Vocabulary1 Flashcards

Question

agile software development

Answer 1

flexible software development model that eveolved as a reaction to rigid software development modes such as the waterfall model

Answer 2

OOP concept that connects objects to others; highly coupled objects have low cohesion.

Answer 3

Entitlements The permissions granted to a user.

Answer 4

Knowledge base Expert system component that consists of ?if/then? statements.

Answer 5

Mesh Physical network topology that interconnects network nodes to each other.

Answer 6

starts with lo-level technical implementation details and works up to the concept of the completed program

Answer 7

802.11 peer-to-peer mode with no central AP

Answer 8

Graham?Denning model Has three parts: objects, subjects, and rules; it provides a more granular approach for interaction between subjects and objects.

Answer 9

Entrapment A legal defense where the defendant claims an agent of law enforcement persuaded the defendant to commit a crime that he or she would otherwise not have committed.

Answer 10

Genetic programming Creating entire software programs (usually in the form of Lisp source code) via Darwinian evolution principles.

Answer 11

actions an individual can perform on a system

Answer 12

Lattice-based access controls Nondiscretionary access control with defined upper and lower bounds implemented by the system.

Answer 13

gives the tester no internal details; the software is treated as a black box that receives inputs

Answer 14

identifies the calling phone number; sometimes used as a weak authentication method

Answer 15

FDDI Fiber Distributed Data Interface?Legacy LAB technology that uses light.

Answer 16

Fitness function Genetic algorithm concept that assigns a score to an evolved algorithm.

Answer 17

CPU component that acts as a traffic cop, sending instructions to the ALU.

Answer 18

EAP?Flexible Authentication via Secure Tunneling?Designed by Cisco to replace LEAP.

Answer 19

first 802.11 wireless security standard that provides reasonable security

Answer 20

Disclosure, Alteration, and Destruction?The opposite of confidentiality, integrity, and availability.

Answer 21

Entity integrity Requires that each tuple has a unique primary key that is not null.

Answer 22

802.15 networking, a PAN wireless technology

Answer 23

The area that is in focus.

Answer 24

bit-level copy of memory

Answer 25

Discretionary Access Control?Gives subjects full control of objects they have been given access to, including sharing the objects with other subjects.

Answer 26

machine-indecednet interpreted code, used by Java

Answer 27

asynchronous Response Mode: HDLC mode where secondary nodes may initiate communication with the primary

Answer 28

uniform ways to implement a safeguard; an administrative control

Answer 29

A large collection of data.

Answer 30

A structured collection of related data.

Answer 31

Full disclosure The controversial practice of releasing vulnerability details publicly.

Answer 32

black box testing method that seeks to identify and test all unique combinations of software inputs

Answer 33

Data Circuit-Terminating Equipment?A device that networks DTEs, such as a router.

Answer 34

Border Gateway Protocol: routing protocol used on the internet

Answer 35

MPLS Multiprotocol Label Switching?Provides a way to forward WAN data via labels.

Answer 36

Facial scan Biometric control compares a picture of a face to pictures stored in a database.

Answer 37

The severity of damage, sometimes expressed in dollars (value).

Answer 38

Password cracking method that uses a predefined list of words, like a dictionary, running each word through a hash algorithm.

Answer 39

Asymmetric Digital Subscriber Line--DSL featuring faster download speeds than upload

Answer 40

Control Objectives for Information and Related Technology: a control framework for employing information security governance best practices w/in an org

Answer 41

Genetic algorithms Creating computer algorithms via Darwinian evolution principles.

Answer 42

Internet Key Exchange?Manages the IPsec encryption algorithm.

Answer 43

Computer systems that contains CPU, memory, and firmware but no hard drive; type of thin client.

Answer 44

Domain Name System?A distributed global hierarchical database that translates names to IP addresses, and vice versa.

Answer 45

Type of intellectual property that protects the form of expression in artistic, musical, or literary works.

Answer 46

IPv6 autoconfiguration Autoconfiguration of a unique IPv6 address, omitting the need for static addressing or DHCP.

Answer 47

(failed) 1993 Escrowed Encryption Standard (EES) which used the skipjack algorithm

Answer 48

Testimony provided by a witness regarding what the witness actually experienced.

Answer 49

Adds additional criteria beyond identification and authentication; the context of the access, such as time.

Answer 50

Interior Gateway Protocol.

Answer 51

Mirroring Complete duplication of data to another disk, used by some levels of RAID.

Answer 52

predecessor to the Internet

Answer 53

determinateino, typically made by a senior security professional, about whether or not a user can be trusted with a specific level of information

Answer 54

Fraggle attack Smurf attack variation that uses UDP instead of ICMP.

Answer 55

MAC (access control) Mandatory Access Control?System-enforced access control based on subjects? clearances and objects? labels.

Answer 56

security model focused on maintaining the confidentiality of objects

Answer 57

Routing protocol that uses a simple metric, such as hop count.

Answer 58

Minutiae Specific fingerprint details that include whorls, ridges, bifurcation, and others.

