Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Chapter 4 Terms

Terms for chapter 4

TermDefinition
access list a paper or electronic record of individuals who have permission to enter a secure area, the time they entered, and the time they left.
activity phase controls subtypes of security controls, classified as deterrent, preventative, detective, compensation, or corrective.
administrative control process for developing and ensuring that policies and procedures are carried out, specifying what users may do, must do, and must not do.
alarm an audible sound to warn a guard of an intruder.
antispyware software that helps prevent computers from becoming infected by different types of spyware.
antivirus Software that can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus
barricade a structure designed to block the passage of traffic.
Bayesian filtering Spam filtering software that analyzes every word in an email and determines how frequently a word occurs to determine if it is spam.
big data a collection of data sets so large and complex that it becomes difficult to process using on hand database management tools or traditional data processing applications.
blacklist Permitting everything that does not appear on a list.
cable lock a device that can be inserted in to the security slot of a portable device and rotated to prevent theft.
client-side validation having the client web browser perform all validations and error recovery procedures.
CCTV video cameras for surveillance in areas that require monitoring.
compensating control provides an alternative to normal controls that are unable to be used.
corrective control Intended to mitigate the damage caused by an incident.
XSRF An attack that uses the web browsers settings to impersonate a user.
data at-rest data which is stored on an electronic media.
data in-transit data which is actively moving across a network
data in-use Data which is receiving actions from an end device.
DLP a system that can identify critical data, monitor access, and prevent unauthorized access.
deadbolt lock a door lock that extends a solid metal bar in to the door frame.
detective control a control designed to identify any threat that has reached the system.
deterrent control a control that attempts to discourage security violations before they occur.
embedded system a computer system with a dedicated function within a larger system.
errors faults in a program that occur while an application is running.
fencing securing a restricted area using a barrier.
firewall hardware or software designed to prevent malicious packets from entering or leaving a network or device.
fuzz testing a software testing technique that deliberately provides invalid input to a program.
guard a human who is an active security element.
host-based application firewall a firewall that runs as a program on a local system.
hotfix software which addresses a specific customer situation and may not be available to other customers.
input validation verifying a users input into an application
lighting lights illuminating an area so that it can be viewed after dark.
locking cabinet a ruggedized steel box with a lock.
mainframe a very large computing system with significant processing abilities.
mantrap a device that monitors and controls doors in a vestibule to prevent access to secure areas.
motion detection detects motion, dude.
NoSQL a nonrelational database type.
OS hardening tightening security during the design and coding of an operating system.
packet filter firewall.
patch a software security update generally intended to fix a security vulnerability.
popup blocker stops pop up ad windows from appearing.
preventative controls a control which attempts to prevent a threat from entering.
PDS A system of cable conduits designed to protect cables transmitting sensitive information.
proximity reader a device which detects an emitted signal to identify the owner.
security control any device or process used to reduce a risk.
security policy a document describing security controls
server-side validation having the server perform all validation and error recovery procedures.
service pack a software patch containing all previous patches as well as additional features.
sign a placard containing a warning or other information.
smartphone a phone with an OS that allows apps to be run.
static environment devices in which additional hardware is difficult or impossible to be attached.
technical controls security controls which are carried out or managed by devices.
trusted OS An OS which has been hardened.
whitelist permitting only that which is on the list
wrapper function a substitute for a regular function that is used in testing.
Created by: O'Bryan