providing sufficient assurance that applications and equipment are protected against the introduction of malicious logic during an information system life cycle . Closed security is based upon a system’s developers, operators, and maintenance personnel having sufficient clearances, authorization, and configuration control

Answer 96

– Designs are built upon proprietary procedures, which inhibit interoperability capabilities .

Answer 97

The delivery of computer processing capabilities as a service rather than as a product, whereby shared resources, software, and information are provided to end users as a utility . Offerings are usually bundled as an infrastructure, platform, or software .

Answer 98

Cipher message authentication code that is based upon and provides more security compared to CBC-MAC .

Answer 99

Set of control objectives used as a framework for IT governance developed by Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI) .

Answer 100

Fact or opinion based information used to verify an individual’s identity .

Answer 101

Is just a building with power, raised floors, and utilities . No devices are available . This is the cheapest of the three options, but can take weeks to get up and operational .

Answer 102

– Procedure for initially keying crypto-equipment .

Answer 103

Applications and technology (e .g . , whiteboarding, group conferencing) that allow two or more individuals to share information real time in an inter- or intra-enterprise environment .

Answer 104

When two different messages are computed by the same hashing algorithm and the same message digest value results .

Answer 105

Two or more people working together to carry out fraudulent activities .

Answer 106

– Common Criteria (ISO 15408) - International standard used to assess the effectiveness of the security controls built into a system from functional and assurance perspectives .

Answer 107

Measures and controls taken to deny unauthorized individuals information derived from telecommunications and to ensure the authenticity of such telecommunications . Communications security includes cryptosecurity, transmission security, emission security, and physical security of COMSEC material .

Answer 108

– Probability that a particular vulnerability will be exploited within an interacting population and adversely impact some members of that population .

Answer 109

A nonhierarchical grouping of sensitive information used to control access to data more finely than with hierarchical security classification alone .

Answer 110

Mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following – (a) valid security clearance for the most restricted information processed in the system; (b) formal access approval and signed nondisclosure agreements for that information which a user is to have access; and (c) valid need-to-know for information which a user is to have access .

Answer 111

Tools that convert high-level language statements into the necessary machine-level format ( .exe, .dll, etc .) for specific processors to understand .

Answer 112

– Another type of virus that appends itself to executables on the system and compresses them by using the user’s permissions .

Answer 113

Type of incident where information is disclosed to unauthorized individuals or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred .

Answer 114

– Intentional or reckless misuse, alteration, disruption, or destruction of information processing resources .

Answer 115

Use of a crypto-algorithm program by a computer to authenticate or encrypt/decrypt information .

Answer 116

Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed, stored, and communicated .

Answer 117

See incident .

Answer 118

Hardware/software designed to provide computer security features in a larger system environment . Computing environment Workstation or server (host) and its operating system, peripherals, and applications .

Answer 119

– Encryption method that hides a secret message within an open message .

Answer 120

– Document detailing the method, act, process, or effect of using an information system

Answer 121

– Necessary level of secrecy is enforced and unauthorized disclosure is prevented .

Answer 122

Process of controlling modifications to hardware, firmware, software, and documentation to ensure the information system is protected against improper modifications prior to, during, and after system implementation .

Answer 123

– Management of security features and assurances through control of changes made to hardware, software, firmware, documentation, test, test fixtures, and test documentation throughout the life cycle of an information system

Answer 124

Substitution processes used in encryption functions to increase randomness .

Answer 125

Type of incident involving the introduction of data of one security classification or security category into data of a lower security classification or different security category .

Answer 126

Bases access decisions on the sensitivity of the data, not solely on subject identity .

Answer 127

Bases access decisions on the state of the situation, not solely on identity or content sensitivity .

Answer 128

Key held for use under specific operational conditions or in support of specific contingency plans . (See reserve keying material .)

Answer 129

Plan for continuing an organization’s (usually a (COOP) headquarters element) essential functions at an alternate site and performing those functions for the duration of an event with little or no loss of continuity before returning to normal operations .

