Terminology Flashcards
(121 cards)
1
Q
Access Control
A
The process of granting or denying specific requests for or attempts to connect to a corporate network.
2
Q
The process of granting or denying specific requests for or attempts to connect to a corporate network.
A
Access Control
3
Q
Access Control List (ACL)
A
Applies rules to switch ports or (Internet Protocol) IP addresses available to a host or switch. The rules determine whether packets can flow through those ports or IPs.
4
Q
Set of rules that apply to switch ports or (Internet Protocol) IP addresses available to a host or switch. The rules determine whether packets can flow through those ports or IPs.
A
Access Control List (ACL)
5
Q
Access Layer
A
The concentration point at which clients access the network. Access layer devices control traffic by localizing service requests to the access medial.
6
Q
The concentration point at which clients access the network. These devices control traffic by localizing service requests to the access medial.
A
Access Layer
7
Q
Accounting
A
The final piece in the AAA framework is accounting, which monitors the resources a user consumes during network access.
8
Q
The final piece in the AAA framework, which monitors the resources a user consumes during network access.
A
Accounting
9
Q
Agent
A
A piece of software that functions as an agent for a user or another program, working autonomously and continuously in a particular environment.
10
Q
A piece of software that functions as an agent for a user or another program, working autonomously and continuously in a particular environment.
A
Agent
11
Q
Antivirus
A
A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralizing the malicious code.
12
Q
A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralizing the malicious code.
A
Antivirus
13
Q
Attack Surface
A
The set of ways in which an adversary can enter a system and potentially cause damage.
14
Q
The set of ways in which an adversary can enter a system and potentially cause damage.
A
Attack Surface
15
Q
Authentication
A
The process of verifying the identity or other attributes of an entity (user, process, or device).
16
Q
The process of verifying the identity or other attributes of an entity (user, process, or device).
A
Authentication
17
Q
Authoization
A
A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource.
18
Q
A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource.
A
Authorization
19
Q
Compliance
A
A program that establishes risk-based controls to protect the integrity, confidentiality, and accessibility of information stored, processed, or transferred.
20
Q
A program that establishes risk-based controls to protect the integrity, confidentiality, and accessibility of information stored, processed, or transferred.
A
Compliance
21
Q
Data Breach
A
The unauthorized moment or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
22
Q
The unauthorized moment or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
A
Data Breach
23
Q
Data Loss Prevention
A
Procedures and mechanism to stop sensitive data from leaving a security boundary.
24
Q
Procedures and mechanism to stop sensitive data from leaving a security boundary.
A
Data Loss Prevention
25
Digital Certificate
A file or electronic password that proves the authenticity of a device, server, or user with cryptography and the public key infrastructure (PKI)
26
A file or electronic password that proves the authenticity of a device, server, or user with cryptography and the public key infrastructure (PKI)
Digital Certificate
27
Distributed Denial of Service (DDos)
A denial of service technique that uses numerous systems to perform the attack simultaneously.
28
A denial of service technique that uses numerous systems to perform the attack simultaneously.
Distributed Denial of Service (DDos)
29
Extensible Authentication Protocol (EAP)
An architectural framework that provides extensibility for the authentication methods for commonly used protected network access technologies, such as IEEE 802.1X-based wireless access, IEEE 802.1X-based wired access, and point-to-point protocol (PPP) connections such as Virtual Private Networking (VPN).
30
An architectural framework that provides extensibility for the authentication methods for commonly used protected network access technologies, such as IEEE 802.1X-based wireless access, IEEE 802.1X-based wired access, and point-to-point protocol (PPP) connections such as Virtual Private Networking (VPN).
Extensible Authentication Protocol (EAP)
31
Firewall
A hardware/software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorized.
32
A hardware/software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorized.
Firewall
33
HTTPS
Secure Hypertext Transfer Protocol is the secure version of HTTP. Data sent between the browser and server are encrypted to ensure protection. Which Network Protocol Types are Right for You?
34
The secure version of HTTP. Data sent between the browser and server are encrypted to ensure protection. Which Network Protocol Types are Right for You?
