Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Security + CompTIA
Domain 3 Architecture and design
| Term | Definition |
|---|---|
| COBIT | a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices. |
| COSO | a widely accepted control framework for enterprise governance and risk management |
| SDN | Software Defined Network - technology that separates the control plane management of network devices from the underlying data plane that forwards network traffic - network is intelligent and has broad perspective |
| NAT | Name Address Translation - acts as liaison between internal and internet, allowing multiple computers to connect to the internet using 1 IP address |
| air gaps | physically isolated machines not connected to the internet |
| Mirror ports | used on a network switch to send a copy of network packets seen on one switch port to a network monitoring connection on another switch port |
| SPAN | Switched Port Analyzer, fancy name for Mirror Ports |
| TPMs | secure cryptoprocessors used to authenticate hardware devices |
| TPM's | Bitlocker full disk encryption requires this kind of chip |
| EFS | Encryption File System, basically NTFS 3.0 - doesn't require TPM |
| EMI Shielding | seeks to reduce electronic signals that "leak" from computer and electronic equipment. Uses Faraday cages & TEMPEST shielding |
| Netstat | Port 15 |
| FTP | Port 20 & 21 |
| SSH/SFTP/SCP | Port 22 |
| Telnet | Port 23 |
| SMTP | Port 25 |
| DNS | Port 53 |
| HTTP | Port 80 |
| NTP | Port 123 |
| LDAP | Port 389 |
| HTTPS | Port 443 |
| LDAPS | Port 636 |
| FTPS | Port 989 & 990 |
| Radius | Port 1812 |
| RDP | Port 3389 |
| The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and modify Internet directories. Service is based on a client-server model | LDAP |
| Same as Lightweight Directory Access Protocol, except with secure information transfer | LDAPS |
| Network Time Protocol | NTP |
| File Transfer Protocol - secure, however, it's just an addition onto FTP, completely different from SFTP | FTPS |
| Baseline | help establish pattern of use that later help identify variations that identify unauthorized access attempts |
| Smart Cards - often used with personal identification | use embedded systems with an OS included on chip |
| Waterfall Software Development Life Cycle | SDLC model starts with defined requirements & well-developed plan, adjustments confined to the current development stage |
| Agile Software Development Life Cycle | SDLC model starts with less rigorous guidelines and allows for adjustments during the entire process |
| Secure DevOps | Includes security in the SDLC ensuring that security is built in during the development process |
| CI server | server that compiles, builds and tests each new version of code committed to central repository without user interaction - continual integration |
| Immutability | An approach to upgrading & change management. A new version (usually virtual) is created, and once working well, the original will be deleted. V1, V2. no v1.5/1.6 etc... |
| Static Code Analysis | white box software testing process by which semi-random is injected into a program or protocol stack to detect bugs |
| Dynamic Code Analysis | Based on observing how code behaves during execution |
| Fuzzing | black box software testing process by which semi-random data is injected into a program or protocol stack to detect bugs |
| Public Cloud | cloud that provides shared resources over the internet |
| SAAS | Delivery of a licensed application to customers over the internet for use as a service on demand - zendesk, paypal and facebook are examples of this cloud model |
| IAAS | delivery of computer infrastructure in a hosted service model: Amazon EC2, Rackspace, digital ocean are examples of this cloud model |
| PAAS | delivery of a computing platform, often an operating system with associated services, over the internet without downloads or installation Salesforce, heroku |
| hypervisor | software installed directly on top of server and it's underlying hardware. |
| Type I Hypervisor | virtual OS platform that runs directly on a hardware environment t doesn't have to load an underlying OS first |
| CASB | Cloud Access Security Broker - address security requirements such as visibility, data protection, threat protection and compliance across public cloud services |
| Scalability | based on capability to handle the changing needs of a system within the confines of current resources |
| Elasticity | capability to expand and reduce resources as needed at any given point in time |
| Raid 0 | Raid with no fault tolerance |
| Raid 1 | Raid with mirroring and duplexing |
| Raid 5 | Independent data disk with distributed parity blocks -Longer rebuild times are one of the major drawbacks |
| Raid 10 | Requires min of 4 disks, disk 1 & 2 are Raid 1, disk 3 & 4 are also Raid 1. Together Raid 1 and second Raid 1 are Raid 0 |
| Physical detective controls | motion detectors, CCTV Monitors & alarms |
| Mantrap | holding area between two entry points where one door cannot be unlocked/opened until opposite door has been locked and closed |
| HVAC System | Overcooling with this air system causes condensation, over heating causes excessive static |
| Wet Pipe Fire Suppression System | A typical indoor sprinkler system using water |
| Dry Pipe Fire Suppression System | Instead of water for sprinklers, pipes are filled with pressurized air |
| Class A Fires | trash, wood and paper decrease temperature of fire and extinguishes blaze |
| Class B Fires | Fires usually extinguished with foam, fueled by liquids, gases or grease. Foam quenches oxygen supply. |
| Class C Fires | Fires characterized by equipment energized by electrical equipment, electrical fires, burning wires - put out using extinguishers based on Carbon Dioxide |
| PDS | A protective distribution system also called protected distribution system, makes physical access difficult by enclosing equipment and electronic access difficult by using different cables and patch panels |
Created by:
Pillsburycreative
Popular Standardized Tests sets