Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security Plus

Study

TermDefinition
Accounting the ability that provides tracking of events.
Asset An item that has value.
Authentication The steps that ensure the individual is who they claim to be.
Availability Security actions the ensure that data is accessible to authorized users.
California"s Database Security Breach Notification The 1st state law that covers any state agency, person, or company that does business in California.
Confidentially Security actions that ensure only authorized parties can view the info.
Cybercrime Targeted attacks against financial networks, unauthorized access to info, and theft of personal info.
Cybercriminals A networks of attacker, identity thieves, spammers, and financial fraudsters.
Cyberterrorism A political motivated attack against info, computers, programs, and data that makes violence.
Cyberterrorists Attackers whose motivation may be defined as ideology, or attacking for the sake of their beliefs.
Exploiting The act of taking advantage of a vulnerability or weakness.
Gramm-Leach_Bliley Act (GLBA) A law the requires banks and financial places to alert it's customers of their policies and practices in disclosing customer's info.
Hacker Term used to refer to a person who uses advanced computers skills to attack other computers.
Health Insurance Portability and Accountability Act (HIPAA) A law designed to guard protected health info and implement policies and procedures to safeguard it.
Identity Theft Stealing of another's personal info used to impersonate them, generally for financial gain.
Information Security The tasks of securing info that is in a digital format.
Integrity Security actions that ensure that the info is correct and no unauthorized person or malicious software has altered the data.
Risk The likelihood that a threat agent will exploit the vulnerability.
Sarbanes-Oxley Act (Sarbox) A law deigned to fight corporate corruption.
Script Kiddies Individuals who want to break into computers to create damage, yet lack knowledge of computers and networks need to do so.
Spy A person who has been hired to break into a computer and steal information.
Threat A type of action that has the potential to cause harm.
Threat Agent A person or element that has the power to carry out a threat.
Vulnerability A flaw or weakness that allows a threat agent to bypass security.
Adware A software program that delivers advertising content in a manner that us unexpected and unwanted by the user.
Backdoor Software code that gives access to a program or service that goes through normal security protections.
Botnet A logical computer network of zombies under the control of an attacker.
Computer Virus A malicious computer code that, like is biological counterpart, reproduces itself on the same computer.
Dumpster Diving The act of digging through trash to find info that can be useful in an attack.
Hoax A false Warning
Impersonation An attack that creates a fake character and then plays out their role of that person on a victim.
Keylogger Captures and stores each keystroke that a user types on a computer's keyboard.
Logic Bomb Computer code that lies dormant until it is triggered by a specific logical event.
Malware Software that enters a computer systems without the user's knowledge and then performs an unwanted, harmful actions.
Pharming A phishing attack that automatically redirects the user to a fake site.
Phisng Sending an email that falsely claims to be forma a legitimate enterprise in an attempt to trick.
Rootkit A set of software tools used by an attacker to hide the actions or presence of the other types of malicious software
Shoulder Surfing Watching an authorized user enter a security code on a keypad.
Social Engineering A means of gathering info for an attack by relying on the weaknesses of individuals.
Spam Unsolicited email
Spear A phishing attack that targets only specific users.
Spim A variation of spam, which targets instant messaging users instead of email users.
Spyware A general term used to describe software that spies on users by gathering info without consent, thus violation their privacy.
Tligating The act of following right behind someone or thing.
Trojan Horse An executable program advertised as performing one activity, but actually does something else.
Vishing A phishing attack that uses a telephone call instead of using an email.
Whaling A phishing attack that targets only wealthy people.
Word Splitting Horizontally separating words so that they can still be read by the human eye.
Worm A malicious program designed to take advantage of a weakness to then self-replicate to other computers.
Add-ons Programs that provide additional functionality to Web browsers.
Address Resolution Protocol (ARP) Part of the TCP/IP for determining the MAC address based on the IP address.
ARP Poisoning An attack that corrupts the ARP cache.
Attachments Files that are coupled to email messages.
