Encryption

0.0(0)
Studied by 4 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/223

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 10:40 PM on 6/24/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

224 Terms

1
New cards
2
New cards
3
New cards
4
New cards
5
New cards
Information Protection
Measures used to protect information and information systems
6
New cards
CIA Triad
Confidentiality integrity and availability
7
New cards
Confidentiality
Only authorized people can access sensitive information
8
New cards
Integrity
Data stays accurate and unchanged
9
New cards
Availability
Systems and data are accessible when needed
10
New cards
Data in Use
Data currently being opened edited or processed
11
New cards
Data in Motion
Data moving across a network
12
New cards
Data in Transit
Data traveling through wired or wireless network paths
13
New cards
Data in Flight
Data moving wirelessly
14
New cards
Data at Rest
Data saved on drives folders files or storage
15
New cards
Hashing
One way math process used to verify integrity
16
New cards
Hash Value
Output used to check whether data changed
17
New cards
Hash Collision
When two different inputs create the same hash value
18
New cards
AAA Model
Authentication authorization and accounting
19
New cards
Identification
Information provided to claim who you are
20
New cards
Authentication
Verifying that the identity is real
21
New cards
Authorization
Assigning permissions after identity is verified
22
New cards
Accounting
Logging user or system activity
23
New cards
Non Repudiation
Prevents a sender or receiver from denying an action
24
New cards
Digital Signature
Technology that supports non repudiation
25
New cards
Policy
High level plan that says what and why
26
New cards
Procedure
Step by step actions that say how
27
New cards
Principle of Least Privilege
Only give the access needed to do the job
28
New cards
PoLP
Short name for Principle of Least Privilege
29
New cards
Security Awareness Training
Training that helps users recognize and respond to security concerns
30
New cards
User Agreement
Rules users accept before using a government system
31
New cards
PII
Information that can identify a person
32
New cards
PHI
Personal health information protected by HIPAA
33
New cards
HIPAA
Law that protects personal health information
34
New cards
SOX
Law focused on corporate fraud records and investigations
35
New cards
USA Patriot Act
Law that loosens some restrictions for terrorism investigations
36
New cards
ECPA
Law related to electronic communications privacy and monitoring exceptions
37
New cards
Risk Assessment
Testing security controls to find weaknesses
38
New cards
Risk Acceptance
Accepting the risk as is
39
New cards
Risk Avoidance
Choosing not to do the risky activity
40
New cards
Risk Mitigation
Reducing the chance or impact of risk
41
New cards
Risk Transference
Passing or sharing the risk with another party
42
New cards
Event
Any observable occurrence in a system or network
43
New cards
Incident
An event that harms or could harm CIA or violates policy
44
New cards
Boundary Protection
Controls traffic crossing network boundaries
45
New cards
Network Perimeter
Defensible edge or boundary of a network
46
New cards
Service Delivery Point
Single logical point where boundary traffic is controlled
47
New cards
Serial Configuration
Security devices placed one after another
48
New cards
Parallel Configuration
Security devices placed side by side
49
New cards
Outermost Perimeter
Untrusted area between controlled assets and outside networks
50
New cards
Untrusted Network
Most insecure external side of the network
51
New cards
DMZ
Middle network segment for limited public access
52
New cards
Internal Perimeter
Boundary between outside access and trusted internal assets
53
New cards
Innermost Perimeter
Trusted internal network with protected users servers and devices
54
New cards
Trusted Network
Internal network with the highest protection
55
New cards
Public Web Server
Common asset placed in a DMZ
56
New cards
Proxy Server
Middleman that forwards requests and hides the internal client
57
New cards
Gateway
Device that connects networks with different implementations
58
New cards
System Guard
Trusted device that filters data between different security levels
59
New cards
Firewall
Device or software that allows or blocks traffic based on rules
60
New cards
Encrypted Tunneling
Encapsulating traffic so it can securely cross another network
61
New cards
VPN
Secure private connection through a public network
62
New cards
Defense in Depth
Layered defense using people technology and operations
63
New cards
People
Defense in Depth element involving training roles and accountability
64
New cards
Technology
Defense in Depth element involving tools like firewalls IDS and encryption
65
New cards
Operations
Defense in Depth element involving daily security actions and response
66
New cards
Protect Detect React
Security approach used to prevent detect and respond to attacks
67
New cards
Internal Control
Mechanisms used to monitor and protect internal resources
68
New cards
VPN Concentrator
Device that creates and manages many VPN tunnels
69
New cards
Voice Protection System
Firewall like protection for phone lines
70
New cards
War Dialer
Tool that dials many phone numbers looking for modems or weak points
71
New cards
SRTP
Secure protocol for protecting real time voice or video traffic
72
New cards
IPSec
Layer 3 protocol suite that protects IP packets
73
New cards
IPSec Transport Mode
Encrypts only the payload
74
New cards
IPSec Tunnel Mode
Encrypts the entire IP packet
75
New cards
IDS
System that detects suspicious or unauthorized activity
76
New cards
IPS
System that detects and actively blocks attacks
77
New cards
HIDS
IDS installed on and monitoring one host
78
New cards
NIDS
IDS that monitors packets on a network segment
79
New cards
HIPS
Host based intrusion prevention system
80
New cards
NIPS
Network based intrusion prevention system
81
New cards
Signature Based Detection
Detects known attack patterns
82
New cards
Anomaly Based Detection
Detects behavior that looks abnormal
83
New cards
Policy Based Detection
Detects violations of configured security policy
84
New cards
Misuse Detection
Compares activity to known attack signatures
85
New cards
Authentication Factor
Category of proof used to verify identity
86
New cards
Something You Know
Password PIN or passphrase
87
New cards
Something You Have
CAC token key fob or mobile device
88
New cards
Something You Are
Biometric trait like fingerprint or face
89
New cards
Something You Do
Behavior like keystroke pattern or gait
90
New cards
Somewhere You Are
Location IP address or geographic location
91
New cards
Two Factor Authentication
Authentication using two different factor types
92
New cards
MFA
Authentication using three or more factor types
93
New cards
CAC
Card used with a PIN for two factor authentication
94
New cards
Biometrics
Authentication using physical traits
95
New cards
Password
Something you know used for authentication
96
New cards
Token
Something you have used for authentication
97
New cards
Permissions
Access rules for what users can do
98
New cards
Access Control
Granting or denying access to resources
99
New cards
IBAC
Access control based on identity
100
New cards
MAC
Mandatory access control