Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Chapter 10 Terms
Security+ SY0-501 7th Edition Terms (Chapter 10)
| Question | Answer |
|---|---|
| administrative control | A control implemented through administrative policies or procedures. |
| cable lock | A physical security deterrent used to protect a computer. |
| cold aisles | Server room aisles that blow cold air from the floor. |
| compensating controls | Gap controls that fill in the coverage between other types of vulnerability mitigation techniques. (Where there are holes in coverage, we compensate for them.) |
| control | Processes or actions used to respond to situations or events. |
| control types | Technical, physical, or administrative measures in place to assist with resource management. |
| data disposal | Getting rid of/destroying media no longer needed. |
| detective control | Controls that are intended to identify and characterize an incident in progress (for example, sounding the alarm and alerting the administrator). |
| dumpster diving | Looking through trash for clues—often in the form of paper scraps—to find users’ passwords and other pertinent information. |
| Faraday cage | An electrically conductive wire mesh or other conductor woven into a “cage” that surrounds a room and prevents electromagnetic signals from entering or leaving the room through the walls. |
| fire suppression | The act of stopping a fire and preventing it from spreading. |
| hoax | Typically, an email message warning of something that isn’t true, such as an outbreak of a new virus. A hoax can send users into a panic and cause more harm than the virus. |
| hot aisles | A server room aisle that removes hot air. |
| impersonation | Pretending to be another person to gain information. |
| information classification | The process of determining what information is accessible, to what parties, and for what purposes. |
| mantrap | A device, such as a small room, that limits access to one or a few individuals. Mantraps typically use electronic locks and other methods to control access. |
| PASS method | The correct method of extinguishing a fire with an extinguisher: Pull, Aim, Squeeze, and Sweep. |
| perimeter security | Security set up on the outside of the network or server to protect it. |
| Personal Identity Verification (PIV) | Card required of federal employees and contractors to gain access (physical and logical) to government resources. |
| personally identifiable information (PII) | Information that can be uniquely used to identify, contact, or locate a single person. Examples include Social Security number, driver’s license number, fingerprints, and handwriting. |
| phishing | A form of social engineering in which you simply ask someone for a piece of information that you are missing by making it look as if it is a legitimate request. Commonly sent via email. |
| physical controls | Controls and countermeasures of a tangible nature intended to minimize intrusions. |
| preventive controls | Controls intended to prevent attacks or intrusions. |
| privacy | A state of security in which information isn’t seen by unauthorized parties without the express permission of the party involved. |
| privacy filters | Screens that restrict viewing of monitors to only those sitting in front of them. |
| PTZ | Cameras that can pan, tilt, and zoom. |
| restricted information | Information that isn’t made available to all and to which access is granted based on some criteria. |
| shoulder surfing | Watching someone when they enter their username, password, or sensitive data. |
| social engineering | An attack that uses others by deceiving them. It does not directly target hardware or software, but instead it targets and manipulates people. |
| spear phishing | A form of phishing in which the message is made to look as if it came from someone you know and trust as opposed to an informal third party. |
| tailgating | Following someone through an entry point. |
| technical controls | Controls that rely on technology. |
| vishing | Combining phishing with Voice over IP (VoIP). |
| watering hole attack | Identifying a site that is visited by those that they are targeting, poisoning that site, and then waiting for the results. |
| wetware | Another term for social engineering. |
| whaling | Phishing only large accounts. |
Created by:
StudySleeping
Popular Computers sets