Answer 59

Capability maturity model: maturity framework for evaluating and improving the software development process

Answer 60

Data Definition Language?Used to create, modify, and delete tables.

Answer 61

First step of the NIST SP 800?34 contingency planning process.

Answer 62

Hebern machines Class of cryptographic devices known as rotor machines, includes Enigma and SIGABA.

Answer 63

Key agreement that allows two parties to securely agree on a symmetric key via a public channel with no prior key exchange.

Answer 64

Seeks to identify objects that are prohibited from entering a secure perimeter (such as an airplane).

Answer 65

Hacktivist Hacker activist; someone who attacks computer systems for political reasons.

Answer 66

occurs when employees not only maintain old access rights but also gain new ones as they move from one division to another within an organization

Answer 67

encryption that uses 2 keys--one to encrypt, one to decrypt

Answer 68

Ethics Doing what is morally right.

Answer 69

Integration testing Testing multiple software components as they are combined into a working system.

Answer 70

HDLC High-Level Data Link Control?The successor to SDLC.

Answer 71

modem-based authentication system

Answer 72

proxy firewall that operates up to layer 7

Answer 73

Lock picking The art of unlocking a lock without a key.

Answer 74

good disk blocks marked as bad

Answer 75

condition where an attacker can insert data beyond the end of a buffer variable

Answer 76

Hierarchical database Database that forms a tree.

Answer 77

Advanced Encryption Standard: block cipher using 128- 192- or 256-bit keys to encrypt 129-bit blocks of data

Answer 78

Central Processing Unit?The ?brains? of the computer, capable of controlling and performing mathematical calculations.

Answer 79

acting on the authority of law enforcement

Answer 80

implemented by creating and following organizational policy, procedure, or regulation; also called directive controls

Answer 81

continuity standard by the British Standards Institute

Answer 82

cyptographic method that uses whole words from a well-known text such as a dictionary as a one-to-one replacement for plaintext

Answer 83

second step of NIST SP 800-34 contingency planning process

Answer 84

Application of multiple safeguards that span multiple domains to protect an asset.

Answer 85

Hearsay Second-hand evidence.

Answer 86

Destroying the integrity of the magnetization of the storage media, making the data unrecoverable.

Answer 87

Layer 2 of the OSI model; handles access to the physical layer as well as local area network communication.

Answer 88

IPv6 Internet Protocol version 6, the successor to IPv4?IPv6 features far larger address space, simpler routing, and simpler address assignment.

Answer 89

First sale doctrine Allows a legitimate purchaser of copyrighted material to sell it to another person.

Answer 90

Inheritance Objects inherit capabilities from their parent class.

Answer 91

the key POC for ensuring that a BCP/DRP is not only completed but routinely tested

Answer 92

challenge Handshake Authentication Protocol: a more secure network authentication protocol that uses a shared secret

Answer 93

FDE Full Disk Encryption?Also called whole disk encryption.

Answer 94

Hybrid attack Password attack that appends, prepends, or changes characters in words from a dictionary.

Answer 95

Flash memory A specific type of EEPROM, used for small portable disk drives.

Answer 96

Full backup An archive of all files.

Answer 97

Fiber optic network cable Uses light to carry information.

Answer 98

Footcandle One lumen per square foot.

Answer 99

MTTR Mean Time to Repair?Describes how long it will take to recover a failed system.

Answer 100

Computer Security Incident Response Team?The group that is tasked with monitoring, identifying, and responding to security incidents.

Answer 101

a cryptographic algorithm

Answer 102

Enrollment The process of enrolling with a system (such as a biometric authentication system), creating an account for the first time.

Answer 103

GAN Global Area Network?A global collection of WANs.

Answer 104

Legal liability Liability enforced through civil law.

Answer 105

technical enforcement of need to know

Answer 106

Science of creating messages whose meaning is hidden.

Answer 107

communication that sends a continuous wave of information

Answer 108

OOP concept that describes an independent object; objects with high cohesion have low coupling

Answer 109

Data Encryption Standard?A symmetric block cipher using a 56-bit key and 64-bit block size.

Answer 110

\* Integrity axiom Biba property that states ?no write up.?

Answer 111

Describes the process of selecting the right cipher and implementation for the right job.

Answer 112

Exposure Factor?The percentage of value an asset lost due to an incident.

Answer 113

crisis management plan

Answer 114

Intrusion Detection System?A detective technical control.

Answer 115

ISAKMP Internet Security Association and Key Management Protocol?Manages the IPsec Security Association process.

Answer 116

seeks to prevent the unauthorized disclosure of information

Answer 117

Full knowledge test A penetration test where the tester is provided with inside information at the start of the test.

Answer 118

real-world integrity model that protects integrity by having subjects access objects via programs

Answer 119

layer 2 device that has two ports and connnects network segments together

Answer 120

Interpreted code Code that is compiled on the fly each time the program is run.

Answer 121

MAN Metropolitan Area Network?Typically confined to a city, a Zip Code, or a campus or office park.

Answer 122

security model focused on maintaining the integrity of objects

Answer 123

Continuity Of Operations Plan?A plan to maintain operations during a disaster.

