Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

securityCHPT5

terms

QuestionAnswer
physical security restricting access to the areas in which equipment is located
physical security hardware locks
physical security proximity readers
physical security access lists
physical security man traps
physical security video surveillance
physical security fencing
deadbolt lock extends a solid metal bar into the doorframe for extra security
cipher lock combination locks that use buttons which must be pushed in a sequence to unlock a door
cipher lock keep a record of when the door was open and closed
disadvantage of cipher lock shoulder surfing
proximity reader detects an emitted signal in order to identify the owner
physical token id badge
access lists people who are allowed in
snap in software module that provides admin capabilities for a device
group policy microsoft windows feature that provides centralized management and configuration of computers
patch general security software update inended to cover vulnerabilities that have been discovered
hotfix software that addresses a specific customer situation and often may not be distributed outside that customers organization
service pack software that is a cumulative package of all security updates plus additional features
most common type of door lock standard key entry lock
group policy allows a single configuration to be set and then deployed by many users
mantrap monitors and controls two interlocking doors to a small room,vestibule,designed to seperate secure and nonsecure areas
fencing deterrents anti climb paint
fencing deterrents anti climb collar
fencing deterrents roller barrier
fencing deterrents rotating spikes
remote wipe sanitation technology that can remotely erase data from a portable device and reset it back to factory default settings
rfid tags radio frequency identification tags
steps in protecting the operating system that is running on the host develop the security policy
steps in protecting the operating system that is running on the host perform host software baselining
steps in protecting the operating system that is running on the host configure operating system security and settings
steps in protecting the operating system that is running on the host deploy the settings
steps in protecting the operating system that is running on the host implement patch management
security template settings include account policies
security template settings include user rights
security template settings include event log settings
security template settings include restricted groups
security template settings include system services
security template settings include file permissions
security template settings include registry permissions
mobile device security gps tracking
mobile device security remote wipe sanitation
mobile device security voice encryption
antivirus software examines a computer for infections as well as monitor activity
signature file a sequence of bytes,strings, found in the virus as a virus signature
heuristic detection create a virtualized environment to simulate the cpu and memory of the computer to check for a virus
bayesian filtering spam filtering software that analyzes the contents of every word in an email and determines how frequently a word occurs in order to determine if its spam
blacklist no email is to be received
whitelist only email can be received
popup blocker program or feature within a browser that stops ads from appearing
anti spyware helps prevent computers from becoming infected
firewall hardware or software that is designed to prevent malicious packets from entering or leaving a pc
packet filter firewall
host based software firewall runs on a program on a local system to protect it against attacks
audit log tracks user authentication attempts
access log provides details regarding requests for specific files on a system
security log considered the primary source of log data
event occurence within a software system that is communicated to users or other programs outside of the operating system
system event operational actions performed by the operating system,such as shutting down
system event logs document any unsuccessful events and the most significant successful event
audit records the second common type of security related operating system logs
common types of security application logs anti virus software log
exceptions faults that occur in an application while it is running
cross site request forgery uses the users web browser settings to impersonate the user
input validation verify a users input to an application
fuzz testing fuzzing
fuzz testing software testing technique that deliberatle provides invalid,unexpected, or random data as inputs to a computer program
data loss prevention system of security tools that is used to recognize and identify data that is crucial and to ensure it is protected
dlp examines data in three states data in use
dlp examines data in three states data in motion
dlp examines data in three states data at rest
content inspection used by most data loss prevention systems
content inspection defined as a secuirity analysis of the transaction within its approved context
data in use actions being performed by endpoint devices such as printing
data in motion actions that transmit the data across a network like a file being retreived from a server
data at rest data that is stored on a dvd or other media
dlp agent each host runs a local application which is sent over the network to the devices and runs as an os device
dlp agent continuously monitors the host to identify sensitive data within the files
attacks based on application vulnerabilities executable files attack
attacks based on application vulnerabilities system tampering
attacks based on application vulnerabilities process spawning control
application hardening intended to prevent exploiting vulnerabilities in software applications
heuristic detection code emulation
common types of security application logs automatred patch update log
in application software, vulnerabilities are often exposed by a failure to properly check the input data entering into the application
baseline standard or checklist by which security standards can be evaluated and audited for security posture
baseline operating system settings that impose how the policy will be enforced
Created by: cgeaski