Buffer Overflow An attack that occurs when a process attempts to store data in RAM beyond it's limits storage buffer.
Client-Side Attack An attack that targets vulnerabilities in client apps that interact with a compromised server or processes malicious data.
Command Injection Injecting and executing commands to execute on a server.
Cookie A file on a local computer in which s server stores user-specific info.
Cross-Site Scripting (XSS) Injected scripts into a Web app server to direct attacks at clients.
Denial of Service (DoS) Attempts to prevent a system form preforming its normal functions.
Directory Traversal A weakness in the Web browser a user can use to get to root and etc directories.
DNS Poisoning Substitutes DNS addresses so that the computer is automatically redirected to another device.
Domain Name System (DNS) Names of websites are turned in ip addresses.
1st- Party Cookie A cookie that is created from the Web site that currently is being viewed.
Flash Cookie Named after Adobe Flash player, is 25x more in size compared to a normal cookie and cant be deleted in/ form the web browser settings.
Host Table A list of the mappings of names to computer numbers.
HTTP Header Part of the HTTP that contains the info part of the data destination.
HTTP Header Manipulation Modifying HTTP headers to create an attack.
Man-In-The-Middle An attack that intercepts legitimate communication and forges a fake response to the sender.
Persistent Cookie A cookie that is recorded on the HHD of the computer and does not expire when the browser closes.
Ping A utility that sends an ICMP echo request message to a host.
Ping Flood A ICMP flood of packets to the victim.
Privilege Escalation A weakness in the software to gain access to resources that the user would normally be restricted from.
Replay Attack An attack that makes a copy before it attacks the recipient.
Session Cookie Stored in RAM, and only lasts for the time spent on the website.
Session Hijacking An Attacker attempts to impersonate the user by using their session token(s).
Session Token A form of verification used when accessing a secure website.
Smurf Attack a Broadcast Ping request to all PC's om the network yet changes address from which it came from.
Spoofing Impersonating another computer or device.
SQL Injection An attack that targets SQL servers by injecting commands to be manipulated by the data base.
SYN Flood Attack An attack that takes advantage of the procedures for starting TCP sessions.
Third-Party Cookies A cookie that was created by a third party and is different from the primary website.
Transitive Access An attack using a third party to gain access rights.
XML (Extensible Markup Language) Designed to carry the data instead of indicating how to display it.
XML Injection An attack that injects XLM tags and data into a database.
Zero Day Attacks An Exploited weakness that the victims have no time (zero days) to defend against it.
Annualized Loss Expectancy (ALE) The expected monetary loss that can be expected for an asset due to a risk over a one year period.
Annualized Rate of Occurence (ARO) The probability that a risk will occur in a particular year.
Architectural Design The process of defining a collection of hardware and software components along with their interfaces in order to create the framework for software development.
Attack Surface The code that can be executed by unauthorized users in a software program.
Baseline Reporting A Comparison of the present state of a system compared to its baseline.
Black Box A test in which the tester has no prior knowledge of the network infrastructure that is being tested.
Code Review Presenting the code to multiple reviewers in order to reach agreement about its security.
Design Review An analysis of the design of a software program by key personnel form different levels of the project.
Exposure Factor (EF) The Proportion of an asset's value that likely to be destroyed by a particular risk (Percentage)
Fail Open A control that errors on the side of permissiveness in the event of failure.
Fail-Same (Fail-Secure) A control that errors on the side of security in the event of a failure.
Gray Box A test where some limited info has been provided to the tester.
Hardening The process of making the system more secure as possible.
Honey Pot A network setup with intentional weaknesses.
Penetration Testing A test by an outsider to actually exploit any weaknesses in the systems that are weak.
Port Scanner Software to search a system for any port weaknesses.
Protocol Analyzer (sniffer) Hardware or software that captures packets to decode and analyze the contents.
Single Loss Expectancy (SLE) The expected monetary loss every time a risk occurs.
Vulnerability Assessment A systematic and methodical evaluation of the exposure of the assets to attacker, forces of nature, or any other entity that is a potential harm.
