Advertisement Upgrade to remove ads

Time-based model of security

"relationship between preventive, detective, and corrective controls such that P > D + C"

defense-in-depth

employ multiple layers of controls in order to avoid having a single point of failure

authentication

verify the identity of the individual

biometric identifier

physical characteristic

multifactor authentication

"any combo of the three basic authentication methods (know, have, biometrics)"

authorization

restricts access of authenticated users to specific portions of system

access control matrix

table specifying which portions of the system users are permitted to access

compatibility test

matches the user's authentication credentials against the access control matrix

social engineering

deception to obtain unauthorized access to infomration resources

border router

connects information system to the internet - lets in all traffic that is not obviously false.

firewall

filters which information is allowed to enter and leave the organizations information system - only lets in traffic that is explicitly valid.

(DMZ) demilitarized zone

separate network that permits controlled access from the internet to selected resources.

(TCP) Transmission control protocol

specifies the procedures for dividing files and documents into packets

(IP) internet protocol

specifies the structure of those packets and how to route them to the proper destination

routers

reads destination address fields in IP packet headers and sends the packet on towards its destination

(ACL)access control list

determines which packets are allowed entry and which packets are not

static packet filtering

screens IP packets based on source/destination fields in IP packet header. Basically it is a blacklist established by a certain set of criteria.

stateful packet filtering

Done by the firewall and has an approved list of established connections between org. and internet. Only lets these people in. A VIP list.

deep packet inspection

Packets are opened inspected internally instead of only being examined by header. (central tool of IPS)

intrusion prevention systems (IPS)

"System that drops packets that are part of an attack. Looks for signatures, patterns of attacks, normal traffic profiling, and packet standars to prevent unwanted packets from being routed to system. " Mainly uses deep packet filtering.

remote authentication dial-in user service

Dial in users connect to a remote server and submit there log-in connection.

dial-in user service (RADIUS)

"Dial-users connect to a Remote Access Server and enter in ther log-in credentials, this information is then passed to the RADIUS Server which preforms tests to verify the identity of the user."

war dialing

dialing every number associated with the business to see if they are attached to a modem.

hosts

"Workstations, printers, mobile devices, ect, server..."

vulnerabilities

Errors or bugs in code that allow outside parties to gain a measure of control over the system.

hardening

The process of turning off unnecessary features to reduce potential security threats

encryption

The process of turning normal text into unreadable gibberish called cyphertext using an encryption key and an encryption algorythmn

plaintext

Normal readable text

ciphertext

Total gibberish created by encryption

decryption

The process of turning cyphertext into plaintext using the encryption key and a decryption algorythmn

key escrow

"process by which involves making copies of all encryption keys used by employees and storing them securely. less desirable because now the company has protect the real keys, and the copies of those keys. "

symmetic encryption systems

Same key is used to encrypt and decrypt

asymmetric encryption systems

Public Key and Private Key are used. The public is made available to everyone and the private is kept secret and known only to the owner of the pair of keys. Either one can be used to encrypt but the only the other can decrypt the cyphertext

public key

Widely distributed key

private key

key that is kept secret and only known to the owner of the pair of keys.

hashing

" a process that takes plaintext of any length and transforms it into a short code called hash. Ex.. SHA 256 takes plaintext and turns it into a 256 bit hash, no matter how big the file is. No way to convert this back to plaintext. "

hash

short code that is generated by hashing

digital signature

information encrypted by the creator's private key

digital certificate

An electronic document created and digitally signed by a trusted third party that certifies the identity of the owner of a public key.

(PKI) public key infastructure

the system and processes used to issue and manage asymmetric keys and digital certificates

certificate authority

the organization that issues the keys and record the public key in a digital certificate

e-signature

cursive style imprint of a person's name that is applied to an electronic document. Provided by a third party company and is a valid legal signature.

log analysis

Process of examining logs to monitor security

intrusion detection systems (IDS)

creates logs of network traffic and analyzes for signs of intrusion.

vulnerability scans

use automated tools to identify whether a given system possesses any well-known vulnerabilities.

penetration test

an authorized attempt to break into an information system.

computer emergency response team (CERT)

a team composed of IT professionals and senior management who deal with major incidents.

exploit

a set of instructions for taking advantage of a vulnerability.

patch

code released by the software company that fixes a particular vulnerability.

patch management

the process of regularly applying patches and updates to all software used by the organization.

Master Key

"One to Rule to All" Basically it is a master key that can be used to decrypt anything that was encrypted by the system.

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set