Upgrade to remove ads

Only $2.99/month

Security+ (SY0-401) Terms

Get Quizlet's official Security+ - 1 term, 1 practice question, 1 full practice test

Terms in this set (182)

The IEEE standard that defines port-based security for wireless network access control

acceptable use policies

agreed-upon principles set forth by a company to govern how the employees of that company may use resources like computers and the internet

the means of giving or restricting user access to network resources

access control list

a table or file that specifies whether a user or group has access to a specific resource on a network

the point at which access to the network is accomplished

accountability statement

a policy that provides information to the reader about who to contact if a problem is discovered

active response

a response generated in real time

any action a user undertakes (thanks)

address resolution protocol - used to find the MAC (physical) address of a device with a known IP

an attack that convinces the network that the attacker's MAC address is the one associated with an allowed address so that traffic is wrongly sent to the attacker's machine

administrative control

a control implemented through administrative policies or procedures

the user who is accountable and responsible for the network

Advanced Encryption Standard - a FIPS publication that specifies a cryptographic algorithm for use by the US gov't

software that gathers information to pass on to marketers or that intercepts personal data such as credit card numbers and makes them available to bad guys

a 256-bit implementation of the AES

a notification that an unusual condition exists an dshould be investigated

a notification that an unusual condition exists and should be investigated

all-in-one appliance

an appliance that performs multiple functions

the component or process that analyzes the data collected by the sniffer (in an IDS or something)

annual loss expectancy - a calculation used to identify risks and calculate the expected loss each year [SLE (single loss expectancy) x ARO (annual rate of occurrence)]

annual rate of occurrence - a calculation of how often a threat will occur. if it happens every ten years it's .1 (10%)

variations from normal operations

anomaly-based IDS - an IDS that works by looking for deviations from a pattern of normal network traffic

antivirus software

software that identifies the presence of a virus and is capable of removing or quarantining it

anything as a service - a cloud computing model that can work with a combination of other models: SaaS, IaaS, PaaS

a freestanding device that operates in a largely self-contained manner

application layer

the 7th & top layer of the OSI model that deals with how applications access the network and describes application functionality such as file transfer and messaging

application programming interface - an abstract interface to the services and protocols provided by an OS

application-level proxy

a device or software that recognizes application-specific commands and offers granular control over them

arbitrary code execution

accepting commands unrelated to a program and running them on the host machine within a shell or something along those lines

a virus that is protected in a way that makes disassembling it difficult - it is 'armored' against antivirus programs trying to understand or analyze its code

aka ARP poisoning - faking your MAC address

asymmetric algorithm

an algorithm that uses two keys

asymmetric encryption

encryption in which one key is used to encrypt (public) and another is used to decrypt (private)

any unauthorized intrusion into the normal operations of a computer network. can either gain access to a system or any of its resources

the area of an application that is available to users. both those users who have been authenticated and those who have not

attack surface reduction - minimizing the possibility of exploitation by reducing the amount of code and limiting potential damage

the act of tracking resource usage by users

the means of verifying that someone is who they say they are

authentication header - a header used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays

a type of certificate technology that allows ActiveX components to be validated by a server

automated system recover disk - a utility for Win 7+ for creating a copy of the configuration settings necessary to reach the present state after a 'disaster'

an opening left in a program that allows additional access to data. typically, a backdoor is created for debugging with the intention of removing them before shipping the product. they can also be placed by malicious people.

a reversion or roll back to a previous state from a change that had negative consequences

a usable copy of data made to (removable) media and stored for later recovery

backup generator

a generator that can supply power in the event the primary provider is unable to deliver it

a documented plan governing backup situations - it can include alternate / secondary plans as well

a written policy detailing the frequency of backups and the location of the storage media

banner grabbing

looking at the banner (header info) to find out about a system

comparing performance to a historic metric

a host with multiple network interface cards so that it can reside on multiple networks or subnets

a set of rules governing basic operations

big data analysis

data that is too large to be dealt with by traditional database management means

birthday attack

a probability method of finding a collision in a hash function

a microsoft utility to encrypt a drive

a method of encryption that processes blocks of data rather than streams

a type of symmetric block cipher created by Bruce Schneier

sending unsolicited messages over bluetooth

the gaining of unauthorized access through a bluetooth connection

a router used to translate from LAN to WAN framing

an automated software program that collects information on the web. maliciously, a computer controlled by the red team

bridge trust model

a trust model in which a peer-to-peer relationship exists between the root CAs

brute-force attack

attack that is pure trial and error trying all possible combonations

buffer overflow

a type of DoS attack that occurs when more data is put into a buffer than it can hold

business continuity planning - a contingency plan that allows a business to keep running in the event of a disruption in vital resources

business impact analysis - a study of the possible impact if a disruption to the business's vital resources were to occur

a physical security deterrent used to protect a computer by locking it to somthing

an AP that requires users to agree to some condition before that can use the network / internet

a type of symmetric block cipher defined by RFC 2144

a digital entity that establishes who you are and is often used with e-commerce. it contains your name and other identifying data and usually includes the public key half of the pKI

certificate authority - an issuer of digital certificates

certificate management protocol - a messaging protocol used between PKI entities (used in some PKI environments)