Answer 124

Successor to RADIUS; designed to provide an improved authentication, authorization, and accounting (AAA) framework.

Answer 125

virus that infects the boot sector of a PC; the virus loads upon system startup

Answer 126

Hash Function One-way encryption using an algorithm and no key.

Answer 127

artificial Neural Networks: networks that simulate neural networks found in humans and animals

Answer 128

HIDS Host-based intrusion detection system?A detective technical control.

Answer 129

MIC Message Integrity Check?Integrity protocol used by WPA2.

Answer 130

Modem Modulator/demodulator?Takes binary data and modulates it into analog sound that can be carried on phone networks.

Answer 131

OECD privacy guideline principle that states that personal data collection should have limits and that data should be obtained in a lawful manner with the individuals knowledge and approval

Answer 132

Hot site A backup site with all necessary hardware and critical applications data mirrored in real time.

Answer 133

Inference engine Expert system component that follows the tree formed by the knowledge base and fires a rule when there is a match.

Answer 134

Common Object Request Broker Architecture?An open, vendor-neutral networked object broker framework.

Answer 135

Monolithic kernel A statically compiled kernel.

Answer 136

Exterior Gateway Protocol.

Answer 137

involves multiple systems, all of which are online and actively processing traffic or data

Answer 138

An archive of any files that have been changed since the last full backup was performed.

Answer 139

Keyboard unit The external keyboard.

Answer 140

Asynchronous Balanced Mode: HDLC combined mode where nodes may asct as primary or secondary initiaint transmissions w/o receiving permission

Answer 141

business recovery plan: details steps required to restore normal business operations after recovering from a disruptive event. Aka business resumption plan

Answer 142

IRC Internet Relay Chat?A global network of chat servers and clients.

Answer 143

uses mathematicla formulas to assign probabilities to make decisions such as identifying spam

Answer 144

l Any communication that violates security policy.

Answer 145

Digital Subscriber Line?Uses existing copper pairs to provide digital service to homes and small offices.

Answer 146

MTU Maximum Transmission Unit?The maximum PDU size on a network.

Answer 147

Wireless standard 11 Mbps 2.4 GHz

Answer 148

MTD Maximum Tolerable Downtime?The total time a system can be inoperable before an organization is severely impacted.

Answer 149

Cypber Incident Response Plan: plan designed to respond to disruptive cyber events, including network-based attacks, worms, computer viruses, Trojan Horses, etc

Answer 150

Password that changes at regular intervals.

Answer 151

IP Internet Protocol; includes IPv4 and IPv6.

Answer 152

ISO/IEC-27031 Draft business continuity guideline that is part of the ISO 27000 series.

Answer 153

MAC (telecommunications) Media Access Control?Layer 2 protocol that transfers data to and from the physical layer.

Answer 154

the computer ethics institute code of ethics

Answer 155

model designed to avoid conflicts of interest by prohibiting one person, such as a consultant, from accessinng multiple conflight of Interest categories

Answer 156

Mirrors a live database, allowing simultaneous reads and writes to multiple replicated databases by clients.

Answer 157

Exfiltration Policy-violating removal of sensitive data from a secure perimeter.

Answer 158

Electronic Communications Privacy Act?Provides search and seizure protection to non-telephony electronic communications.

Answer 159

Magnetic stripe card Passive device that contains no circuits; sometimes called swipe cards because they are swiped through a card reader.

Answer 160

network with one channel; can only send one signal at a time

Answer 161

attached Resource Computer Network: legacy LAN technology that uses tokens

Answer 162

Block cipher mechanism that seeds the previous encrypted block into the next block to be encrypted

Answer 163

law that resolves disputes between individuals or organizations

Answer 164

Internet layer TCP/IP model layer that aligns with the Layer 3 of the OSI model and describes IP addresses and routing.

Answer 165

Classless Inter-Domain Routing: allows for many network sizes beyond the arbitraty stateful network sizes

Answer 166

business Continuity Institute

Answer 167

MOR Minimum Operating Requirements?Describes the minimum environmental and connectivity requirements in order to operate computer equipment.

Answer 168

Layering Separates hardware and software functionality into modular tiers.

Answer 169

EOC Emergency Operations Center?The command post established during or just after an emergency event.

Answer 170

Channel Service Unit/Data Service Unit?DCE device.

Answer 171

private citizens carrying out actions on behalf of law enforcement

Answer 172

High availability cluster Multiple systems that can be seamlessly leveraged to maintain the availability of the service or application being provided; also called a failover cluster.

Answer 173

committee for multilateral export control: munitiions law that was in effect from '47-'94. Designed to control export of criticial technologies (including crypto) to Iron Curtain countries

Answer 174

Executive succession planning Determining an organization?s line of succession.

Answer 175

Cross-Site Request Forgery?Third-party redirect of static content within the security context of a trusted site.

Answer 176

Encapsulation (network) Takes information from a higher network layer and adds a header to it, treating the higher layer information as data.

Answer 177

Faraday cage Shields enclosing objects from EMI.