HTTPS
35
Information Security Policy
An aggregate of directives, regulations, roles and practices that prescribe how an organization manages, protects, and distributes information.
36
An aggregate of directives, regulations, roles and practices that prescribe how an organization manages, protects, and distributes information.
Information Security Policy
37
Intrusion Detection
The process and methods for analyzing information from networks and information systems to determine if a security break or security violation has occurred.
38
Internet of Things
A network of connected smart devices providing rich operational data to enterprises. It is a catch-all term for the growing number of electronics that aren't traditional computing devices, but are connected to the internet to gather data, receive instructions, or both.
39
A network of connected smart devices providing rich operational data to enterprises. It is a catch-all term for the growing number of electronics that aren't traditional computing devices, but are connected to the internet to gather data, receive instructions, or both.
Internet of Things
40
Internet Protocol Security (IPSec)
A secure network protocol suite that authenticates and encrypts data packets to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
41
A secure network protocol suite that authenticates and encrypts data packets to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
Internet Protocol Security (IPSec)
42
Lightweight Directory Access Protocol (LDAP)
An open, Vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an IP network.
43
An open, Vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an IP network.
Lightweight Directory Access Protocol (LDAP)
44
Link Layer
The lowest layer in the internet protocol suite, the networking architecture of the Internet. The link layer is the group of methods and communications protocols confined to the link that a host if physically connected to.
45
The lowest layer in the internet protocol suite, the networking architecture of the Internet. The link layer is the group of methods and communications protocols confined to the link that a host if physically connected to.
Link Layer
46
Local Area Network (LAN)
A network that covers a small area such as a small office or home. It physically connects all the computers located in the premises.
47
A network that covers a small area such as a small office or home. It physically connects all the computers located in the premises.
Local Area Network (LAN)
48
Media Access Control (MAC) Address
The unique 48-bit serial number in the network circuitry of every Ethernet and Wi-Fi device. The MAC address, which holds 256 trillion unique numbers, identifies that device from every other globally.
49
The unique 48-bit serial number in the network circuitry of every Ethernet and Wi-Fi device. The MAC address, which holds 256 trillion unique numbers, identifies that device from every other globally.
Media Access Control (MAC) Address
50
MAC Address Bypass (MAB)
An alternative authentication method for devices that do not support 802.1x.
51
An alternative authentication method for devices that do not support 802.1x.
MAC Address Bypass (MAB)
52
Malware
Software that compromises the operation of a system by performing an unauthorized function or process.
53
Software that compromises the operation of a system by performing an unauthorized function or process.
Malware
54
Man in the Middle (MitM) Attack
A form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association.
55
A form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association.
Man in the Middle (MitM) Attack
56
Micro-Segmentation
Creating secure zones in networks, in data centers, and cloud deployments by segregating sections so only designated users and applications can gain access to each segment.
57
Creating secure zones in networks, in data centers, and cloud deployments by segregating sections so only designated users and applications can gain access to each segment.
Micro-Segmentation
58
Mitigation
Implementing appropriate risk-reduction controls based on risk management priorities and analysis of alternatives.
59
Implementing appropriate risk-reduction controls based on risk management priorities and analysis of alternatives.
Mitigation
60
Multi-Factor Authentication (MFA)
An authentication method that requires the user to provide two or more verification factors to fain access to a resource such as an application, online account, or a VPN.
61
A
An authentication method that requires the user to provide two or more verification factors to fain access to a resource such as an application, online account, or a VPN.
Multi-Factor Authentication (MFA)
62
Multi-Protocol Label Switching (MPLS)
A packet protocol that ensures reliable connections for real-time applications, but its expensive, leading many enterprises to consider SD-WAN to limit its use.
63
A packet protocol that ensures reliable connections for real-time applications, but its expensive, leading many enterprises to consider SD-WAN to limit its use.
Multi-Protocol Label Switching (MPLS)
64
Network Access Control (NAC)
An approach to computer security that attempts to unify endpoint-security technology, user, or systems authentication, and network security enforcement.
65
An approach to computer security that attempts to unify endpoint-security technology, user, or systems authentication, and network security enforcement.
