How can we help?

You can also find more resources in our Help Center.

51 terms

414 Ch 7

STUDY
PLAY
Time-based model of security
"relationship between preventive, detective, and corrective controls such that P > D + C"
defense-in-depth
employ multiple layers of controls in order to avoid having a single point of failure
authentication
verify the identity of the individual
biometric identifier
physical characteristic
multifactor authentication
"any combo of the three basic authentication methods (know, have, biometrics)"
authorization
restricts access of authenticated users to specific portions of system
access control matrix
table specifying which portions of the system users are permitted to access
compatibility test
matches the user's authentication credentials against the access control matrix
social engineering
deception to obtain unauthorized access to infomration resources
border router
connects information system to the internet - lets in all traffic that is not obviously false.
firewall
filters which information is allowed to enter and leave the organizations information system - only lets in traffic that is explicitly valid.
(DMZ) demilitarized zone
separate network that permits controlled access from the internet to selected resources.
(TCP) Transmission control protocol
specifies the procedures for dividing files and documents into packets
(IP) internet protocol
specifies the structure of those packets and how to route them to the proper destination
routers
reads destination address fields in IP packet headers and sends the packet on towards its destination
(ACL)access control list
determines which packets are allowed entry and which packets are not
static packet filtering
screens IP packets based on source/destination fields in IP packet header. Basically it is a blacklist established by a certain set of criteria.
stateful packet filtering
Done by the firewall and has an approved list of established connections between org. and internet. Only lets these people in. A VIP list.
deep packet inspection
Packets are opened inspected internally instead of only being examined by header. (central tool of IPS)
intrusion prevention systems (IPS)
"System that drops packets that are part of an attack. Looks for signatures, patterns of attacks, normal traffic profiling, and packet standars to prevent unwanted packets from being routed to system. " Mainly uses deep packet filtering.
remote authentication dial-in user service
Dial in users connect to a remote server and submit there log-in connection.
dial-in user service (RADIUS)
"Dial-users connect to a Remote Access Server and enter in ther log-in credentials, this information is then passed to the RADIUS Server which preforms tests to verify the identity of the user."
war dialing
dialing every number associated with the business to see if they are attached to a modem.
hosts
"Workstations, printers, mobile devices, ect, server..."
vulnerabilities
Errors or bugs in code that allow outside parties to gain a measure of control over the system.
hardening
The process of turning off unnecessary features to reduce potential security threats
encryption
The process of turning normal text into unreadable gibberish called cyphertext using an encryption key and an encryption algorythmn
plaintext
Normal readable text
ciphertext
Total gibberish created by encryption
decryption
The process of turning cyphertext into plaintext using the encryption key and a decryption algorythmn
key escrow
"process by which involves making copies of all encryption keys used by employees and storing them securely. less desirable because now the company has protect the real keys, and the copies of those keys. "
symmetic encryption systems
Same key is used to encrypt and decrypt
asymmetric encryption systems
Public Key and Private Key are used. The public is made available to everyone and the private is kept secret and known only to the owner of the pair of keys. Either one can be used to encrypt but the only the other can decrypt the cyphertext
public key
Widely distributed key
private key
key that is kept secret and only known to the owner of the pair of keys.
hashing
" a process that takes plaintext of any length and transforms it into a short code called hash. Ex.. SHA 256 takes plaintext and turns it into a 256 bit hash, no matter how big the file is. No way to convert this back to plaintext. "
hash
short code that is generated by hashing
digital signature
information encrypted by the creator's private key
digital certificate
An electronic document created and digitally signed by a trusted third party that certifies the identity of the owner of a public key.
(PKI) public key infastructure
the system and processes used to issue and manage asymmetric keys and digital certificates
certificate authority
the organization that issues the keys and record the public key in a digital certificate
e-signature
cursive style imprint of a person's name that is applied to an electronic document. Provided by a third party company and is a valid legal signature.
log analysis
Process of examining logs to monitor security
intrusion detection systems (IDS)
creates logs of network traffic and analyzes for signs of intrusion.
vulnerability scans
use automated tools to identify whether a given system possesses any well-known vulnerabilities.
penetration test
an authorized attempt to break into an information system.
computer emergency response team (CERT)
a team composed of IT professionals and senior management who deal with major incidents.
exploit
a set of instructions for taking advantage of a vulnerability.
patch
code released by the software company that fixes a particular vulnerability.
patch management
the process of regularly applying patches and updates to all software used by the organization.
Master Key
"One to Rule to All" Basically it is a master key that can be used to decrypt anything that was encrypted by the system.