Answer 178

process of developing a consistnet system security confiruration that can be leveraged throughout an organization

Answer 179

ITIL Information Technology Infrastructure Library?A framework for providing best services in IT service management.

Answer 180

Maintenance hook Shortcut installed by system designers and programmers to allow developers to bypass normal system checks during development.

Answer 181

Feedback Stream cipher mechanism that seeds the previous encrypted bit into the next bit to be encrypted.

Answer 182

Law where the victim can be seen as society itself.

Answer 183

I: residential gate designed for home use II: commercial, such as a parking garage gate III: Industril/limited access such as a large loading dock IV: Restrictued access such as prison or airport

Answer 184

L2F Layer 2 Forwarding?Designed to tunnel PPP.

Answer 185

central bot command and control network managed by humans referred to as bot herders

Answer 186

Access control list

Answer 187

EAP Over LAN?A Layer 2 protocol for varying EAP.

Answer 188

minimum reporting threshold level

Answer 189

L2TP Layer 2 Tunneling Protocol?Combines PPTP and L2F.

Answer 190

table defining what access permissions exist between specific subjects and objects

Answer 191

primary communication channel on a computer system

Answer 192

Wireless standard 54 Mbps 2.4 GHz

Answer 193

Database Administrator?Person responsible for the installation, configuration, upgrade, administration, monitoring, and maintenance of databases.

Answer 194

1. 2. Act honorably, honestly, justly, responsibly, and legally 3. 4. Advance and protect the profession

Answer 195

the process of understanding, communicazting, and documenting changes

Answer 196

Customs or practices that are so commonly accepted by a group that the custom is treated as a law.

Answer 197

TCP flag--acknowledge received data

Answer 198

converts source code, suce as C or Basic, and compiles it into machine code

Answer 199

Association of an individual.

Answer 200

Hypervisor mode Allows guests to operate in ring 0, controlled by a hypervisor in ring ??1.?

Answer 201

Mandatory leave Forcing staff to take vacation or time away from the office; also known as forced vacation.

Answer 202

Initial Phase 1 of CMM.

Answer 203

Eradication phase Incident response phase that cleans a compromised system.

Answer 204

Used to search for patterns, such as fraudulent activity, in a data warehouse.

Answer 205

security control designeed to change user behavior

Answer 206

Expert systems Seeks to replicate the knowledge and decision-making capability of human experts.

Answer 207

law enacted by gov't agencies, aka regulatory law

Answer 208

FTP File Transfer Protocol?Used to transfer files to and from servers.

Answer 209

an internatinoally agreed upon standard for describing and testing the security of IT products

Answer 210

a column in a relational database table

Answer 211

EAP?Transport Layer Security?Uses PKI, requiring both server-side and client-side certificates.

Answer 212

GFS Grandfather?Father?Son?A backup rotation method.

Answer 213

Iris scan Passive biometric scan of the iris (colored portion of the eye).

Answer 214

?A Layer 2 authentication framework that describes many specific authentication protocols.

Answer 215

Emanations Energy that escapes an electronic system and may be remotely monitored under certain circumstances.

Answer 216

Enticement Making the conditions for commission of a crime favorable for those already intent on breaking the law.

Answer 217

arithmetic logic unit: CPU component that performs mathematical calculations

Answer 218

a consensus of the best way to protect the confidentiality, integrity, and availability of assets

Answer 219

cipher Block Chaining: a block mode of DS that XORs the previous encrypted block of ciphertext to the next block ofplaintext to be encrypted

Answer 220

Contains a description of the database tables, including the schema, database view information, and information about authorized database administrator and user accounts.

Answer 221

The management of due care.

Answer 222

Hacker Controversial term that may mean explorer or someone who maliciously attacks systems.

Answer 223

Managed mode 802.11 mode that clients use to connect to an AP.

Answer 224

Integrity Seeks to prevent unauthorized modification of information.

Answer 225

Machine code Software that is executed directly by the CPU.

Answer 226

Ethernet Dominant local area networking technology that transmits network data via frames.

Answer 227

Keyboard dynamics Biometric control that refers to how hard a person presses each key and the rhythm by which the keys are pressed.

Answer 228

portions of a disk partition that are marked as actively containing data

Answer 229

Requires that key organizational stakeholders are prudent in carrying out their duties, aka the ?prudent man rule.?

Answer 230

a shortcut in a systme that allows a user to bypass security checks

Answer 231

The science of secure communications.

Answer 232

cryptographic device that uses two concentric disks, each with an alphabet around the periphery

Answer 233

HAVAL Hash of Variable Length?A hash algorithm that creates message digests of 128, 160, 192, 224, or 256 bits in length using three, four, or five rounds.

Answer 234

Enigma Rotor machine used by German Axis powers during World War II.

Answer 235

Half duplex Sends or receives at one time only (not simultaneously), like a walkie-talkie.

Answer 236

network with multiple channles; can send multiple signals at a time, like cable tv

Answer 237

attack where a user downloads malicious content

Answer 238

Intellectual property Intangible property that resulted from a creative act.