Vulnerability Scaner Generic term for a range of products that look for weaknesses in networks or systems.
White Box A test where the tester has an in-depth knowledge of the network and systems being tested,diagrams, ip address, and even the source code of custom apps.
Xmas Tree Port Scan Sending a packet with every option set on for whatever protocol is in use to observe how a host responds.
Access List A record or list of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area.
Access Log A log that can provide details regarding requests for specific files on a system.
Anit-spyware Software that helps prevent computers from becoming infected by different types of spyware.
Anti-Virus (AV) Software that finds infected files and removes them to help protect the computer OS and etc files.
Audit Log A log that can track user authentication attempts.
Audit Recods Logs that are second common type of security-related OS logs
Bayesian Filitering Spam filtering software that analyzes the contents of every word in an email and determines how frequently a word in order to see if it's spam.
Cable Lock a cable to a device to stop stealing of the device.
Closed-Circuit Television (CCTV) video cameras to a tv that is recorded and viewed.
Cross-Site Request Forgery (XSRF) An attack that uses the web browser settings to impersonate the user.
Data Loss Prevention (DLP) A system that can identify critical data, monitor how it is being accessed, and protect it's users.
Deadbolt Lock A solid metal bar into the door frame for extra security.
Errors (Exceptions) Faults in a program that occur while the app is running.
Event Logs Logs that can document any unsuccessful events and the most significant successful events.
Fencing Securing a restricted area by erecting a barrier.
Firewall (Packet-Filtering) Hardware or software that designed to prevent malicious packets from entering or leaving computers.
Fuzz Testing (fuzzing) A software testing technique that is deliberately provides invalid, unexpected, or random data as inputs to computer program.
GPS Tracking Using Global Positioning System (GPS) to detect the location of a portable device.
Heuristic Dectection Creating a visualized environment to simulate the central processing unit (CPU) and memory of the computer to check the presence of a virus.
Host-Based Software Firewall A firewall that runs as a program on a local system to protect it against attacks.
Hotfix Software that addresses a specific customer situation and often may not be distributed outside that customer's organization.
Input Validation Verifying a user's input to an application.
Locking Cabinet A secure storage unit that can be used for storing portable devices.
Log A record of events that occur.
Mantrap A device that monitors and controls 2 interlocking doors to a small room, designed to separate secure and non-secure areas.
Patch A general software security updates intended to cover weaknesses that have been discovered.
Pop-Up Blocker A program or feature within a browser that stops pop-up advertisements from showing up.
Proximity A device detects an emitted signal in order to identify the owner.
Remove Wipe / Sanitation A technology that can remotely erase data from a portable device and reset it to its default factory settings.
Safe A ruggedized steel box with a lock.
Security Policy A document of rules that the organization will follow to secure info.
Security Logs Logs that are considered the primary source of log data.
Service pack Software that is cumulative package of all security updates plus additional features.
Signature File A sequence of bytes ( a string) found in the virus as a virus signature.
Voice Encryption Using encryption to mask the content of voice communications.
All-In-One Network Security Appliance Network hardware that provides multiple security functions.
Anomaly-Based Monitoring
Behavior-Based Monitoring A technique used A technique used by am IDS that uses the normal processes and actions as the standard and compares actions against it.
Demilitarized Zone (DMZ) A separate network that rests outside the secure network perimeter, untrusted outside users can access the DMZ but cannot enter the secure network.
Heuristic Monitoring A monitoring technique used by an IDS that uses an algorithm to determine if a threat if a threat exists.
Host Intrusion Detection System (HIDS) A software-based application that runs on local host computer that can detect an attack as it occurs.
Intrusion Detection System A device designed to be active security, it can detect an attack as it occurs.
Load Balancer Directing requests to different servers based on a variety of factors, such as number of server connections and etc.
Network Access Control (NAC) A technique that examines the current state of a system or network device before it is allowed to connected to the network.
Network Address Translation (NAT) a technique that allows private IP addresses to be used on the public internet.