Answer 130

Safeguard that is put in place to reduce a risk, also called a countermeasure .

Answer 131

Administrative, technical (logical), and physical

Answer 132

Part of the CPU that oversees the collection of instructions and data from memory and how they are passed to the processing components of the CPU .

Answer 133

Physical area (e .g ., building, room, etc .) to which only authorized personnel are granted unrestricted access . All other personnel are either escorted by authorized personnel or are under continuous surveillance .

Answer 134

– Minimum set of security functionality that enforces access control on individual users and makes them accountable for their actions through login procedures, auditing of security-relevant events, and resource isolation .

Answer 135

Secure telecommunications or information handling equipment, or associated cryptographic component, that is unclassified but governed by a special set of control requirements . Such items are marked “CONTROLLED CRYPTOGRAPHIC ITEM” or, where space is limited, “CCI .”

Answer 136

Mechanism that facilitates the adjudication of different interconnected system security policies (e .g ., controlling the flow of information into or out of an interconnected system) .

Answer 137

– Three-dimensional space surrounding information system equipment, within which unauthorized individuals are denied unrestricted access and are either escorted by authorized individuals or are under continuous physical or electronic surveillance .

Answer 138

– Official responsible for directing the operation of a cryptonet and for managing the operational use and control of keying material assigned to the cryptonet . Cookies – Data files used by web browsers and servers to keep browser state information and browsing preferences .

Answer 139

Multitasking scheduling scheme used by older operating systems to allow for computer resource time slicing .

Answer 140

– Protects the expression of ideas rather than the ideas themselves .

Answer 141

– Internal control model used for corporate governance to help prevent fraud developed by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission .

Answer 142

Calculating the value of a control . (ALE before implementing a control) - (ALE after implementing a control) - (annual cost of control) = value of control .

Answer 143

Action, device, procedure, technique, or other measure that reduces the vulnerability of an information system .

Answer 144

Unintended and/or unauthorized communications path that can be used to transfer information in a manner that violates an information system security policy .

Answer 145

Determination of the extent to which the security policy model and subsequent lower-level program descriptions may allow unauthorized access to information .

Answer 146

– Covert channel involving the direct or indirect writing to a storage location by one process and the direct or indirect reading of the storage location by another process . Covert storage channels typically involve a finite resource (e .g ., sectors on a disk) that is shared by two subjects at different security levels .

Answer 147

– Covert channel in which one process signals information to another process by modulating its own use of system resources (e .g ., central processing unit time) in such a way that this manipulation affects the real response time observed by the second process . CRAMM – Central Computing and Telecommunications Agency Risk Analysis and Management Method .

Answer 148

Information, passed from one entity to another, used to establish the sending entity’s access rights .

Answer 149

Information assurance solution that provides the ability to access or transfer information between two or more security domains .

Answer 150

An attack where a vulnerability is found on a web site that allows an attacker to inject malicious code into a web application .

Answer 151

A signal on one channel of a transmission creates an undesired effect in another channel by interacting with it . The signal from one cable “spills over” into another cable .

Answer 152

A special class of hash function that has certain properties which make it suitable for use in cryptography . It is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash) and is designed to be a one-way function, that is, a function which is infeasible to invert . The input data is often called the message, and the output (the hash value or hash) is often called the message digest or simply the digest .

Answer 153

Practice of uncovering flaws within cryptosystems .

Answer 154

Science of secret writing that enables an entity to store and transmit data in a form that is available only to the intended individuals .

Answer 155

The study of both cryptography and cryptanalysis .

Answer 156

– Hardware or software implementation of cryptography that contains all the necessary software, protocols, algorithms, and keys .

Answer 157

Error checking mechanism that checks data integrity by computing a polynomial algorithm based checksum .

Answer 158

Compilation of unclassified individual data systems and data elements that could result in the totality of the information being classified or of beneficial use to an adversary .

Answer 159

Physical connections between processing components and memory segments used to transmit data being used during processing procedures .

