Network Security Exam #2 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Access control
answer
The process of protecting a resource so that it is used only by those allowed to use it; a particular method used to restrict or allow access to resources.
question
Accountability
answer
Associating actions with users for later reporting and research.
question
Actions
answer
The activities that authorized users can perform on the resources.
question
Asynchronous token
answer
An authentication token used to process challenge-response authentication with a server. The token takes the server's challenge value and calculates a response. The user enters the response to authenticate a connection.
question
Authentication
answer
The process of proving you are the person or entity you claim to be.
question
Authority-level policy
answer
An authorization method in which access to resources is decided by the user's authority level.
question
Authorization
answer
The process of deciding who is approved for access to specific resources.
question
Characteristic
answer
In authentication, a unique physical attribute or manner of expression, such as a fingerprint or a signature. Such attributes are often referred to as "something you are."
question
Cloud Computing
answer
The practice of using computing services that are delivered over a network.
question
Cloud Security Alliance (CSA)
answer
A nonprofit organization with a mission to promote best practices for using cloud computing securely.
question
Cloud service provider (CSP)
answer
A company that maintains data centers with racks of server computers, each running multiple virtual machines, and is able to provide services to many clients simultaneously. Organizations of all types turn to CSPs to avoid having to maintain their own data centers.
question
Collusion
answer
Two or more people working together to violate a security policy.
question
Constrained user interface
answer
Software that allows users to enter only specific information.
question
Continuous authentication
answer
An authentication method in which a user is authenticated at multiple times or event intervals.
question
Decentralized access control
answer
A system that puts access control into the hands of people such as department managers who are closest to system users; there is no one centralized entity to process access requests in this system.
question
Event-based synchronization system
answer
An authentication method in which a token's value is synchronized with a server based on each access request. The token's counter is increased each time a new value is requested.
question
Group membership policy
answer
An authorization method in which access to resources is decided by what group(s) you are in.
question
Identification
answer
The process of providing credentials to claim to be a specific person or entity.
question
Knowledge
answer
In authentication, this is something you know, such as a password, a passphrase, or a PIN.
question
Logical Access control
answer
A mechanism that limits access to computer systems and network resources.
question
Mandatory access control (MAC)
answer
A means of restricting access to an object based on the object's classification and the user's security clearance.
question
Multi-tenancy
answer
A database feature that allows different groups of users to access the database without being able to access each other's data.
question
Need-to-know
answer
A property that indicates a specific subject needs access to a specific object. This is necessary to access the object in addition to possessing the proper clearance for the object's classification.
question
Ownership
answer
In authentication, this is something you have, such as a smart card, key, badge, or token.
question
Passphrase
answer
An authentication credential that is generally longer and more complex than a password. Passphrases can also contain multiple words.
question
Physical access controls
answer
A mechanism that limits access to physical resources, such as buildings or rooms.
question
Physically constrained user interface
answer
A user interfaces that does not provide a physical means of entering unauthorized information.
question
Reference monitor
answer
Software that provides a central point of processing for all resource access requests.
question
Relationships
answer
Optional conditions that exist between users and resources. They are permissions granted to an authorized user, such as read, write, and execute.
question
Resources
answer
Protected objects in a computing system, such as files, computers, or printers.
question
Role based access control (RBAC)
answer
An access control method that bases access control approvals on the jobs the user is assigned.
question
Security kernel database
answer
A database made up of rules that determine individual users' access rights.
question
Separation of duties
answer
The process of dividing a task into a series of unique activities performed by different people, each of whom is allowed to execute only one part of the overall task.
question
Single-factor authentication
answer
An authentication method that uses only a single type of authentication credentials.
question
Smart card
answer
A plastic card with authentication credentials embedded in either a microchip or magnetic strip on the card.
question
Synchronous token
answer
A device used as a logon authenticator for remote users of a network.
question
Temporal isolation
answer
A method of restricting resource access to specific periods of time.
question
Threshold
answer
Some value that indicates a change from normal to abnormal behavior. In the case of failed logon attempts, a threshold of five means that when a user fails to log on five times, the action should be considered abnormal.
question
Time-based synchronization system
answer
An authentication method in which a token's internal clock is synchronized with a server's clock to generate matching values.
question
Two-Factor Authentication
answer
An authentication method that uses two types of authentication credentials.
question
USB Token
answer
A hardware device used for authentication that you plug into your computer's USB port. This device provides authentication credentials without the user having to type anything.
question
User Datagram pool (UDP)
answer
A communication protocol that is connectionless and is popular for exchanging small amounts of data or messages.
question
View-based access control (VBAC)
answer
Limiting users' access to database views, as opposed to allowing users to access data in database tables directly.
question
Accreditation
answer
The formal acceptance by the authorizing official of the risk of implementing the system.
question
Agile development
answer
A method of developing software that is based on small project iterations, or sprints, instead of long project schedules
question
Authorizing Official (AO)
answer
A senior manager who reviews a certification report and makes the decision to approve the system for implementation.