Network Intrusion Detection System (NIDS) A technology that watches for attacks on the network and reports back to the central device.
Network Intrusion Prevention System (NIPS) Technology that monitors network traffic to immediately react to block a malicious attack.
Proxy Server A computer or a program that intercepts a user request from the internal secure network and then processes that request on the behalf of the user.
Remote Access Any combination of hardware and software that enables remote users to access a local internal network.
Reverse Proxy A computer or a program that routes incoming requests to the correct server.
Router A device that can packets across computer networks.
Signature-Based Monitoring A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature.
Subnetting IP addresses to divide a network into another network, subnet, and or host.
Switch A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices.
Virtual LAN (VLAN) A technology that allows scattered users to be logically grouped together even though they may be attached to different switches.
VIrtual Private Network (VPN) Used in an unsecured public network as if it was private network.
VPN Concetrator A device that aggregates hundreds or thousands of VPN connections.
Web Application Firewall A special type of firewall that looks more deeply into packets that carry HTTP traffic.
Web Security Gateway A device that can block malicious content in real time as it appears.
Cloud Computing A pay-per-use computing model in which customers pay only for the computing resources that they needed, and the resources can be easily scaled.
Disabling Unused Ports A security technique to turnoff ports on a network device that are not required.
FTP File Transfer Protocol
Flood Guard A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.
FTP using Secure Socket Layers (FTPS) Secure Sockets Layer/ Transport Layer Security (SSL/TLS) to encrypt commands sent over the control port in FTP session (port 21)
IEEE 802.1x A standard for port to port basis only
ICMP Internet Control Message Protocol
IPv6 Next gen ip addressing with some improvements.
IP Telephony VoIP or voice or internet protocol
Loop Protection Preventing broadcasting storms by the IEEE 802.1d standard spanning tree algorithm. (STA)
MAC Limiting & Filtering A security technique to limit the number of media access control (MAC) addresses allowed on a single port.
Rule-Based Management The process of administration that relies on the following procedural and technical rules.
SCP Secure Copy Protocol, mainly used in Unix/Linux based OS encrypting files and commands.
SFTP Secure File Transport Protocol
TCP/IP Transmission Control Protocol/ Internet Protocol
Virtualization A means of managing and presenting computer resources by functions with regard to their physical layout or location.
AES-CCMP The encryption protocol standard for WPA2.
Bluejacking An attack that sends unsolicited messages to Bluetooth-enabled devices.
Bluesnafing An attack that accesses unauthorized info form wireless device through bluetooth connection, often between cell phones and pc's.
Bluetooth Short Range radio technology for rapid ad hoc device pairing.
EAP Extensible Authentication Protocol, that defines format of messages.
Evil Twin An AP set up by an attacker to mimic an authorized AP and capture transmissions, so a user's device will unknowingly connects to this evil twin instead.
Initialization Vector (IV) A 24-bit value used in WEP that changes each time a packet is encrypted.
Keystream Attack (IV Attack) A method of determining the keystream by analyzing 2 packets that were created from the same initialization vector (IV).
Lightweight EAP (LEAP) Proprietary EAP made by cisco requiring mutual authentication used for WLAN encryption by cisco client software.
Media Access Control (MAC) Address Filtering A method for control access to WLAN based on the device's MAC address.
Preshard Key (PSK) A key value that must be created and entered into both the access points and all wireless devices prior to the devices communicating with AP.
Protected EAP (PEAP) An EAP method designed to simplify the deployment of 802.1x by using WIndows login and passwords.
Rogue Access Point An unauthorized AP that allows attacker to bypass many of the network security configurations and opens the network and users to attacks.
Service Set Identifier (SSID) The user-supplied network name of a WLAN; it can generally be alphanumeric form 2-32 characters.
SSID Broadcast The transmission of the SSID from the access point wireless devices.
TKIP Temporal Key Integrity Protocol, WPA encryption technology.
War Chalking The process of documenting and then adverting the location of wireless LANs for others to use.