Answer 239

ISM Industrial, Scientific, and Medical?Wireless bands set aside for unlicensed use.

Answer 240

post designed to stop a car, typically deployed in front of buildings

Answer 241

EPROM Erasable programmable read-only memory?Memory that may be erased with ultraviolet light.

Answer 242

HTTPS Hypertext Transfer Protocol Secure?HTTP using SSL or TLS.

Answer 243

Lock bumping Attack on locks using a shaved key, which bumps the pins, allowing the lock to turn.

Answer 244

Communication that transfers data in bits: ones and zeroes.

Answer 245

Complex Instruction Set Computer: CPU instructions that are longer and more powerful

Answer 246

Kerberos A third-party authentication service that may be used to support single sign-on.

Answer 247

Microkernels A modular kernel.

Answer 248

damages provides as compensation

Answer 249

LCP Link Control Protocol?The initial unauthenticated connection used by CHAP.

Answer 250

Database Management System?Controls all access to the database and enforces database security.

Answer 251

Escaping from the root of a Web server (such as /var/www) into the regular file system by referencing directories such as ?../..?.

Answer 252

Dedicated 2.048-megabit circuit that carries 30 channels.

Answer 253

Third step of the NIST SP 800?34 contingency planning process.

Answer 254

the data owner's acceptance of the risk represented by a system

Answer 255

title 18 US Code Section 1030

Answer 256

Host with two network interfaces: one connected to a trusted network, and the other connected to an untrusted network.

Answer 257

Harrison?Ruzzo?Ullman model Maps subjects, objects, and access rights to an access matrix. It is considered a variation of the Graham?Denning model.

Answer 258

Instance One copy of an object.

Answer 259

provide internet access via broadband cable TV

Answer 260

Hold-down timer Distance vector routing protocol safeguard that avoids flapping.

Answer 261

The science of breaking encrypted messages (recovering their meaning).

Answer 262

OECD privacy guideline principle that states that individuals should have control over their data.

Answer 263

Genetic algorithm concept that combines two algorithms.

Answer 264

Registering Internet domain names associated with another organization?s intellectual property.

Answer 265

an agreement betweeen two or more individuals to subvert the security of a system

Answer 266

Hardcopy data Any data that is accessed through reading or writing on paper rather than processing through a computer system.

Answer 267

Monoalphabetic cipher Substitution cipher using one alphabet.

Answer 268

back up site with raised floor, power, utilities, and phyusical security and no configured systems or data

Answer 269

Field of view The entire area viewed by a camera.

Answer 270

a Rot-3 substitution cipher

Answer 271

an encrypted message

Answer 272

EU Data Protection Directive Privacy directive that allows for the free flow of information while still maintaining consistent protections of each member nation?s citizen?s data.

Answer 273

Distributed Component Object Model?Locates and connects objects across a network.

Answer 274

KDC Key Distribution Center?A Kerberos service that authenticates principals.

Answer 275

Firewall Device that filters traffic based on Layer 3 (IP addresses) and Layer 4 (ports).

Answer 276

aka pairwise testing

Answer 277

traffic that is sent to all stations on a LAN

Answer 278

Carrier Sense Multiple Access?A method used by Ethernet networks to allow shared usage of a baseband network and avoid collisions.

Answer 279

. Fifth step of the NIST SP 800?34 contingency planning process.

Answer 280

GIG Global Information Grid?The U.S. DoD global network, one of the largest private networks in the world.

Answer 281

a resource that is valuable to an organization and must be protected

Answer 282

Controls that alert during or after a successful attack.

Answer 283

Counter Mode CBC MAC protocol: used by WPA2 to create a MIC

Answer 284

software released in executable form; the source code is kept confidential

Answer 285

Multicast One-to-many network traffic, where the ?many? is preselected.

Answer 286

Encapsulation (object) Contains and hides the details of an object?s method.

Answer 287

layer 7 of OSI model: where the user interfaces with the computer application -- OR -- TCP/IP model that combines layer 5-7 of OSI model

Answer 288

requires that, once evidence is acquired, full documentation be maintained regarding what the evidence is, who handled the evidence, when the evidence was handled, and where the evidence was handled

Answer 289

Ephemeral ports TCP/IP ports 1024 and higher.

Answer 290

Encryption Converts the plaintext to a ciphertext.

Answer 291

LAN Local Area Network?A comparatively small network, typically confined to a building or an area within one.

Answer 292

Hybrid risk analysis Combines quantitative and qualitative risk analysis.

Answer 293

A rigid locking mechanism that is held in place by a key and prevents a door from being opened or fully closed when extended.

Answer 294

block cipher using from 32- through 448-bit (default is 128) keys to encypt 64 bits of data

Answer 295

Electronic Code Book mode?The simplest and weakest mode of DES.

Answer 296

legal system that places significant emphasis on particular cases and judicial precedent as a determinant of laws

Answer 297

Controls that deter users from performing actions on a system.

Answer 298

Malware Malicious software, or any type of software that attacks an application or system.

Answer 299

. Fourth step of the NIST SP 800?34 contingency planning process.