Answer 160

– Individual responsible for implementing and maintaining security controls to meet security requirements outlined by data owner .

Answer 161

Central repository of data elements and their relationships .

Answer 162

The act of willfully modifying information, programs, or documentation in an effort to commit fraud or disrupt production .

Answer 163

– A symmetric-key algorithm for the encryption of data . DES is the archetypal block cipher—an algorithm that takes a fixed-length string of plaintext bits and transforms it through a series of complicated operations into another ciphertext bitstring of the same length . In the case of DES, the block size is 64 bits . DES also uses a key to customize the transformation, so that decryption can supposedly only be performed by those who know the particular key used to encrypt . The key ostensibly consists of 64 bits; however, only 56 of these are actually used by the algorithm . Eight bits are used solely for checking parity, and are thereafter discarded . Hence the effective key length is 56 bits .

Answer 164

Memory protection mechanism used by some operating systems . Memory segments may be marked as non-executable so that they cannot be misused by malicious software .

Answer 165

Synonymous with information flow control .

Answer 166

Use of segregation in design decisions to protect software components from negatively interacting with each other . Commonly enforced through strict interfaces .

Answer 167

Condition existing when data is unchanged from its source and has not been accidentally or maliciously modified, altered, or destroyed .

Answer 168

– Otherwise known as knowledge discovery in database (KDD), which is the process of massaging the data held in the data warehouse into more useful information .

Answer 169

Considers data independently of the way the data are processed and of the components that process the data . A process used to define and analyze data requirements needed to support the business processes .

Answer 170

Corroborating the source of data is as claimed .

Answer 171

Individual responsible for the protection and classification of a specific data set .

Answer 172

– Protection of data from unauthorized (accidental or intentional) modification, destruction, or disclosure .

Answer 173

A representation of the logical relationship between elements of data .

Answer 174

Combines data from multiple databases or data sources into a large database for the purpose of providing more extensive information retrieval and data analysis .

Answer 175

A cross-referenced collection of data .

Answer 176

Manages and controls the database .

Answer 177

Revocation of the certification of an information system item or equipment for cause .

Answer 178

Act of transforming data into a readable format .

Answer 179

Convert encoded text to plain text by means of a code .

Answer 180

Generic term encompassing decode and decipher .

Answer 181

information system security mode of operation wherein each user, with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts, has all of the following – a . valid security clearance for all information within the system; b . formal access approval and signed nondisclosure agreements for all the information stored and/or processed (including all compartments, sub-compartments, and/or special access programs); and c . valid need-to-know for all information contained within the information system . When in the dedicated security mode, a system is specifically and exclusively dedicated to and controlled for the processing of one particular type or classification of information, either for full-time operation or for a specified period of time .

Answer 182

– Implementation of multiple controls so that successful penetration and compromise is more difficult to attain .

Answer 183

Procedure that reduces the magnetic flux to virtual zero by applying a reverse magnetizing field . Also called demagnetizing .

Answer 184

Data collection method that happens in an anonymous fashion .

Answer 185

Any action or series of actions that prevents any part of an information system from functioning .

Answer 186

Official with the authority to formally assume responsibility for operating a system at an acceptable level of risk . This term is synonymous with authorizing official, designated accrediting authority, and delegated accrediting authority .

Answer 187

Synonymous with call back .

Answer 188

Cryptanalysis method that uses the study of how differences in an input can affect the resultant difference at the output .

Answer 189

First asymmetric algorithm created and is used to exchange symmetric key values . Based upon logarithms in finite fields .

Answer 190

– Transposition processes used in encryption functions to increase randomness .

Answer 191

Access control technologies commonly used to protect copyright material .

Answer 192

Binary digits are represented and transmitted as discrete electrical pulses .

Answer 193

Ensuring the authenticity and integrity of a message through the use of hashing algorithms and asymmetric algorithms . The message digest is encrypted with the sender’s private key .

Answer 194

Procedure that appends data to, or performs a cryptographic transformation of, a data unit . The appended data or cryptographic transformation allows reception of the data unit and protects against forgery, e .g ., by the recipient .