War Driving Searching for wireless signals from an automobile or on foot using a portable computing device.
Wi-Fi Protected Access (WPA) the orignal set of protections from the wi-fi alliance in 2003 designed to protect then and now wireless.
Wi-Fi Protected Access 2 (WPA2) Second gen wf-fi in 2004 released to improve WLAns encryptions.
Wired Equivalent Privacy (WEP) an IEEE 802.11 security protocol designed to ensure that only the authorized parties can view transmitted wireless info.
Access Control The mechanism used in an ifno system to allow or restrict access to data or devices.
Access Control List (ACL) A set of permissions that are attached to an object.
Access Control Model A standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or apps.
Account Expiration The process of setting a user's account to expire.
Discretionary Access Control (DAC) The least restrictive access control model in which the owner of the object has total control over it.
Extended TACACS The 2nd version of the Terminal Access Control Access Control System (TACACS) service.
Implicit Deny Rejecting access unless a condition is explicitly met.
Job Rotation The act of moving individuals from one job to another.
Kerberos An authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users.
LDAP Injection Attack An attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve info from LDAP database or modify its content.
Least Privilege Providing only the minimum amount of privileges necessary to perform a job or function.
Lightweight Directory Access Protocol (LDAP) A protocol for a client app to access an x.5000 directory.
Mandatory Access Control (MAC) The most restrictive access control model, typically found in military settings in which security is of surpreme importance.
Mandatory Vacations Requiring that all employees take vacations.
Remote Authentication Dial In User Service (RADIUS) A standard authentication service with widespread support across nearly all vendors of networking equipment.
Role Based Access Control (RBAC) A real-world control model in which access is based on a user's job function within the organization.
Rule Based Access Control (RBAC) An access control model that can dynamically assign roles to subjects based on a set of rules defined by a custodian.
Separation of Duties The practice of requiring that processes should be divided between 2 or more individuals.
TACACS+ The current version of the Terminal Access Control Access Control System services.
TACACS Terminal Access Control Access Control System, commonly used on unix/ linux based OS through a centralized server.
Time Of Day Restrictions Limitations imposed as to when a user can log on a system.
Behavioral Biometrics Authenticating a user by the normal actions the user performs.
Brute Force Attack A password attack in which every possible combination is used to create encrypted passwords that match those stolen from password file.
Cognitive Biometrics Authenticating a user through the perception, thought process, and understanding of the user.
CAC Common Access Card, the DOD uses these.
Dictionary Attack A password attack that creates encrypted versions of common dictionary words and compares them against those in stolen password file.
Hybrid Attack A password attack that slightly alters dictionary words by adding numbers to the end of them.
Multifactor Authentication Using more than 1 type of authentication credential.
Password A secret combination of letters, numbers, and or characters that only the user should know.
Personal Identity Verification (PIV) A government standard for smart cards that covers all government employees.
Rainbow Tables Large pregenerated data sets of encrypted passwords used in password attacks.
Single Sign-On (SSO) Using 1 or more credential to access multiple accounts or apps.
Single-Factor Authentication Using 1 type of authentication credential.
Smart Card A card that contains an integrated circuit chip that can hold info used part of the authentication process.
Standard Biometrics Using fingerprints or other unique physical characteristics of a person's face, hands, or eyes.
Token A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication.
Trusted Operating System (OS) A hardened OS that can keep attackers from accessing and controlling critical parts of a computer system.
Advanced Encryption Standard (AES) A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES.
Algorithm Procedures based on a mathematical formula; used to encrypt data.
Asymmetric Cryptographic Encryption that uses 2 mathematically related keys.
BLock Cipher A cipher that manipulates an entire block of plaintext 1 time.
Blowfish A block cipher that operates on 64-bit blocks and can have a key length from 32-488 bits.
Ciphertext Data that has been encrypted.
Cleartext Unencrypted data.
Cryptography The science of transforming info into a secure from from while it is being transmitted or stored so that unauthorized persons can't access it.