Answer 300

FRR False Reject Rate?Occurs when an authorized subject is rejected as invalid; also known as a type I error.

Answer 301

hide unnecessary details from the user

Answer 302

Extranet A connection between private Intranets.

Answer 303

MD5 Message Digest 5?A hash function that creates a 128-bit message digest.

Answer 304

Closed-Circuit TV: a detective device used to aid guards in detecting the presence of intruders in restricted areas

Answer 305

A black hat hacker.

Answer 306

physical network topology that connects network nodes in a string

Answer 307

computer Aided Software Engineering: uses programs to assist in the creation and maintenance of other ocmputer programs

Answer 308

ESP Encapsulating Security Payload?IPsec protocol that primarily provides confidentiality by encrypting packet data.

Answer 309

FIdM Federated Identity Management?Applies single sign-on at a much wider scale, ranging from cross-organization to Internet scale.

Answer 310

asynchronous Transfer Mode: WAN technology that uses fixed length cells

Answer 311

Congestion Window Reduced?New TCP flag.

Answer 312

HMAC Hashed Message Authentication Code?Provides integrity by combining symmetric encryption with hashing.

Answer 313

Internet Message Access Protocol?An email client protocol.

Answer 314

Intranet A privately owned network running TCP/IP.

Answer 315

Seeks to find the difference between related plaintexts that are encrypted.

Answer 316

Annual Rate of Occurrence: the numgber of losses suffered per year

Answer 317

wireless standard 144 Mbps 2.4/5 GHz

Answer 318

IPsec Internet Protocol Security?A suite of protocols that provide a cryptographic layer to both IPv4 and IPv6.

Answer 319

HIPAA Health Insurance Portability and Accountability Act?U.S. regulation that protects the privacy of healthcare information.

Answer 320

basic Rate interface: provides 2 64-K digital ISDN channels

Answer 321

PKI component that authenticatews the identity of a person or organization before issuring a certificate to them

Answer 322

FHSS Frequency Hopping Spread Spectrum?Uses a number of small-frequency channels throughout the wireless band and ?hops? through them in pseudorandom order.

Answer 323

Firmware Stores small programs that do not change frequently, such as a computer?s BIOS.

Answer 324

two or more plaintexts that share the same hash

Answer 325

A physical attack in which a person recovers trash in hopes of finding sensitive information that has been merely discarded in whole rather than being destroyed.

Answer 326

unethical hacker or researcher

Answer 327

Spoofed DoS attack using third-party DNS servers.

Answer 328

ITSEC Information Technology Security Evaluation Criteria?The first successful international evaluation model.

Answer 329

Ipv4 networks in classes A through E

Answer 330

Fourth generation programming language designed to increase programmer's efficiency by automating the cation of computer programming code

Answer 331

Dynamic Random Access Memory?Stores bits in small capacitors (like small batteries); less expensive but slower than SRAM.

Answer 332

Biometric control that measures the process by which someone signs his or her name.

Answer 333

computer system running malware that is controlled by a botnet

Answer 334

Incident response phase that analyzes events in order to determine whether they might comprise a security incident.

Answer 335

port-based network access control, layer 2 authentication

Answer 336

Denial of Service?An attack on availability.

Answer 337

Distributed Denial of Service?An availability attack using many systems.

Answer 338

Attempts to convert machine language into assembly.

Answer 339

Explicit Congestion Notification Echo?New TCP flag.

Answer 340

Defense Advanced Research Projects Agency.

Answer 341

Certificate Revocation List?PKI component that lists digital certificates that have been revoked.

Answer 342

EULA End-User License Agreement?A form of software licensing agreement.

Answer 343

Logic bomb A malicious program that is triggered when a logical condition is met, such as after a number of transactions have been processed, or on a specific date.

Answer 344

Electronic backups Data that is stored electronically and can be retrieved in case of a disruptive event or disaster.

Answer 345

Gross negligence The opposite of due care.

Answer 346

Provides non-repudiation, which includes authentication of the identity of the signer and proof of the document?s integrity.

Answer 347

ISO 17799 A broad-based approach for information security code of practice by the International Organization for Standardization.

Answer 348

concentrates access control in one logicla point for a system or crossover

Answer 349

MTBF Mean Time Between Failures?Quantifies how long a new or repaired system will run on average before failing.

Answer 350

Demarcation point, where the ISP?s responsibility ends and the customer?s begins.

Answer 351

Charge-Coupled Discharge: a digital CCTV

Answer 352

Microwave motion detector Active motion detector that uses microwave energy.

Answer 353

Domain Name Server Security Extensions?Provides authentication and integrity to DNS responses via the use of public key encryption.

Answer 354

FAR False Accept Rate?Occurs when an unauthorized subject is accepted as valid; also known as a type II error.

Answer 355

Key lock Preventive device that requires a physical key to unlock.

Answer 356

the relationship between the plaintext and ciphertext should be confused (or random) as possible

Answer 357

OECD privacy guideline principle that states that personal data should be complete, accurate, and maintained in a fashion consistent with the purposes for the data collection.

Answer 358

Connection that spans the demarc.