Answer 195

A set of technologies that provide Internet access by transmitting digital data over the wires of a local telephone network . DSL is used to digitize the “last mile” and provide fast Internet connectivity .

Answer 196

Provides for the continuity of system operations after a disaster .

Answer 197

Means of restricting access to objects based on the (DAC) identity and need-to-know of users and/or groups to which the object belongs . Controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (directly or indirectly) to any other subject (unless restrained by mandatory access control) .

Answer 198

A routing protocol that calculates paths based on the distance (or number of hops) and a vector (a direction) .

Answer 199

Globally unique identifier representing an individual’s identity .

Answer 200

Perimeter network segment that is logically between internal and external networks . Its purpose is to enforce the internal network’s IA policy for external information exchange and to provide external, un-trusted sources with restricted access to releasable information while shielding the internal networks from outside attacks . A DMZ is also called a “screened subnet .”

Answer 201

The process of replicating the databases containing the DNS data across a set of DNS servers .

Answer 202

A set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attack types .

Answer 203

– U .S . Department of Defense architecture framework that ensures interoperability of systems to meet military mission goals .

Answer 204

– System or group of systems operating under a common security policy .

Answer 205

A hierarchical distributed naming system for computers, services, or any resource connected to an IP based network . It associates various pieces of information with domain names assigned to each of the participating entities .

Answer 206

This device has two interfaces and sits between an untrusted network and trusted network to provide secure access .

Answer 207

Refers to going through someone’s trash to find confidential or useful information . It is legal, unless it involves trespassing, but in all cases it is considered unethical .

Answer 208

A network configuration service for hosts on IP networks . It provides IP addressing, DNS server, subnet mask, and other important network configuration data to each host through automation .

Answer 209

A set of subroutines that are shared by different applications and operating system processes .

Answer 210

Activity in which the sender address and other arts of the e-mail header are altered to appear as though the e-mail originated from a different source . Since SMTP does not provide any authentication, it is easy to impersonate and forge e-mails .

Answer 211

– Asymmetric algorithm based upon the Diffie-Hellman algorithm used for digital signatures, encryption, and key exchange .

Answer 212

– Key generated in a COMSEC device by introducing (either mechanically or electronically) a seed key into the device and then using the seed, together with a software algorithm stored in the device, to produce the desired key .

Answer 213

Asymmetric algorithm based upon the algebraic structure of elliptic curves over finite fields . Used for digital signatures, encryption, and key exchange .

Answer 214

Computer system that is an integral part of a larger system .

Answer 215

– Cryptosystem performing or controlling a function as an integral element of a larger system or subsystem .

Answer 216

– Cryptography engineered into an equipment or system whose basic function is not cryptographic .

Answer 217

Protection resulting from measures taken to deny unauthorized individuals information derived from intercept and analysis of compromising emanations from crypto- equipment or an information system . (See TEMPEST .)

Answer 218

Protocol within the IPSec suite used for integrity, authentication, and encryption .

Answer 219

Act of transforming data into an unreadable format .

Answer 220

Collection of computing environments connected by one or more internal networks under the control of a single authority and security policy, including personnel and physical security .

Answer 221

Point at which an enclave’s internal network service layer connects to an external network’s service layer, i .e ., to another enclave or to a Wide Area Network (WAN) .

Answer 222

Convert plain text to cipher text by means of a code .

Answer 223

Generic term encompassing encipher and encode .

Answer 224

Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key .

Answer 225

Encryption method used by the sender of data that encrypts individual messages and not full packets .

Answer 226

Safeguarding information in an information system from point of origin to point of destination .

Answer 227

– Deliberate planting of apparent flaws in an information system for the purpose of detecting attempted penetrations .

Answer 228

Process intended to render magnetically stored information irretrievable by normal means .

Answer 229

Common LAN media access technology standardized by IEEE 802 .3 .

Answer 230

– Set of assurance requirements that represent a point on the Common Criteria predefined assurance scale .