Data Encryption Standard (DES) A symmetric block cipher that uses 56-bit key and encrypts data in 64-bits block.
Decryption The process of changing ciphertext into plaintext.
Digital Signature An electronic verification of sender.
Elliptic Curve Cryptography (ECC) An algorithm that uses elliptic curves instead of prime numbers to compute keys.
Encryption The process of changing plaintext into ciphertext.
GNU Privacy Guard (GPG) Free open-source software that id commonly used to encrypt and decrypt email messages.
HSM Hardware Security Module, a secure cryptographic processor.
Hash The unique digital fingerprint signature for a set of data.
Hash Message Authentication Code (HMAC) A variation of hash that encrypts the hash with shared secret key before transmitting it.
Hashing The process for creating a unique digital fingerprint signature.
Key A mathematical value entered into the algorithm to produce ciphertext.
Message Digest (MD) A common hash algorithm of several different versions.
Message Digest 5 (MD5) A version of MD4 that is designed to address its weaknesses.
Nonrepudiation The process of proving that a user performed an action.
NTLM New Technology LAN Manager Hash, that is old windows version.
NTLMv2 New Technology LAN Manager Version 2, uses HMAC with MD5.
One-Time Pad (OTP) Using a unique truly random key to create ciphertext.
Plaintext Data input into a encryption algorithm.
Pretty Good Privacy (PGP) A commercial product that is used to encrypt email messages.
Private Key A asymmetric key that does have to be protected.
Private Key Cryptography Cryptographic algorithms that use a single key to encrypt and decrypt a message.
Public Key A asymmetric encryption key that does not need to be protected.
Public key Cryptography Encryption that uses 2 mathematically ealted keys.
Quantum Cryptography An unusual and unique behavior or microscopic objects to enable users to security develop and share keys.
RIPEMD RACE Integrity Primitives Evaluation Message Digest
RC4 An RC stream cipher that will accept keys up to 128 bits lengths.
Rivest Cipher (RC) A family of cipher algorithms by Ron Rivest.
RSA Asymmetric algorithm published in 1977 and patented in 1983 by MIT.
Secure Hash Algorithm (SHA) Creates hash values of longer lengths than Message Digest (MD) algorithms.
Steganography Hiding the existence of data within text, audio, image, or video file.
Stream Cipher An algorithm that takes 1 character and replaces it with another 1.
Symmetrci Cryptographic Algorithm Encryption that uses a single key to encrypt and decrypt a message.
Triple Data Encryption Standard (3DES) A symmetric cipher that was designed to replace DES.
Trusted Platform Module (TPM) A chip on the motherboard of a computer that provides cryptographic services.
Twofish A later derivation of the Blowfish algorithm that is considered to be strong.
Whole Disk Encryption Cryptography that can be applied to entire disks.
Bridge Trust Model A trust model with 1 CA that acts as a facilitator to interconnect all other CA's
Certificate Authority (CA) A trusted third-party agency that is responsible for issuing the digital certificates.
Certificate Repository (CR) A publicly accessible centralized directory that contains digital certs that can be to view the status of digital certs.
Certificate Revocation List (CRL) A repository that lists revoked digital certs.
Digital Certificate A technology used to associate a user's identity to a public key, in which the user's key is digitally signed by a trusted third party.
Direct Trust A type of trust model in which a relationship exists between 2 people because 1 person knows the other person.
Distributed Trust Model A trust model that has multiple CA's that sing digital certs.
Hierarchical Trust Model A trusted model that has s single hierarchy with 1 master CA.
HTTP Over Secure Socket Layer (HTTP) The secure version of HTTP.
IP Security (IPsec) A set of protocols developed to support the secure exchange of packets.
Key Escrow A process in which keys are managed by a third party, such as a trusted CA called the root.
Key Recovery Agent (KRA) A highly trusted person responsible for recovering lost or damaged digital certs.
M-of-N Control technique to recover a private key by a distributing parts to different individuals.
