2770078
Description
Flashcards by zikisayena, updated more than 1 year ago
|
Created by zikisayena
almost 9 years ago
|
|
| Question | Answer |
| Affidavit | sworn testimony that certain facts are in the possession of the investigating officer that they feel warrant the examination of specific items located at a specific place. |
| Auditing | the process of reviewing the use of a system to determine if misuse or malfeasance has occurred. |
| Candidate vulnerabilities | vulnerabilities logged during scanning. |
| Chain of evidence (chain of custody) | defined as the detailed documentation of the collection, storage, transfer, and ownership of collected evidence from the crime scene through its presentation in court. |
| Difference analysis | a procedure that compares the current state of a network segment (the systems and services it offers) against a known previous state of that same network segment (the baseline of systems and services). |
| Digital forensics | the investigation of what happened and how. |
| Digital malfeasance | crime against or using digital media, computer technology, or related components (computer as source or object of crime). |
| Evidentiary material (EM) | also known as an item of potential evidentiary value, is any information that could potentially support the organization’s legal or policy-based case against a suspect. |
| External monitoring domain | within the maintenance model; provides early awareness of new and emerging threats, threat agents, vulnerabilities, and attacks that the organization needs in order to mount an effective and timely defense. |
| Information security operational risk assessment (RA) | A key component in the engine that drives change in the information security program. |
| Modem vulnerability assessment process | designed to find and document any vulnerability that is present on dial-up modems connected to the organization’s networks. |
| Penetration testing | a set of security tests and evaluations that simulate attacks by a malicious external source (hacker). |
| Planning and risk assessment domain | the primary objective is to keep a lookout over the entire information security program, in part by identifying and planning ongoing information security activities that further reduce risk. |
| Platform security validation (PSV) process | designed to find and document the vulnerabilities that may be present because there are misconfigured systems in use within the organization. |
| Vulnerability assessment and remediation domain | primary objective is to identify specific, documented vulnerabilities and re-mediate them in a timely fashion. Vulnerability instances: proven cases of real vulnerabilities. |
| War dialing | scripted dialing attacks against a pool of phone numbers. |
| War games | rehearsals that closely match reality. |
Want to create your own Flashcards for free with GoConqr? Learn more.