Answer 231

Occurrence, not yet assessed, that may affect the performance of an information system

Answer 232

Channel that allows the violation of the security policy governing an information system and is usable or detectable by subjects external to the trusted computing base . (See covert channel .)

Answer 233

Presence of a vulnerability, which exposes the organization to a threat .

Answer 234

Capability of crypto-equipment or secure telecommunications equipment to resist efforts to extract key .

Answer 235

Extension to the intranet allowing selected outside users access to portions of an organization’s intranet .

Answer 236

A focused, qualitative approach that carries out prescreening to save time and money .

Answer 237

– Automatic protection of programs and/or processing systems when hardware or software failure is detected .

Answer 238

Selective termination of affected nonessential processing when hardware or software failure is determined to be imminent .

Answer 239

– Approach that dissects a component into its basic functions to identify flaws and those flaw’s effects .

Answer 240

Approach to map specific flaws to root causes in complex systems .

Answer 241

– A portable identity, and its associated entitlements, that can be used across business boundaries .

Answer 242

Ring-based token network protocol that was derived from the IEEE 802 .4 token bus timed token protocol . It can work in LAN or MAN environments and provides fault tolerance through dual-ring architecture .

Answer 243

A collection of records of the same type .

Answer 244

– System designed to defend against unauthorized access to or from a private network .

Answer 245

– Program recorded in permanent or semi-permanent computer memory .

Answer 246

Error of commission, omission, or oversight in an information system that may allow protection mechanisms to be bypassed .

Answer 247

– Type of incident involving insertion of a large volume of data resulting in denial of service .

Answer 248

An attribute of one table that is related to the primary key of another table

Answer 249

A DDoS attack type on a computer that floods the target system with a large amount of UDP echo traffic to IP broadcast addresses .

Answer 250

Cryptanalysis process used to identify weaknesses within cryptosystems by locating patterns in resulting ciphertext .

Answer 251

– Repeated switching of frequencies during radio transmission according to a specified algorithm, to minimize unauthorized interception or jamming of telecommunications .

Answer 252

Dividing available bandwidth into a series of nonoverlapping frequency sub-bands that are then assigned to each communicating source and user pair . FDM is inherently an analog technology .

Answer 253

One in which regular operations are stopped and processing is moved to the alternate site .

Answer 254

– Segment of security testing in which advertised security mechanisms of an information system are tested under operational conditions .

Answer 255

A technique used to discover flaws and vulnerabilities in software .

Answer 256

Identifies blocks of memory that were once allocated but are no longer in use and deallocates the blocks and marks them as free .

Answer 257

– Interface providing a compatibility between networks by converting transmission speeds, protocols, codes, or security measures .

Answer 258

Temporary memory location the CPU uses during its processes of executing instructions . The ALU’s ”scratch pad” it uses while carrying out logic and math functions .

Answer 259

– Mechanism limiting the exchange of information between systems

Answer 260

A standard that addresses call signaling and control, multimedia transport and control, and bandwidth control for point-to-point and multipoint conferences .

Answer 261

Unauthorized user who attempts to or gains access to an information system .

Answer 262

Dialogue between two information system’s for synchronizing, identifying, and authenticating themselves to one another .

Answer 263

Physically mapping software to individual memory segments .

Answer 264

Permanently installed key .

Answer 265

Cryptographic hash function that uses a symmetric key value and is used for data integrity and data origin authentication .

Answer 266

Combines records and fields that are related in a logical tree structure .

Answer 267

Refers to a system, component, or environment that is continuously operational .

Answer 268

Otherwise known as third-generation programming languages, due to their refined programming structures, using abstract statements .

Answer 269

Systems that entice with the goal of protecting critical production systems . If two or more honeypots are used together, this is considered a honeynet .

Answer 270

Fully configured with hardware, software, and environmental needs . It can usually be up and running in a matter of hours . It is the most expensive option, but some companies cannot be out of business longer than a day without very detrimental results .