Answer 359

Disaster Recovery Plan?A short-term plan to recover from a disruptive event.

Answer 360

Counter?A stream mode of DES that uses a counter for feedback.

Answer 361

Bootstrap Protocol: used for bootstrapping via a nweork by diskless systems

Answer 362

disables an account after a set number of failed logins, sometimes during a specific time period

Answer 363

A log of all database transactions; should a database become corrupted, the database can be reverted to a backup copy, and then subsequent transactions can be ?replayed? from the journal, restoring database integrity.

Answer 364

Flat file Text file that contains multiple lines of data, each in a standard format.

Answer 365

HTTP Hypertext Transfer Protocol?A protocol to transmit Web data via a network.

Answer 366

Partially functioning proprietary software, often with key features disabled; the user is typically required to make a payment to unlock the full functionality.

Answer 367

low-level computer programming language with instrucctionst hat are short mnemonics that match to machine language instructions

Answer 368

Modes of operation Dedicated, system-high, compartmented, and multilevel.

Answer 369

Adds additional criteria beyond identification and authentication; the actual content the subject is attempting to access.

Answer 370

Exigent circumstances With respect to evidence acquisition, justification for the seizure of evidence without a warrant due to the extreme likelihood that the evidence will be destroyed.

Answer 371

proof of an identity claim

Answer 372

a detailed inspection that verifies whether a system meets the documented security requirements

Answer 373

Foreign key A key in a related database table that matches a primary key in the parent database.

Answer 374

EAP Tunneled Transport Layer Security?Simplifies EAP-TLS by dropping the client-side certificate requirement.

Answer 375

partial or complete failover to an alternate site

Answer 376

Data Terminal Equipment?A network ?terminal,? such as a desktop, server, or actual terminal.

Answer 377

Freeware Software that is free of charge.

Answer 378

additional security controls put in place to compensate for weaknesses in other controls

Answer 379

Mobile sites DRP backup site option that is a ?data centers on wheels,? towable trailers that contain racks of computer equipment, as well as HVAC, fire suppression, and physical security.

Answer 380

Kernel The heart of the operating system, usually running in ring 0; it provides the interface between hardware and the rest of the operating system, including applications.

Answer 381

IaaS Infrastructure As A Service?Provides an entire virtualized operating system, which the customer configures from the OS on up.

Answer 382

Hypervisor Software or operating system that controls access between virtual guests and host hardware.

Answer 383

Monitor mode 802.11 read-only mode used for sniffing.

Answer 384

software desinged to prevent and detect malware infections

Answer 385

Formal access approval Documented approval from the data owner for a subject to access certain objects.

Answer 386

Data Manipulation Language?Used to query and update data stored in the tables.

Answer 387

Lux One lumen per square meter.

Answer 388

network that provides a dedicated circuit or channel between two nodes

Answer 389

HDSL High-Data-Rate DSL?Matches SDSL speeds using two copper pairs.

Answer 390

Evidence that provides additional support for a fact that might have been called into question.

Answer 391

Managed Phase 4 of CMM.

Answer 392

Two or more identical databases that are updated simultaneously.

Answer 393

International Data Encryption Algorithm?A symmetric block cipher using a 128-bit key and 64-bit block size.

Answer 394

Linear cryptanalysis Known plaintext attack where the cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key.

Answer 395

system using proprietary hardware or software

Answer 396

Electrically Erasable Programmable Read-Only Memory?Electrically erasable memory via the use of a flashing program.

Answer 397

integration testing that tests all integrated software components

Answer 398

Controls that correct a damaged system or process.

Answer 399

Basic Input/Output System: typically stored in firmware

Answer 400

GLBA Gramm?Leach?Bliley Act?Requires financial institutions to protect the confidentiality and integrity of consumer financial information.

Answer 401

Hub Layer 1 network access device that acts as a multiport repeater.

Answer 402

small pieces of mobile code that are embedded in other software such as web browsers

Answer 403

Multipartite virus Virus that spreads via multiple vectors; also called multipart virus.

Answer 404

the functional equivalent of Java applets;' they use digital certificates instead of a sandbox to provide security

Answer 405

Phase 3 of CMM.

Answer 406

Focuses narrowly on support of specific IT systems and applications.

Answer 407

mathematical attack where a user is able to use lower level access to learn restricted information

Answer 408

Full duplex Two-way simultaneous transmission, like two people having a face-to-face conversation.

Answer 409

asset value: the value of a protected asset

Answer 410

Hand geometry Biometric control that uses measurements from within specific points on the subject?s hand.

Answer 411

Fingerprint scan Biometric scan of the minutiae (specific details of the fingerprint).

Answer 412

Middleware Connects programs to programs.

Answer 413

Interrupt Indicates an asynchronous CPU event has occurred.

Answer 414

Demilitarized Zone?Used to separate trusted from untrusted networks.

Answer 415

JSON JavaScript Object Notation?A data interchange format.

Answer 416

Master mode 802.11 mode used by APs.

Answer 417

the collective entitlementts granted by multiple systems to one user; can lead to authorization creep

Answer 418

Tests code while executing it.

