Security Operations

Question 1

Application Server

Answer 1

A computer responsible for hosting applications to user workstations.

Question 2

Asymmetric Encryption

Answer 2

An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext.

Question 3

Checksum

Answer 3

A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.

Question 4

Ciphertext

Answer 4

The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. In other words, it has been turned into a secret.

Question 5

Classification

Answer 5

Classification identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an unauthorized person, process or organization. In short, classification is focused first and foremost on maintaining the confidentiality of the data, based on the data sensitivity.

Question 6

Configuration Management

Answer 6

A process and discipline used to ensure that the only changes made to a system are those that have been authorized and validated.

Question 7

Cryptanalyst

Answer 7

One who performs cryptanalysis which is the study of mathematical techniques for attempting to defeat cryptographic techniques and/or information systems security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the algorithm itself.

Question 8

Cryptography

Answer 8

The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning.

Question 9

Data Loss Prevention

Answer 9

System capabilities designed to detect and prevent the unauthorized use and transmission of information.

Question 10

Decryption

Answer 10

The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key for decryption (which is the same for symmetric encryption, but different for asymmetric encryption). This term is also used interchangeably with the “deciphering.”

Question 11

Degaussing

Answer 11

A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data.

Question 12

Digital Signature

Answer 12

The result of a cryptographic transformation of data which, when properly implemented, provides the services of origin authentication, data integrity, and signer non-repudiation.

Question 13

Egress Monitoring

Answer 13

Monitoring of outgoing network traffic.

Question 14

Encryption

Answer 14

The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings.

Question 15

Encryption System

Answer 15

The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability.

Question 16

Hardening

Answer 16

A reference to the process of applying secure configurations (to reduce the attack surface) and locking down various hardware, communications systems, and software, including operating system, web server, application server, application, etc. Hardening is normally performed based on industry guidelines and benchmarks, such as those provided by the Center for Internet Security (CIS).

Question 17

Hash Function

Answer 17

An algorithm that computes a numerical value (called the hash value) on a data file or electronic message that is used to represent that file or message and depends on the entire contents of the file or message. A hash function can be considered to be a fingerprint of the file or message. NIST SP 800-152

Question 18

Hashing

Answer 18

The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data.

Question 19

Information Sharing

Answer 19

The requirements for information sharing by an IT system with one or more other IT systems or applications, for information sharing to support multiple internal or external organizations, missions, or public programs.

Question 20

Ingress Monitoring

Answer 20

Monitoring of incoming network traffic.

Question 21

Message Digest

Answer 21

A digital signature that uniquely identifies data and has the property such that changing a single bit in the data will cause a completely different message digest to be generated.

Question 22

Operating System

Answer 22

The software “master control application” that runs the computer. It is the first program loaded when the computer is turned on, and its main component, the kernel, resides in memory at all times. The operating system sets the standards for all application programs (such as the Web server) that run in the computer. The applications communicate with the operating system for most user interface and file management operations.

Question 23

Patch

Answer 23

A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component.

Question 24

Patch Management

Answer 24

The systematic notification, identification, deployment, installation and verification of operating system and application software code revisions. These revisions are known as patches, hot fixes, and service packs.

Question 25

Plaintext

Answer 25

A message or data in its natural format and in readable form; extremely vulnerable from a confidentiality perspective.

Question 26

Records

Answer 26

The recordings (automated and/or manual) of evidence of activities performed or results achieved (e.g., forms, reports, test results), which serve as a basis for verifying that the organization and the information system are performing as intended. Also used to refer to units of related data fields (i.e., groups of data fields that can be accessed by a program and that contain the complete set of information on particular items).

Question 27

Records Retention

Answer 27

A practice based on the records life cycle, according to which records are retained as long as necessary, and then are destroyed after the appropriate time interval has elapsed.

Question 28

Remanence

Answer 28

Residual information remaining on storage media after clearing.

Question 29

Request for change (RFC)

Answer 29

The first stage of change management, wherein a change in procedure or product is sought by a stakeholder.

Question 30

Security Governance

Answer 30

The entirety of the policies, roles, and processes the organization uses to make security decisions in an organization.

Question 31

Social engineering

Answer 31

Tactics to infiltrate systems via email, phone, text, or social media, often impersonating a person or agency in authority or offering a gift. A low-tech method would be simply following someone into a secure building.

Question 32

Symmetric encryption

Answer 32

An algorithm that uses the same key in both the encryption and the decryption processes.

Question 33

Web Server

Answer 33

A computer that provides World Wide Web (WWW) services on the Internet. It includes the hardware, operating system, Web server software, and Web site content (Web pages). If the Web server is used internally and not by the public, it may be known as an “intranet server.”