Security Engineering Flashcards Preview

Game Changer > Security Engineering > Flashcards

Flashcards in Security Engineering Deck (48):
1

Ability to deduce (infer) sensitive or restricted information from observing available information.

Inference

2

Primarily concerned with how subjects and objects are created, assigned rights or privileges, and how ownership is managed.

Graham-Denning

3

Defines the organizational structure and skill requirements of an IT Org as well as the set of operational procedures & practices that direct IT operations & infrastructure, including information Security operations

IT Infrastructure Library (ITIL)

4

Represents the total number of possible values of keys in a cryptographic algorithm or other security measure, such as a password

Key Space

5

Formula to determine how many keys in PKI environment

N(N-1)/2

6

The size of the key, usually measured in bits or bytes, which a cryptographic algorithm used in ciphering or deciphering protected information.

Key Length

7

Performs certificate registration services on behalf of a CA

Registration Authority (RA)

8

Involves the removal of characteristics from an entity in order to easily represent its essential properties

Abstraction

9

The study of techniques for attempting to defeat cryptography techniques and information security services

Cryptoanalysis

10

Smart networked systems with embedded sensors, processors, & actuators that are designed to sense & interact with the physical world & support real-time, guaranteed performance in safety-critical apps

Cyber-Physical Systems

11

Maintains activities at different security levels to separate these levels from each other

Data Hiding

12

The science that deals with hidden, disguised, or encrypted communications. It embraces communications security & communications intelligence

Cryptology

13

A repository for information collected from a variety of data sources.

Data Warehouse

14

Electronic document that contains the name of an Org or individual, business address, digital signature of the CA issuing the certificate, the certificate holder's public key, a serial number, & expiration date

Digital Signature

15

Provided by mixing up the location of the plaintext throughout the ciphertext

Diffusion

16

The reverse process from encoding-converting the encoded message back into its plaintext format

Decoding

17

Attempt to take advantage of how a system handles multiple requests

State Attacks

18

Holistic life cycle for developing security architecture that begins with assessing business requirements & subsequently creating a "chain of traceability" through the phases of strategy, concept, design, implementation, & metrics

Sherwood Applied Business Security Architecture Framework (SABSA)

19

Diving a computer's memory into segments

Segmentation

20

An area or grouping within which a defined set of security policies & measures are applied to achieve a specific level of security

Security Zone of Control

21

An XML-based standard used to exchange authentication & authorization information.

Security Assertion Markup Language (SAML)

22

Holds data not currently being used by the CPU & is used when data must be stored for an extended period of time using high-capacity, nonvolatile storage.

Secondary Storage

23

Provides a structured methodology for documenting security requirements, documenting & validating security capabilities, & promoting international cooperation in the area of IT Security

Common Criteria

24

Provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns.

Community Cloud Infrastructure

25

Provided by mixing (changing) the key values used during the repeated rounds of encryption. When the key is modified for each round, it provides added complexity that the attacker would encounter.

Confusion

26

Provides a set of generally accepted processes to assist in maximizing the benefits derived using IT & developing appropriate IT governance

Control Objectives for Information and Related Technology (COBIT)

27

Communications mechanisms hidden from the access control & standard monitoring system of an information system.

Covert Channels

28

Logical structure for identifying & organizing the descriptive representations (models) that are important in the management of enterprises & to the development of the systems, both automated & manual, that comprise them.

Zachman Framework

29

Represents the time & effort required to break a protective measure.

Work Factor

30

Process of reordering the plaintext to hide the message.

Transposition

31

Architecture content framework (ACF) to describe standard building blocks & components as well as numerous references models.

The Open Group Architecture Framework (TOGAF)

32

Core of an OS, & one of its main functions is to provide access to system resources, which includes the system's hardware & processes.

System Kernel

33

A non-secret binary vector used as the initializing input algorithm for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance & to synchronize cryptographic equipment.

Initialization Vector

34

Composition of two or more distinct cloud infrastructures (private, community, cloud, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data & application portability.

Hybrid Cloud Infrastructure

35

Action of changing a message into another format through the use of a code.

Encoding

36

Used to provide computing services in a small form factor with limited processing power.

Embedded Systems

37

Provide authentication of a sender & integrity of a sender's message.

Digital Signature

38

A broad range of technologies that grant control & protection to content providers over their own digital media

Digital Rights Management (DRM)

39

Provides a foundation upon which organizations can establish & review information technology security programs.

"Generally Accepted Principles & Practices for Securing Information Technology Systems" (NIST SP 800-14)

40

The storage of programs or instructions in ROM.

Firmware

41

Focused on setting the long-term strategy for security services in the enterprise.

Enterprise Security Architecture (ESA)

42

Used to control industrial processes such as manufacturing, product handling, production, & distribution.

Industrial Control Systems (ICS)

43

Accepts an input message of any length & generates, through a one-way operation, a fixed-length output.

Hash Function

44

Describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering.

ISO/IEC 21827:2008, The Systems Security Engineering - Capability Maturity Model (SSE-CMM)

45

Process of exchanging one letter or byte for another.

Substitution

46

Operate with a single cryptographic key that is used for both encryption & decryption of the message.

Symmetric Algorithms

47

When a cryptosystem performs its encryption on a bit-by-bit basis.

Stream-based Ciphers

48

Describes the behavior of a system as it moves between one state & another, from one moment to another.

State Machine Model