Public Key Infrastructure (PKI) A framework for all of the entities involved in digital certs for digital cert management.
Registration Authority (RA) A subordinate entity designed to handle specific CA tasks such as processing cert requests and authenticating users.
Secure Shell (SSH) A unix-based command interface and protocol for securely accessing a remote computer.
Secure Sockets Layer (SSL) A protocol developed by Netscape for securely transmitting documents over the internet that uses a private key to encrypt data.
Third-Party Trust A trust model in which 2 individuals trust each other because each trust the third-party.
Transport Layer Security (TLS) A protocol that is an extension of SSL and guarantees privacy and data integrity between apps.
Trust Model The type of trusting relationship that can exist between individuals or entities.
X.509 The most widely used/ accepted format for digital certs as defined by the international Telecommunication Union. (ITU)
Asymmetric Server Cluster A technology in which s standby server exists only to take over for another server in the event of its failure.
Backout/ Contingency Option Rolling back a disaster recovery implementation to the sharing point so that a different approach can be taken.
Business Continuity The ability of an organization to maintain its operations and services in the face of a disruptive event.
Business Continuity Planning & Testing The process of testing and protecting procedures for a disruptive events are sufficient.
Business Impact Analysis (BIA) The most important mission-critical functions, which identifies and quantifies the impact such a loss of the functions may have on the organization in terms of its operational and financial position.
Chain of Custody A process of documentation that shows that the evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the evidence.
Cold Site A remote site that provides office space, the customer must provide and install all the equipment needed to continue operations.
Computer Forensics Using technology to search for computer evidence of a crime.
Data Backups The process of copying info to a different medium and storing it in case it's needed later.
Disaster Recovery The procedures and processes for restoring an organization's IT operations following a disaster.
Disaster Recovery plan (DRP) A written document that details the process for IT resources following an event that causes a significant disruption in service.
Faraday Cage A metallic enclosure that prevents the entry or escape of an electromagnetic field.
Forensics The app of science to questions that are of the interest to the legal profession.
Heating, Ventilation, & Air Conditioning (HVAC) Systems that provide and regulate heating and cooling.
High Availability A system that can function for an extended period of time with little downtime.
Hot Aisle/Cold Aisle A layout in a data center that can be used to reduce heat by managing the air flow.
Hot Site A copy or duplicate site of the equipment needed to keep the organization going.
Mean Time Between Failures (MTBF) A statistical value that is average time until a component fails, cannot be repaired and must be replaced.
Order of Volatililty The sequence of volatile data that must be preserved in a computer forensic investigation.
RAID Redundant Array of Independent Drives.
Recovery Point Objective (RPO) The maximum length of time that an organization can tolerate between backups.
Recovery Time Objective (RTO) The length of time it will take to recover the data that has been backed up.
Server cluter A combination of 2 or more servers that are interconnected to appear as 1.
Single Point of Failure A competent or entity in a system which, if it no longer functions, would adversely affect the entire system.
Succession Planning Determining in advance who will be authorized to take over in the event of the incantation or death of key employees.
Symmetric Server Cluster
System Image A snapshot of the current state of the computer that contains all settings and data.
Warm Site A remote site that contains computer equipment but does not have active internet or telecommunication facilities, and does not have backups of data.
Acceptable Use Policy (AUP) A policy that defines the actions of the users may perform while accessing systems and networking equipment.
Change Management A methodology for making modifications to a system and keeping track of those changes.
Incident Management The framework and functions required to enable incident response and incident handling within an organizations.
Peer to Peer Network (P2P) A network that does not have servers, so each device simultaneously functions as both a client and a server to all other devices connected to the network.
Privacy Policy A policy that outlines how the organization uses personal info it collects.
Security Policy A written document that states how an organization plans to protect the company's info technology assets.
Social Networking Grouping individuals and organizations into clusters or groups based on the like affiliation.
Social Networking Sites Websites that facilitate linking individuals with common interests like hobbies, religion, politics, or school and work contacts.
Created by: theyoungdatman