Network Access Control (NAC)
66
Network Operating System (NOS)
The operating system that runs on network switches. Cumulus Linux is an NOS.
67
The operating system that runs on network switches. Cumulus Linux is an NOS.
Network Operating System (NOS)
68
Network Operations Center (NOC)
Also known as a "network management center," is one or more locations from which network monitoring and control, or network management, is exercised over a computer network.
69
Also known as a "network management center," is one or more locations from which network monitoring and control, or network management, is exercised over a computer network.
Network Operations Center (NOC)
70
Network Resilience
The ability of a network to:
1) provide continuous operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged)
2) recover effectively if failure does occur
3) scale to meet rapid or unpredictable demands
71
The ability of a network to:
1) provide continuous operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged)
2) recover effectively if failure does occur
3) scale to meet rapid or unpredictable demands
Network Resilience
72
Network Switch
A device that operates a the Data Link Layer of the OSI model - Layer 2. It takes in packets being sent by devices that are connected to its physical ports and sends then out again, but only through the ports that lead to the devices the packets are intended to reach. They also operate at the network layer - Layer 3 where routing occurs.
73
A device that operates a the Data Link Layer of the OSI model - Layer 2. It takes in packets being sent by devices that are connected to its physical ports and sends then out again, but only through the ports that lead to the devices the packets are intended to reach. They also operate at the network layer - Layer 3 where routing occurs.
Network Switch
74
Network Virtualization
The combination of network hardware and software resources with network functionality into a single, software-based administrative entity known as a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.
75
The combination of network hardware and software resources with network functionality into a single, software-based administrative entity known as a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.
Network Virtualization
76
Passive Attack
An actual assault perpetrated by an intentional thread source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, data, or operations.
77
An actual assault perpetrated by an intentional thread source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, data, or operations.
Passive Attack
78
Phishing
The fraudulent practice of sending emails purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords, and credit card numbers.
79
The fraudulent practice of sending emails purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords, and credit card numbers.
Phishing
80
Public Key Infrastructure (PKI)
A framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the internet.
81
A framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the internet.
Public Key Infrastructure (PKI)
82
Remote Authentication Dial-In User Service (RADIUS)
A protocol that provides centralized authentication, authorization, and accounting management (AAA) for users connected to a network device or service.
83
A protocol that provides centralized authentication, authorization, and accounting management (AAA) for users connected to a network device or service.
Remote Authentication Dial-In User Service (RADIUS)
84
Redundancy
Additional or alternative systems, sub-systems, assets, or processes that maintain a degree of overall functionality in case of loss or failure of another system, sub-system, asset, or process.
85
Additional or alternative systems, sub-systems, assets, or processes that maintain a degree of overall functionality in case of loss or failure of another system, sub-system, asset, or process.
Redundancy
86
Risk Assessment
The appraisal of the risks facing a network, and includes determining the extent to which adverse circumstances or events could result in harmful consequences.
87
Additional or alternative systems, sub-systems, assets, or processes that maintain a degree of overall functionality in case of loss or failure of another system, sub-system, asset, or process.
Redundancy
88
Router
A networking device that forwards data packets between computer networks. Routers operate at Layer 3 of the OSI model and perform traffic-directing functions between subnets within organizations and on the internet.
89
A networking device that forwards data packets between computer networks. Routers operate at Layer 3 of the OSI model and perform traffic-directing functions between subnets within organizations and on the internet.
Router
90
Single Sign-On (SSO)
An authentication method that enables users to securely authenticate with multiples applications and websites by using just one set of credentials.
91
An authentication method that enables users to securely authenticate with multiples applications and websites by using just one set of credentials.
Single Sign-On (SSO)
92
Software-Defined Wide-Area Networks (SD-WAN)
Software that can manage and enforce the routing of WAN traffic to the appropriate wide-area connection based on policies that can take into consideration factors including cost, link, performance, time of day, and application needs based on policies. Like its bigger technology brother, software-defined networking, SD-WAN decouples the control plane from the data plane.
93
Software that can manage and enforce the routing of WAN traffic to the appropriate wide-area connection based on policies that can take into consideration factors including cost, link, performance, time of day, and application needs based on policies. Like its bigger technology brother, software-defined networking, SD-WAN decouples the control plane from the data plane.
