Official (ISC)² CISSP - Domain 7: Security Operations


Terms in this set (...)

Acoustic Sensors
Device that uses passive listening devices
Administrator accounts
Accounts that are assigned only to named individuals that require administrative access to the system to perform maintenance activities, and should be different and separate from a user's normal account.
Balanced Magnetic Switch (BMS)
Devices that use a magnetic field or mechanical contact to determine if an alarm signal is initiated
Chain of custody
The who, what, when, where, and how the evidence was handled—from its identification through its entire life cycle, which ends with destruction, permanent archiving, or returning ot owner.
Cipher Lock
A lock controlled by touch screen, typically 5 to 10 digits that when pushed in the right combination the lock will releases and allows entry
Configuration management (CM)
A discipline for evaluating, coordinating, approving or disapproving, and implementing changes in artifacts that are used to construct and maintain software systems
Data Leak Prevention (DLP)
A suite of technologies aimed at stemming the loss of sensitive information that occurs in the enterprise.
Egress filtering
The practice of monitoring and potentially restricting the flow of information outbound from one network to another
Infrared Linear Beam Sensors
A focused infrared (IR) light beam is projected from an emitter and bounced off of a reflector that is placed at the other side of the detection area
Instant Keys
Provide a quick way to disable a key by permitting one turn of the master key to change a lock
Intrusion Detection System (IDS)
A technology that alerts organizations to adverse or unwanted activity
The party to party litigation costs resulting from its breach of warranties
Intrusion Prevention System (IPS)
A technology that monitors activity like an IDS but will automatically take proactive preventative action if it detects unacceptable activity.
Decoy servers or systems setup to gather information regarding an attacker or intruder into your system
A centralized collection of honeypots and analysis tools
Two or more honeypots on a network
Live evidence
Data that are dynamic and exist in running processes or other volatile locations (e.g., system/device RAM) that disappear in a relatively short time once the system is powered down
Locard's exchange principle
States that when a crime is committed, the perpetrators leave something behind and take something with them, hence the exchange
Magnetic Stripe (mag stripe) cards
Consist of a magnetically sensitive strip fused onto the surface of a PVC material, like a credit card
Mortise Lock
A lock or latch that is recessed into the edge of a door, rather than being mounted to its surface.
Power users
Accounts granted greater privileges than normal user accounts when it is necessary for the user to have greater control over the system, but where administrative access is not required
Protocol Anomaly-Based IDS
Identifies any unacceptable deviation from expected behavior based on known network protocols
Proximity Card (prox cards)
Use embedded antenna wires connected to a chip within the card through RF.
Records and Information Management (RIM)
Essential activities to protect business information and can be established in compliance with laws, regulations, or corporate governance
The measure of the existing magnetic field on the media after degaussing
Rim Lock
A lock or latch typically mounted on the surface of a door, typically associated with a dead bolt type of lock
A form of software virtualization that lets programs and processes run in their own isolated virtual environment
Security Informatn and Event Management (SIEM)
A group of technologies which aggregate information about access controls and selected system activity to store for analysis and correlation
Service accounts
Accounts used to provide privileged access used by system services and core applications
Smart Cards
Credential cards with one or more microchip processing that accepts or processes infomraiton and can be contact or contact less.
Statistical Anomaly-based IDS
Analyzes event data by comparing it to typical, known, or predicted traffic profiles in an effort to find potential security breaches
The science of hiding information
Traffic anomaly-based IDS
Identifies any unacceptable deviation from expected behavior based on actual traffic structure
Time domain Reflectometry (TDR)
Send induced radio frequency (RF) signals down a cable that is attached to the fence fabric