Answer 271

A combination of HTTP and SSL\TLS that is commonly used for secure Internet connections and e-commerce transactions .

Answer 272

Combined use of symmetric and asymmetric algorithms where the symmetric key encrypts data and an asymmetric key encrypts the symmetric key .

Answer 273

– A hypervisor or virtual machine monitor (VMM) is a piece of computer software, firmware or hardware that creates and runs virtual machines . A computer on which a hypervisor is running one or more virtual machines is defined as a host machine . Each virtual machine is called a guest machine .

Answer 274

Process an information system uses to recognize an entity .

Answer 275

Smart card, metal key, or other physical object used to authenticate identity .

Answer 276

Tests enabling an information system to authenticate users or resources .

Answer 277

– Standard that specifies a set of protocols to meet the security requirements for protecting data traversing Ethernet LANs .

Answer 278

Standard that specifies unique per-device identifiers (DevID) and the management and cryptographic binding of a device (router, switch, access point) to its identifiers .

Answer 279

Attaches code to the file or application, which would fool a virus into “thinking” it was already infected .

Answer 280

Form of spoofing .

Answer 281

Type of incident involving accidental exposure of information to an individual not authorized access .

Answer 282

IS) Assessed occurrence having actual or potentially adverse effects on an information system . (COMSEC) Occurrence that potentially jeopardizes the security of COMSEC material or the secure electrical transmission of national security information .

Answer 283

Recognized action, specific, generalized, or theoretical, that an adversary might be expected to take in preparation for an attack .

Answer 284

Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation . These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities .

Answer 285

Aggregate of individuals, organizations, or systems that collect, process, or disseminate information, also included is the information itself .

Answer 286

Procedure to ensure that information transfers within an information system are not made from a higher security level object to an object of a lower security level .

Answer 287

– Usually the first step in an attacker’s methodology, in which the information gathered may allow an attacker to infer additional information that can be used to compromise systems .

Answer 288

Official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, dissemination, and disposal .

Answer 289

Aggregate of directives, regulations, rules, and practices that prescribe how an organization manages, protects, and distributes information .

Answer 290

Set of information resources organized for the collection, storage, processing, maintenance, use, sharing, dissemination, disposition, display, or transmission of information .

Answer 291

Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users, including those measures necessary to detect, document, and counter such threats .

Answer 292

– European standard used to assess the effectiveness of the security controls built into a system .

Answer 293

Values that are used with algorithms to increase randomness for cryptographic functions .

Answer 294

Setting the state of a cryptographic logic prior to key generation, encryption, or other operating mode .

Answer 295

Three dimensional space surrounding equipment that process classified and/or sensitive information within which TEMPEST exploitation is not considered practical or where legal authority to identify and remove a potential TEMPEST exploitation exists . Synonymous with zone of control .

Answer 296

Set of operations and commands that can be implemented by a particular processor (CPU) .

Answer 297

A circuit-switched telephone network system technology designed to allow digital transmission of voice and data over ordinary telephone copper wires . Integrity – Accuracy and reliability of the information and systems are provided and any unauthorized modification is prevented .

Answer 298

Checksum capable of detecting modification of an information system .

Answer 299

Written management authorization to interconnect information systems based upon acceptance of risk and implementation of established controls .

Answer 300

Common boundary between independent systems or modules where interactions take place .

Answer 301

Hardware, firmware, or software features within an information system that restrict access to resources only to authorized subjects .

Answer 302

– Block symmetric cipher that uses a 128-bit key and 64-bit block size .

Answer 303

– A core protocol of the IP suite used to send status and error messages .

Answer 304

Used by systems and adjacent routers on IP networks to establish and maintain multicast group memberships .

Answer 305

– An Internet standard protocol used by e-mail clients to retrieve e-mail from a remote server . E-mail clients using IMAP generally leave messages on the server until the user explicitly deletes them .

Answer 306

Core protocol of the TCP/IP suite . Provides packet construction, addressing, and routing functionality .

Answer 307

Used to establish security associates and an authentication framework in Internet connections . Commonly used by IKE for key exchange .