Answer 419

An archive of all files that have changed since the last backup of any kind was performed.

Answer 420

lists all necessary component required for successful recovery and ensures that they are, or will be, readily available should a disaster occur; also known as consistency testing

Answer 421

Fair use doctrine Allows someone to duplicate copyrighted material without requiring the payment, consent, or even knowledge of the copyright holder.

Answer 422

Dynamic Host Configuration Protocol?Assigns temporary IP address leases to systems, as well as DNS and default gateway configuration.

Answer 423

powered RFID tags that can operate via larger distances

Answer 424

expert system mode that starts with a premise and works backwards

Answer 425

any host placed on the internet that is not protected by another device

Answer 426

IPv4 Internet Protocol version 4, commonly called IP?IPv4 is the fundamental protocol of the Internet.

Answer 427

See Strong authentication.

Answer 428

testing to ensure that he software meets the customer's operational requirements

Answer 429

HTML Hypertext Markup Language?Used to display Web content.

Answer 430

MAC address Layer 2 address of a NIC.

Answer 431

Installation testing Testing software as it is installed and first operated.

Answer 432

HIPS Host-based Intrusion Prevention System?Preventive device that processes information within the host.

Answer 433

Annualized Loss Expectancy: the cost of loss due to a risk over a year

Answer 434

All routers on a network agree on the state of routing.

Answer 435

Wireless standard 54 Mbps using 5 GHz

Answer 436

attck that attemptst every possible key or combination

Answer 437

the fastest memory on the system; required to keep up with the CPU as it fetches and executes instructions

Answer 438

Incident response phase that attempts to keep further damage from occurring as a result of the incident.

Answer 439

Internet A global collection of peered networks running TCP/IP.

Answer 440

Any disruptive event that interrupts normal system operations.

Answer 441

Provides hands-on protection of assets.

Answer 442

Wireless networking standard

Answer 443

Data Encryption Algorithm?Described by DES.

Answer 444

involves devices or systems that are already in place, configured, powered on, and ready to begin processing network traffic should a failure occur on the primary

Answer 445

Jefferson disks Cryptographic device invented by Thomas Jefferson that used multiple wheels, each with an entire alphabet along the ridge.

Answer 446

Guideline A recommendation; an administrative control.

Answer 447

Fuzzing A type of black box testing that enters random malformed data as inputs into software programs to determine if they will crash.

Answer 448

requires use of the strongest possible evidence

Answer 449

legal system that leverages codified laws or statutes to determine what is considered within the bounds of law

Answer 450

LAND attack DoS attack that uses a spoofed SYN packet that includes the victim?s IP address as both source and destination.

Answer 451

Fetch and execute Mechanism that allows the CPU to receive machine language instructions and execute them; also called fetch, decode, execute, or FDX.

Answer 452

OECD privacy guideline principle that states indivisuald should have the right to challenge the content of any personal data being held and can update that data

Answer 453

holds individuals accountable for their actions

Answer 454

any attribute (column) in the table with unique values

Answer 455

Free software Controversial term that is defined differently by different groups. ?Free? may mean free of charge, or ?free? may mean users are free to use the software in any way they would like, including modifying it.

Answer 456

Mantrap A preventive physical control with two doors; each door requires a separate form of authentication to open.

Answer 457

crossover error rate: Describes the point where the false reject rate (FRR) and False Acept Rate (FAR) are equal

Answer 458

Memory Volatile or nonvolatile computer storage.

Answer 459

Motherboard Contains computer hardware including the CPU, memory slots, firmware, and peripheral slots such as peripheral component interconnect (PCI) slots.

Answer 460

Authentication Header--Ipsec protocol that provides authentication and integrity for each packet of network data

Answer 461

makes changes to a database permenant

Answer 462

notification of persons whose personal data has been, or is likely to have been, compromised

Answer 463

authentication token that is not synchronized with a central server; includes challenge-response tokens

Answer 464

Inference Deductive attack where a user is able to use lower level access to learn restricted information.

Answer 465

Cipher Feedback: stream-mode DES that is similar to block mode CBC

Answer 466

Electronic vaulting Batch process of electronically transmitting data that is to be backed up on a routine, regularly scheduled time interval.

Answer 467

LLC Logical Link Control?Layer 2 protocol that handles LAN communications.

Answer 468

Label Security level assigned to an object, such as confidential, secret, or top secret.

Answer 469

Java An object-oriented language used not only to write applets but also as a general-purpose programming language.

Answer 470

Forward chaining Expert system mode that starts with no premise and works forward to determine a solution.

Answer 471

IPS Intrusion Prevention System?A preventive device designed to prevent malicious actions.

Answer 472

same as chinese wall model

Answer 473

LEAP Lightweight Extensible Authentication Protocol?A Cisco proprietary protocol released before 802.1X was finalized.

Answer 474

ISDN Integrated Services Digital Network?Provides digital service via copper pair.

Answer 475

Access control model used by Windows? Active Directory.

Vocabulary1 Flashcards

(500 cards)