ssett Set11.2

Accountability

the ability to trace actions on a protected system back to a specific person

Non-repudiation

a security concept that ensures a user cannot deny having performed a transaction

Technical controls

the hardware and software components that protect a system against cyberattack

Administrative controls

security policies, standards, procedures, baselines (control)

OAuth 2.0

an authorization protocol, that grants access to a set of resources with access tokens

Two-Way Trust

Users in two domains can access resources in the other

One-Way Trust

Users in a trusted domain can access resources in the trusting domain, but not the other way around

Transitive trust relationships

trust flows upward through a domain tree as it is formed

identity proofing

The process of providing sufficient information (e.g., identity history, credentials, documents) to establish an identity

RFC (request for change)

starts formal change control process

CCB (change control board)

where an RFC is sent to

Privacy

providing a means of controlling information distribution

To keep people honest

why are locks used on doors?

Physical

what type of access control is the first line of defense?

Asset

anything required to complete a business task

Implicit deny

the security concept that all other concepts are based on

Logging

what TECHNICAL control is used to assess compliance?

Data declassification

what to do when data is no longer important to reduce security levels

Configuration management

used to track and manage assets and their relation to one another

Spiral model

uses a Plan-Do-Check-Act method before deployment

Application Programming Interface

API

Heigharchal Trust

trust based on the concept of a top entity that is trusted by all lower levels and entities

Need to know

Means by which granular control of objects is implemented in a MAC

Shibboleth

SSO system that uses SAML, defines auth on web pages

Subject Based AC

Attribute-based AC is also known as

Session Key (SK)

What does Kerberos use to validate user identity

OpenID Connect

What authenticates a users google account?

agent

program that performs services on behalf of another in another environment

Remote Auth Dial-In user service

RADIUS

Open Database Connectivity (ODBC)

interface language that is an API for databases

User entitlement

rights and privileges assigned to a user

Two accounts, an extra for special tasks

In regards to accounts, An administrator user should have ___

Confidentiality, Integrity, Non-Repudiation

What is provided with the WPS SOAP extension

Annualized Loss Expectancy

ALE

Cost of the Countermeasure

CCM

Exposure Factor (EF)

prediction to the percentage of loss from a threat to an asset

Simple Network Management Protocol (SNMP)

An SEIM retrieves event details using the _____ protocol

Open Vulnerability Assessment Language

OVAL

Signature

An entry in a database describing a violation used to match real time events to detect attacks

Speed

The ___ of notification is most important in regards to security findings

Level of response

Why is it important to consider the impact of a treat? To determine the __ ___ ___

Senior Management

Risk acceptance documents have to be signed by_____ ______

Management Information Base (MIB)

database used to interpret details of SNMP comms

0

Emergency code log #

1

Alert code log #

2

Critical code log #

3

Error code log #

4

Warning code log #

5

Notice code log #

6

Informational code log #

7

Debug code log #

Source System

Anything that records or maintains data of interest

Secret Key

The only way decryption can occur is with a ____

Binary

cryptographic keys are composed in ____

X.509

Certificate standard used with PKI

Serial numbers

How does a web of trust model provide security

Subjects pub key signed by CA priv key

How digital certs are created

Recovery point Objective (RPO)

Maximum data that can be lost before the business goes under

Key Space

Range of values that can be used to control symmetric encryption function

Cipher Suite

parameters set by Web browsers that define supported encryptions during TLS

Pretty Good Privacy (PGP)

gives email confidentiality through random symmetric keys and public keys, uses WoT

Key management Protocol

KMP

Digital Signatures

What does S/MIME use for integrity

Signature-based detection

detects incidents based on a collected sample of the activity

Integrity

The goal of a forensic investigator

Asymmetric

Encryption based on trap-door one-way functions

Human life

The highest concern with the disaster recovery plan

Write blocker

First step performed by forensic personnel? Connect the device to a _____

SSH and HTTPS

Allows secure access to a management console on a private network. ___ and ___

Tree

Topology that combines multiple network topologies

Malicious Mobile Code

Most significant threat when browsing the internet

Bandwidth throttling

limiting network traffic to make room

Bluesniffing

malicious attack using Bluetooth

Bluesmacking

Bluetooth-based DoS attack

Bluesnarfing

only Bluetooth attack that cannot be prevented by turning it off

12, 13, 14

only IEEE 802.11 2.4 GHz channels not allowed in US

A

5GHz, <54MBps: IEEE 802.11_

B

2.4GHz, <11MBps: IEEE 802.11_

G

2.4GHz, <54MBps: IEEE 802.11_

N

bothGHz, <600MBps: IEEE 802.11_

AC

5GHz, <500MBps: IEEE 802.11_

DoS

Installing a firmware update then stopping it is a form of a ___ attack

Routing Information Protocol

RIP

Open Shortest Path First

OSPF

Corporate-owned, personally enabled

COPE

Appliance

A pre-setup guest OS

Bus

Ethernet is always in the network topology of a ___

Mesh

Most fault-tolerant network topology

Thin client

Allows users to use a machine where all computing power is on a centralized server

Signature and Hash

Checking these to make sure the file is not malicious

Anti-spoofing

Router function that checks against an ACL

Z-wave

Wireless tech that uses mesh and central controller, normally in homes

Vlan

Created by a switch but needs a routing function to go between segments

VPN

Gives protection against eavesdropping and session hijacking

WPA3

Strongest network protocol and uses SAE and individualized data encryption

Host

H in HIDS

Stateful inspection firewall

can discard TCP segments

FIN flag

Used to start the graceful shutdown of a session

Proxy

Border device used for NAT and content caching

X

Standard Implemented on a WAP to eliminate password guessing attacks: IEEE 802.11_