2398787
Description
Flashcards by maxwell3254, updated more than 1 year ago
|
Created by maxwell3254
about 9 years ago
|
|
| Question | Answer |
| a concept that indicates exposure to the chance of damage or loss | Risk |
| Which algorithm is a hashing encryption algorithm? | Secure Hash Algorithm (SHA) |
| Personal info, company info, and info about intellectual property must be protected | Prevention |
| CIA triad includes: | Confidentiality Integrity Availability |
| A system in which objects are assigned security labels of varying levels, depending on the object's sensitivity | Mandatory Access Control (MAC) |
| physical or virtual objects, such as smart cards, ID badges, or data packets, that store authentication information | Tokens |
| a type of authentication that relies on detailed info that describes exactly when a keyboard key is pressed and released as someone types info into a computer | Keystroke Authentication |
| this algorithm is modeled after MD5 and is considered the stronger of the two | Secure Hash Algorithm (SHA) |
| an email-based or web-based attack that is intended to trick the user into performing undesired actions, such as deleting files in an attempt to remove a virus | Hoax |
| an increasingly popular variety of malware in which an attacker infects a victim's computer with code that restricts the victim's access to their computer or the data on it | Ransomware |
| a formalized statement that defines how security will be implanted within a particular organization | Security Policy |
| a virus that is able to alter its decryption module each time it infects a new file | Polymorphic malware |
| they attempt to trick or shield themselves from antivirus software and security professionals | Armored viruses |
| an attack that occurs when the security level of a system is at its lowest, immediately after the discovery of a vulnerability | Zero day exploit |
| a type of network attack in which an attacker attempts to disrupt or disable systems that provide network services by various means | Denial Of Service (DOS) attack |
| Data security must be applied at every level of an organization including : | The physical environment : All devices and systems : All mobile devices used for business |
| refers to gaining access to data through unintentional user methods such as email and instant messaging, and the use of mobile devices | Data Leakage |
| the practice of monitoring for, obtaining, evaluating, testing, and deploying software patches and updates | Patch management |
| an attacker takes advantage of the trust established between an authorized user of a website and the website itself. It exploits a web browser's trust in a user's unexpired cookies | Cross-site request forgery (XSRF) |
| For relational databases, security measures include: | -Role-based security config parameters -Encrypted comms -Access control -User-level permissions for stored procedures |
| a hardware, firmware, and software component of a computer system that is responsible for ensuring that the security policy is implemented and the system is secure | Trusted Computing Base (TCB) |
| the screen lock option on all mobile devices should be enabled with strict requirements on when the device will be locked | Enable screen lock |
| the process of actively adding geographical identification metadata to an app or its data | Restrict geo-tagging |
| You may need to re-evaluate the openness of certain rooms and systems in order to control for this threat | Control for on-board camera, microphone, and video use |
| a network device that manages the info of any applications that interface with it. This info includes the state of apps and the resources they require to designate resources across the network | Application aware device |
| Organizations can exercise greater control over the privacy and security of their services. This method is geared more toward banking and gov't services that require strict access control | Private cloud services |
| refers to using the cloud to provide access to any or all infrastructure needs a client may have | Infrastructure as a Service (IaaS) |
| self-allocates addresses randomly from a small range of 169.254.0.1 to 169.254.255.254 | Automatic Private IP Addressing (APIPA) |
| -disabling unnecessary services -closing unused ports -regularly applying the appropriate patches -hiding responses from ports that indicate their status and allow access pre-configured ports only | Port Security measures |
| use the principle of implicit deny so that the firewall blocks any traffic it does not require | Implicit Deny |
| symmetric algorithms | DES, 3DES AES, Blowfish Twofish, RC 4,5,6 |
| any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately | Password attack |
| software attacks that are targeted at web-based and other client-server applications | Application attacks |
| access points on a network that fool users into believing they are legitimate | Evil twins |
| it is important to always consider what is happening inside an organization, especially when physical security is concerned | Internal |
| physical threats that can be internal or external, intentional or accidental | Man-Made |
| an approach to securing systems and their data against attack that incorporates many different avenues of defense is called... | Layered security |
| a cryptoprocessor device that can be attached to servers and comps to provide digital key security. The modules can provide a number of security functions | HSM |
| a password that meets the complexity requirements that are set by a system admin and documented in a security or password policy | Strong password |
| has the monitoring capability of an IDS, but actively works to block any detected threats | Intrusion Prevention System (IPS) |
| a general term for the collected protocols, policies, and hardware that govern access on device network interconnections, provides an additional layer of security | Network Access Control (NAC) |
| a point to point logical network that is created by grouping selected hosts together using a switch or router | Virtual Local Area Network (VLAN) |
| directory access protocol that runs over TCP/IP networks. The schema is extensible, which means you can make changes or add on to it | Lightweight Directory Access Protocol (LDAP) |
| Directory service vulnerabilities | DoS/DDoS Unencrypted transmission of data MATM Packet sniffing/Capture attacks Buffer overflow Security or user/admin accounts |
| a data transport technique that can be used to provide remote access in which a data packet is encrypted and encapsulated in another data packet in order to conceal the info of the packet inside | Tunneling |
| internet protocol combo of PPTP and Layer 2 Forwarding (L2F) that enables the tunneling of PPP sessions across a variety of network protocols | Layer Two Tunneling Protocol (L2TP) |
| an authentication protocol that sends user IDs and passwords as plaintext. Generally used when a remote client is connecting to a non-windows server that does not support strong password encryption | Password Authentication Protocol (PAP) |
| publicly available email security and authentication utility that uses a variation of public key cryptography to encrypt emails. | Pretty Good Privacy (PGP) |
| an area of info security that is used to identify individuals within a comp system or network | Identity Management |
Want to create your own Flashcards for free with GoConqr? Learn more.