question
Baseline
answer
A benchmark used to make sure that a system provides a minimum level of security across multiple applications and across different products.
question
Certification
answer
The technical evaluation of a system to provide assurance that you have implemented the system correctly. Also, an official statement that attests that a person has satisfied specific requirements. Requirements often include possessing a certain level of experience, completing a course of study, and passing an examination.
question
Certifier
answer
The individual or team responsible for performing the security test and evaluation (ST_E) for the system. The certifier also prepares the report for the AO on the risk of operating the system.
question
Change control
answer
The process of managing changes to computer/device configuration or application software.
question
Change control committee
answer
A group that oversees all proposed changes to systems and networks.
question
Clean desk/clear screen policy
answer
A policy stating that users must never leave sensitive information in plain view on an unattended desk or workstation.
question
Compliance liaison
answer
A person whose responsibility it is to ensure that employees are aware of and comply with an organization's security policies
question
Configuration control
answer
The process of managing the baseline settings of a system device.
question
Emergency operations group
answer
A group that is responsible for protecting sensitive data in the event of a natural disaster or equipment failure, among other potential emergencies.
question
Functional policy
answer
A statement of an organization's management direction for security in such specific functional areas as e-mail, remote access, and Internet surfing.
question
Guideline
answer
A recommendation to purchase or how to use a product or system.
question
Job rotation
answer
A strategy to minimize risk by rotating employees between various systems or duties.
question
Proactive change management
answer
Initiating changes to avoid expected problems.
question
Procedure
answer
A set of step-by-step actions to be performed to accomplish a security requirement, process, or objective.
question
Reactive change management
answer
Enacting changes in response to reported problems.
question
Remediation
answer
Fixing something that is broken or defective, such as by addressing or removing vulnerabilities.
question
Security administration
answer
The group of individuals responsible for planning, designing, implementing, and monitoring an organization's security plan.
question
Security event log
answer
Recorded information from system events that describes security-related activity.
question
Sprint
answer
One of the small project iterations used in the "agile" method of developing software, in contrast with the usual long project schedules of other ways of developing software.
question
Standard
answer
A mandated requirement for a hardware or software solution that is used to deal with a security risk throughout the organization.
question
System owner
answer
The person responsible for the daily operation of a system and for ensuring that the system continues to operate in compliance with the conditions set out by the AO.
question
Waterfall model
answer
A software development model that defines how development activities progress from one distinct phase to the next.
question
Anomaly-based IDS
answer
An intrusion detection system that compares current activity with stored profiles of normal (expected) activity.
question
Benchmark
answer
The standard by which your computer or device is compared to determine if it's securely configured.
question
Black-box testing
answer
A method of security testing that isn't based directly on knowledge of a program's architecture.
question
Clipping level
answer
A value used in security monitoring that tells controls to ignore activity that falls below a stated value.
question
Covert Act
answer
An act carried out in secrecy
question
False Negative
answer
Incorrectly identifying abnormal activity as normal.
question
False Positive
answer
Incorrectly identifying normal activity as abnormal.
question
Gray-box testing
answer
Security testing that is based on limited knowledge of an application's design.
question
Hardened configuration
answer
The state of a computer or device in which you have turned off or disabled unnecessary services and protected the ones that are still running.
question
Mitigation activities
answer
Any activities designed to reduce the severity of a vulnerability or remove it altogether.
question
Network Mapping
answer
Using tools to determine the layout and services running on an organization's systems and networks.
question
Operating system fingerprinting
answer
A reconnaissance technique that enables an attacker to use port mapping to learn which operating system and version is running on a computer.
question
Over-Act
answer
An act carried out in the open.
question
Pattern-(signature) based IDS
answer
An intrusion detection system that uses pattern matching and stateful matching to compare current traffic with activity patterns (signatures) of known network intruders.
question
Penetration testing
answer
A testing method that tries to exploit a weakness in the system to prove that an attacker could successfully penetrate it.
question
Real-time monitoring
answer
Analysis of activity as it is happening.
question
Reconnaissance
answer
The process of gathering information.
question
Security Information and Event Management (SIEM) system
answer
Software and devices that assist in collecting, storing, and analyzing the contents of log files.
question
Stateful matching
answer
A technique of matching network traffic with rules or signatures based on the appearance of the traffic and its relationship to other packets.
question
Vulnerability Testing
answer
A process of finding the weaknesses in a system and determining which places may be attack points
question
White-box testing
answer
Security testing that is based on knowledge of the application's design and source code.
question
Zone transfer
answer
A unique query of a DNS server that asks it for the contents of its zone.
question
Administrative control
answer
A control involved in the process of developing and ensuring compliance with policy and procedures.
question
Corrective control
answer
A control that mitigates or lessens the effects of the threat.
question
Countermeasure
answer
A measure installed to counter or address a specific threat.