certificate practice statement - the principals and procedures employed in the issuing and managing of certificates

certificate revocation

making a certificate invalid (ie in the wake of heartbleed)

certificate revocation list - a list of certificate revocations that must be downloaded regularly

challenge handshake authentication protocol - a protocol that challenges a system to verify identity. CHAP is an improvement over PAP (password authentication protocol) where one-way hashing is incorporated into a three-way handshake

change management

management included in the making of a change in the scope of any particular item

a (cryptographic) algorithm used to encrypt and decrypt data

the part of a client-server network where the computing is usually done. in a typical setting the client uses the server for storage, backups, or security

closed circuit tv - a surveillance system for physical access monitoring

moving the execution of an app to the cloud as needed (when traffic spikes)

cloud computing

a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

a method of balancing loads and providing fault tolerance

the storage and conditions for release of source code provided by a vendor, partner, or other party

looking at all the custom-written code for any holes that may exist

server room aisles that blow cold air from the floor

a physical site that can be used if the main site is inaccessible but lacks all the necessary resources to enable the organization to use it immediately. commonly plans call for turning to a cold site within a certain number of hours of destruction of the main site

an agreement between individuals to commit fraud or deceit

common access control - a standard identification card used by the DoD and other employers. is is used for authentication and ideentification

common criteria - a document of specs detailing security evaluation methods for IT products and systems

community cloud

cloud delivery model in which the infrastructure is shared by organizations with something in common

companion virus

a virus that creates a new program that runs in place of an expected program of the same name

compensating controls

gap controls that fill in the coverage between other types of vulnerability mitigation techniques

computer security incident response team - a formalized or ad-hod team you can call upon to respond to an incident after it arises

connection-oriented protocol

a type of communications between two hosts that have a previous session established for synchronizing sent data. the receiving host acknowledges the data. this allows for guaranteed delivers. TCP is connection oriented and UDP is not.

contingency plan

a plan that allows a business to keep running in the event of a disruption to vital resources

processes or actions used to respond to situations or events

technical or administrative measures in place to assist with resource management

a plain text file stored on your machine that contains information about you that's used by a server

counter mode with cipher block chaining messaging authentication code protocol - a wrapper that uses 128-bit AES encryption with a 48-bit initialization vector

critical business functions - functions on which the livelihood of the company depend

cross-site request forgery - a form of web0based attack in which unauthorized commands are sent from a user that the website trusts

cross-site scripting - running a script routine on a user's machine from a website without their permission

the study and practice of finding weaknesses in ciphers

a person who does cryptanalysis

a person who participates in the study of cryptographic algorithms

cryptographic algorithm

an algorithm used to encrypt and decrypt data (aka cipher)

the field of mathematics focused on encrypting and decrypting data

getting rid of or destroying media that is no longer needed

data encryption standard - the primary standard used in government and industry until it was replaced by AES

data loss prevention - ant systems that identify, monitor, and protect data to prevent it from unauthorized use, modification, or destruction

a policy dealing with some aspect of data (usage, destruction, retention, etc)

deception active response

a response that fools the attacker into thinking that the attack is succeeding while the system monitors the activity and potentially redirects the attacker to a system designed to be broken (honeypots)

demilitarized zone - an area for placing web and other servers outside the firewall. the purpose for doing so is not specifically to protect them but to protect the internal network (or protecting the app/db server)

denial-of-service - a type of attack that prevents any users from using a system

reviewing the security design, including the ports and protocols used, the rules, segmentation, and access control

detective control

controls that are intended to identify and characterize an incident in progress (like sounding an alarm and telling the admin)

dictionary attack

the act of attempting to crack passwords by testing them against a list of dictionary words.

differential backup

a type of backup that includes only new files or files that have changed since the last backup. differential backups differ from incremental backups in that they don't clear the archive bit upon completion

diffie-hellman key exchange

an asymmetric standard for exchanging keys. primarily used to send private keys over public networks.

digital signature

an asymmetrically encrypted signature whose sole purpose is to authenticate the sender

directory traversal attack

an attack that involves navigating to other directories an gaining access to files and directories that would otherwise be restricted

disaster recovery

the act of recovering data following a disaster that destroyed it.

disaster-recovery plan

a plan outlining the procedure by which data is recovered after a disaster

discretionary access control - a method of restricting access to objects based on the identity of the subjects or the groups to which they belong. the user can assign permissions to data and assets at their discretion

technology that uses two controllers and two disks to keep identical copies of data to prevent the loss of data if one disk fails

technology that keeps identical copies of data in two disks to prevent the loss of data if one disk fails

technology that enables writing data to multiple disks simultaneously in small portions called stripes. these stripes maximize use by having all of the read/write heads working constantly. different data is stored on each disk and isn't automatically duplicated (not fault tolerant)

disk striping with parity

a fault-tolerant solution of writing data across a number of disks and recording the parity on another (aka disk striping with a parity disk). in the event that any one disk fails, the data on it can be recreated by looking at the remaining data and computing parity to figure out the missing data

distributed denial of service attack - a derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public. usually done by compromised systems or botnets or a combination

an attack method in which a daemon caches DNS reply packets which sometimes contain other information. the extra information can be scanned for data useful in a break in or MitM attack

the DNS server is given information about a name server that it thinks is legit when it isn't

domain name system - the network service used in TCP/IP networks that translates hostnames to IP addresses

dual-homed firewall

a host that resides on more than one network and possesses more than one network card

dumpster diving

looking through trash for clues like passwords or usernames or something

dynamic host configuration protocol - a protocol used in TCP/IP networks to send client configuration data (IP address, default gateway, subnet mask, DNS configs) to clients. it uses a four step process: discover, offer, request, acknowledgment