Answer 308

Tools that convert code written in interpreted languages to the machine-level format for processing .

Answer 309

– Software or hardware signal that indicates that system resources (i .e .,CPU) are needed for instruction processing .

Answer 310

An IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of an IPv4 network .

Answer 311

– Unauthorized act of bypassing the security mechanisms of a system .

Answer 312

– There are three methods - Unicast – Packet is sent from a single source to a single destination . Broadcast – Source packet is copied and sent to all the nodes on a network . Multicast – Source packet is copied and then sent to multiple destinations on a network .

Answer 313

– Protocol suite used to protect IP traffic through encryption and authentication . De facto standard VPN protocol .

Answer 314

IP version 6 is the successor to IP version 4 and provides 128-bit addressing, integrated IPSec security protocol, simplified header formats, and some automated configuration .

Answer 315

International standard for the implementation of a risk management program that integrates into an information security management system (ISMS) .

Answer 316

– Best practices for information technology services management processes developed by the United Kingdom’s Office of Government Commerce .

Answer 317

Small components (applets) that provide various functionalities and are delivered to users in the form of Java bytecode . Java applets can run in a web browser using a Java Virtual Machine (JVM) . Java is platform independent; thus, Java applets can be executed by browsers for many platforms .

Answer 318

Concept that an algorithm should be known and only the keys should be kept secret .

Answer 319

– Mode that a CPU works within when carrying out more trusted process instructions . The process has access to more computer resources when working in kernel versus user mode .

Answer 320

– Sequence of bits that are used as instructions that govern the acts of cryptographic functions within an algorithm .

Answer 321

Instance when two different keys generate the same ciphertext from the same plaintext .

Answer 322

– Generation of secret keys (subkeys) from an initial value (master key) .

Answer 323

COMSEC facility generating and distributing key in electrical form .

Answer 324

Process of exchanging public keys (and other information) in order to establish secure communications .

Answer 325

Public key and its corresponding private key as used in public key cryptography .

Answer 326

Mechanisms and processes that allow authorized parties to retrieve the cryptographic key used for data confidentiality .

Answer 327

– Sequence of symbols (or their electrical or mechanical equivalents) produced in a machine or auto-manual cryptosystem to combine with plain text to produce cipher text, control transmission security processes, or produce key .

Answer 328

– Key that encrypts or decrypts other key for transmission or storage .

Answer 329

Key, code, or authentication information in physical or magnetic form .

Answer 330

A range of possible values used to construct keys .

Answer 331

Component of a stream algorithm that creates random values for encryption purposes

Answer 332

Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext .

Answer 333

See security label .

Answer 334

– Elementary-level mandatory access control protection features and intermediate-level discretionary access control features in a TCB that uses sensitivity labels to make access control decisions .

Answer 335

Architecture that separates system functionality into hierarchical layers .

Answer 336

Principle requiring that each subject be granted the most restrictive set of privileges needed for the performance of authorized tasks . Application of this principle limits the damage that can result from accident, error, or unauthorized use of an information system .

Answer 337

Ending of address space assigned to a process . Used to ensure a process does not make a request outside its assigned memory boundaries .

Answer 338

Cryptanalysis method that uses the study of affine transformation approximation in encryption processes .

Answer 339

Technology that encrypts full packets (all headers and data payload) and is carried out without the sender’s interaction .

Answer 340

A routing protocol used in packet-switching networks where each router constructs a map of the connectivity within the network and calculates the best logical paths, which form its routing table .

Answer 341

Executes a program, or string of code, when a certain event happens or a date and time arrives .

Answer 342

– Indirect addressing used by processes within an operating system . The memory manager carries out logical-to-absolute address mapping .

Answer 343

Means of restricting access to objects based on the sensitivity of the information contained in the objects and the formal authorization (i .e ., clearance, formal access approvals, and need-to-know) of subjects to access information of such sensitivity .

ITPROTV Security Glossary Flashcards

(367 cards)