question
Detective control
answer
A control that determines that a threat has landed in your system.
question
Emergency operations center (EOC)
answer
The place in which the recovery team will meet and work during a disaster.
question
Event
answer
A measurable occurrence that has some impact on the business.
question
Impact
answer
The magnitude of harm that could be caused by a threat exercising a vulnerability.
question
Incident
answer
An event that has a negative impact on operations.
question
Likelihood
answer
The probability that a potential vulnerability might be exercised within the construct of an associated threat environment.
question
Maximum tolerable downtime
answer
The greatest amount of time a business can survive without a particular critical system.
question
Preventive control
answer
A controls that prevents threats from coming in contact with a weakness.
question
Safeguard
answer
Something built-in or used in a system to address gaps or weaknesses in the controls that could otherwise lead to an exploit.
question
Technical control
answer
A control that is carried out or managed by a computer system.
question
Threat source
answer
An intent or method targeted to intentionally exploit vulnerability.
question
Algorithm
answer
A mathematical process or series of structured steps for performing some function.
question
Asymmetric key cryptography
answer
A type of cryptography that uses a cipher with two separate keys, one for encryption and one for decryption, so that correspondents do not first have to exchange secret information to communicate securely.
question
Caesar cipher
answer
One of the simplest substitution ciphers. It shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A.
question
Certificate authority (CA)
answer
A trusted entity that stores and distributes verified digital certificates.
question
Checksum
answer
The output of a one-way algorithm. A mathematically derived numerical representation of some input.
question
Cipher
answer
An algorithm to encrypt or decrypt information.
question
Data Encryption Standard (DES)
answer
Encryption cipher that is a product cipher with a 56-bit key consisting of 16 iterations of substitution and transformation. First published as a Federal Information Processing Standard (FIPS) in 1977.
question
Decryption
answer
The act of unscrambling ciphertext into plaintext.
question
Differential cryptanalysis
answer
Looking for patterns in vast amounts of ciphertext.
question
Digital signature
answer
An object that uses asymmetric encryption to bind a message or data to a specific entity.
question
Digitized signature
answer
An image of an electronically reproduced signature.
question
Hash
answer
The output of a one-way algorithm. A mathematically derived numerical representation of some input.
question
Key
answer
A secret value a cipher uses to encrypt or decrypt information
question
Key directory
answer
A trusted repository of all public keys.
question
Key distribution
answer
The process of issuing keys to valid users of a cryptosystem so they can communicate.
question
Key-encrypting key
answer
An encryption key used to encrypt other keys before transmitting them.
question
Key revocation
answer
A situation in which someone is no longer trusted or allowed to use a cryptosystem. In a symmetric key system, where everyone shares the same key, compromising one copy of the key comprises all copies.
question
Keyspace
answer
The set of all possible encryption keys.
question
Keyword mixed alphabet cipher
answer
An encryption cipher that uses a cipher alphabet that consists of a keyword, less duplicates, followed by the remaining letters of the alphabet.
question
Nonrepudiation
answer
Prevents a party from denying a previous statement or action.
question
One-time pad cipher
answer
The only unbreakable cryptographic cipher, also called a Vernam cipher.
question
One-way algorithm
answer
An encryption algorithm that has no corresponding decryption algorithm.
question
Plaintext
answer
Unencrypted information
question
Private (symmetric) key
answer
Encryption cipher that uses the same key to encrypt and decrypt information.
question
Product cipher
answer
Encryption cipher that is a combination of multiple ciphers. Each could be transposition or substitution.
question
Public (asymmetric) key
answer
Encryption cipher that uses one key to encrypt and another key to decrypt information.
question
Public key cryptography
answer
A system that allows correspondents to communicate only over a public channel using publicly known techniques.
question
Public key infrastructure (PKI)
answer
A set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
question
Revocation
answer
Stopping authorization for access to data.
question
Salt value
answer
Random characters that you can combine with an actual input key to create the encryption key.
question
Security association (SA)
answer
The basic element of ISAKMP key management. SA contains all the information needed to do a variety of network security services.
question
Simple substitution cipher
answer
An encryption cipher that uniquely maps any letter to any other letter.
question
SSL Handshake
answer
A process that creates the first secure communications session between a client and a server.
question
Substitution cipher
answer
An encryption cipher that replaces bits, characters, or blocks of information with other bits, characters, or blocks.
question
Symmetric key cryptography
answer
A type of cryptography that cannot secure correspondence until after the two parties exchange keys.
question
Time stamping
answer
A physical device that transmits a secret code to a user to authenticate the user. Can be a hardware device token or a software-generated token.
question
Transposition cipher
answer
An encryption cipher that rearranges characters or bits of data.
question
Vernam cipher
answer
The only unbreakable cryptographic cipher. Also called a one-time pad.
question
Vigenere Cipher
answer
An encryption cipher that uses multiple encryption schemes in succession. For example, you could encrypt every fifth letter with its own substitution scheme.