EAP (extensible authentication protocol) over LAN - the IEEE standard the defines port-based security for wireless network access control. it offers a means of authentication and defines the EAP over IEEE 802, and it is often known as 802.1x

dynamic provisioning of resources as needed

electromagnetic interference - the interference that can occur during the transmissions over copper cable because of EM energy outside of the cable. it results in a degraded signal.

electronic wallet

a device that identifies you electronically in the same way as the cards you carry in your wallet

elliptic curve cryptography - a type of public key cryptosystem that requires a shorter key length than many other cryptography systems (like RSA)

encapsulating security payload - a header used to provide a mix of security services in IP4 and IP6. ESP can be used alone or in combination with the IP authentication header (AH)

the process of enclosing data in a packet

the process of converting data into a form that makes it less likely to be usable to anyone intercepting it if they can't decrypt it

a string of alphanumeric characters used to decrypt encrypted data

the process of luring someone

the process of encouraging an attacker to perform an act even if they don't want to do it

a key that exists only for that session

the act of moving something up in priority. usually an issue is escalated to the next highest administrator

evaluation assurance levels - a level of assurance, expressed as a numeric value, based on standards set by the CCRA (common criteria recognition agreement)

any noticeable action or occurrence

exception statement

a statement that differs from the norm

extensible authentication protocol - an authentication protocol used in wireless networks and point-to-point connections.

the process of reconstructing a system or switching over to other systems when a failure is detected

an event that should be flagged but isn't

a flagged event that isn't really an event and has been falsely triggered

an electrically conductive wire mesh or other conductor woven into a cage that surrounds a room and prevents electromagnetic signals from entering or leaving

fault tolerance

the ability to withstand a failure without losing data

fibre channel over ethernet - a networking protocol that is not routable at the IP layer and thus cannot work across large networks

federal information processing standard - a set of guidelines for US Federal government information systems

federated identity

a means of linking a user's identity with their privileges in a manner that can be used across business boundaries.

a collection of computer networks that agree on standards of operation such as security standards

a high speed networking technology (solid definition)

file allocation table - microsoft's earliest filesystem

file transfer protocol - TCP/IP software that permit transferring files between computer systems and use cleartext passwords

fire suppression

the act of stopping a fire and preventing it from spreading

a combination of hardware and software that protects a network form attack by hackers who could gain access through public networks like the internet

five nines availability

a system that is up & running 99.999% of the time or more

the process of systematically identifying the network and its security posture (usually a passive process)

in terms of security, the act of looking at all the data at your disposal to try to figure out who gained unauthorized access an the extent of that access

forward secrecy

a property of any key exchange system that ensures that if one key is compromised, subsequent keys will not also be compromised

FTP over SSL - a secure form of FTP

full archival method

a concept that works on the assumption that any information created on any system is stored FOREVER

a backup that copies all data to the archive medium

full distribution

an information classification stating that the data classified is available to everyone

a technique of penetration testing that can include providing unexpected values as input to an application to make it crash

vulnerability possible when the interconnection between the WAP server and the internet is not encrypted and packets between devices may be intercepted

grandfather, father, son method

one of the most popular methods of backup tape rotation. Three sets of tapes are rotated in this method. The most recent backup after the full backup is the Son. As newer backups are made, the Son becomes the Father, and the Father, in turn, becomes the Grandfather. At the end of each month, a full backup is performed on all systems. This backup is stored in an offsite facility for a period of one year. Each monthly backup replaces the monthly backup from the previous year. Weekly or daily incremental backups are performed and stored until the next full backup occurs. This full backup is then stored offsite, and the weekly or daily backup tapes are reused

virtual machines running on a physical machine

rules, policies, or procedures that are advisory or nonmandatory

the process of making certain that an entity is as secure as possible

hash based message authentication code - a mechanism for message authentication using cryptographic hash functions

THIS SET IS OFTEN IN FOLDERS WITH...

CompTIA Security+ (SY0-401)

245 terms

COMPTIA Security+ (SY0-401) Ports & Protocols

32 terms

Security +

264 terms

SY0-401 Security+ Port Objective

27 terms

YOU MIGHT ALSO LIKE...

CyberSecurity Final Test Prep

56 terms

CISA - Chapter 5

75 terms

Security + Acronyms

225 terms

BPA Computer Security

84 terms

OTHER QUIZLET SETS

Network+ Terms Part 2

51 terms

Security+ Chapter 11 Key Terms

24 terms

INFS 4300 - Ch. 12

35 terms

MIST356 Ch. 11

96 terms