Software-Defined Wide-Area Networks (SD-WAN)
94
Secure Access Service Edge (SASE)
A network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.
95
A network architecture that rolls software-defined wide area networking (SD-WAN) and security into a cloud service that promises simplified WAN deployment, improved efficiency and security, and to provide appropriate bandwidth per application.
Secure Access Service Edge (SASE)
96
Software-Defined Networking (SDN)
A cloud computing strategy that facilitates network management and enables programmatically efficient network configuration to improve network performance and monitoring.
97
A cloud computing strategy that facilitates network management and enables programmatically efficient network configuration to improve network performance and monitoring.
Software-Defined Networking (SDN)
98
Spoofing
Faking the sending address of a transmission to gain illegal (unauthorized) entry into a secure system.
98
Faking the sending address of a transmission to gain illegal (unauthorized) entry into a secure system.
Spoofing
99
Secure Socket Layer (SSL)
A network security protocol primarily used for ensuring secure internet connections and protecting sensitive data. The protocol can allow for server/client communication as well as server/server connection. Data transferred with SSL is encrypted to prevent it from being readable.
100
A network security protocol primarily used for ensuring secure internet connections and protecting sensitive data. The protocol can allow for server/client communication as well as server/server connection. Data transferred with SSL is encrypted to prevent it from being readable.
Secure Socket Layer (SSL)
101
System Administration
Cybersecurity work where a person: Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability; also manages accounts, firewalls, and patches; responsible for access control, passwords, and account creation and administration.
102
Cybersecurity work where a person: Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability; also manages accounts, firewalls, and patches; responsible for access control, passwords, and account creation and administration.
System Administration
103
Terminal Access Controller Access Control System (TACACS)
An authentication protocol used for remote authentication and related services for networked access control through a centralized server.
104
An authentication protocol used for remote authentication and related services for networked access control through a centralized server.
Terminal Access Controller Access Control System (TACACS)
105
Threat Agent
An individual, group, organization or government that conducts or has the intent to conduct detrimental activities.
106
An individual, group, organization or government that conducts or has the intent to conduct detrimental activities.
Threat Agent
107
Threat Assessment
The product or process of identifying or evaluating entities, actions, or occurrences, whether natural or man-made, that have or indicate the potential to harm life, information, operations, and/or property.
108
The product or process of identifying or evaluating entities, actions, or occurrences, whether natural or man-made, that have or indicate the potential to harm life, information, operations, and/or property.
Threat Assessment
109
Trojan Horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
110
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
Trojan Horse
111
Virus
A computer program that can replicate itself, infect a computer without a permission or knowledge of the user, and then spread or propagate the another computer.
112
A computer program that can replicate itself, infect a computer without a permission or knowledge of the user, and then spread or propagate the another computer.
Virus
113
Virtual Private Network (VPN)
A Virtual Private Network can create secure remote-access and site-to-site connections inexpensively, are a stepping stone to software-defined WANs, and are proving useful in IoT.
114
Creates secure remote-access and site-to-site connections inexpensively, are a stepping stone to software-defined WANs, and are proving useful in IoT.
Virtual Private Network (VPN)
115
Vulnerability
A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard.
116
A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard.
Vulnerability
117
Wide-Area Network (WAN)
A network that uses various links-private lines, Multiprotocol Label Switching (MPLS), virtual private networks (VPNs), wireless (cellular), the Internet - to connect organizations' geographically distributed sites. In an enterprise, a WAN could connect branch offices and individual remote workers with headquarters or the data center.
118
A network that uses various links-private lines, Multiprotocol Label Switching (MPLS), virtual private networks (VPNs), wireless (cellular), the Internet - to connect organizations' geographically distributed sites. In an enterprise, a WAN could connect branch offices and individual remote workers with headquarters or the data center.
Wide-Area Network (WAN)
119
Zero-Touch Provisioning (ZTP)
A switch feature that enables automation of provisioning and configuration.
120
A switch feature that enables automation of provisioning and configuration.
Zero-Touch Provisioning (ZTP)
