Security+ Guide to Network Security Fundamentals Ch. 1 Terms

Lack of vendor support

When the company that made a device provides no support for the device.

Weak configuration

Configuration options that provide limited security choices.

End-of-life systems

System for which vendors have dropped all support for security updates due to the system's age.

Misconfiguration

An incorrectly configured device.

Default configurations

The out-of-the-box security configuration settings.

Improperly configured accounts

Account set up for a user that might provide more access than is necessary.

Architecture/design weaknesses

Deficiencies in software due to poor design.

Improper input handling

Software that allows the user to enter data but does not validate or filter user input to prevent a malicious action.

Improper error handling

Software that does not properly trap an error condition and provides an attacker with underlying access to the system.

Race condition

A software occurrence when two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.

Vulnerable business processes

A situation in which an attacker manipulates commonplace actions that are routinely performed; also called business process compromise.

Resource exhaustion

A situation in which a hardware device with limited resources (CPU, memory, file system storage, etc.) is exploited by an attacker who intentionally tries to consume more resources than intended.

System sprawl

The widespread proliferation of devices across an enterprise.

Undocumented assets

Devices that are not formally identified or documented in an enterprise.

Untrained users

Users with little or no instruction in making security decisions.

New threat

A threat that has not been previously identified.

Zero day

An attack in which there are no days of warning.

Confidentiality

Security actions that ensure that only authorized parties can view the information.

Integrity

Security actions that ensure that the information is correct and no unauthorized person or malicious software has altered the data.

Asset

An item that has value.

Availability

Security actions that ensure that data is accessible to authorized users.

Threat

A type of action that has the potential to cause harm.

Threat actor

A person or element that has the power to carry out a threat.

Vulnerability

A flaw or weakness that allows a threat agent to bypass security.

Risk

A situation involving exposure to danger.

Risk response techniques

Different options available when dealing with risks.

Transfer

A response to risk that allows a third party to assume the responsibility of the risk.

Accept

A response to risk that acknowledges the risk but takes no steps to address it.

Avoid

A response to risk that identifies the risk and the decision is made to not engage in the risk-provoking activity.

Sophisticated

Threat actors that have developed a high degree of complexity.

Mitigate

Addressing risks by making risks less serious.

Funding and resources

An attribute of threat actors that can vary widely.

Attributes

Characteristic features of the different groups of threat actors.

Internal

The location within an enterprise in which some threat actors perform.

External

The location outside an enterprise in which some threat actors perform.

Intent and motivation

The reasoning behind attacks made by threat actors.

Script kiddies

Individual who lacks advanced knowledge of computers and networks and so uses downloaded automated attack software to attack information systems.

Hacktivists

A group of threat actors that is strongly motivated by ideology.

Open-source intelligence

Freely available automated attack software.

Nation state actors

State-sponsored attackers employed by a government for launching computer attacks against foes.

Insiders

Employees, contractors, and business partners who can be responsible for an attack.

Competitors

Threat actors that launch attack against an opponents' system to steal classified information.

Advanced Persistent Threat (APT)

A new class of attack that uses innovative attack tools to infect a system and then silently extracts data over an extended period.

Organized crime

Threat actors that are moving from traditional organized criminal activities to more rewarding and less risky online attacks

Defense-in-depth

Creating multiple layers of security defenses through which an attacker must penetrate; also called layered security.

Layered security

Creating multiple layers of security defenses through which an attacker must penetrate; also called defense-in-depth.

User training

Instructing employees as to the security reasons behind security restrictions.

Technical controls

Using technology that is carried out or managed by devices as a basis for controlling the access to and usage of sensitive data.

Control diverisity

Having different groups responsible for regulating access to a system.

Vendor diversity

Using security products provided by different manufacturers.

Administrative controls

Security controls for developing and ensuring that policies and procedures are carried out; regulating the human factors of security.

Industry-standard frameworks

"Supporting structures" for implementing security; also called reference architectures.

Reference architectures

"Supporting structures" for implementing security; also called industry-standard frameworks.

Industry-specific frameworks

Frameworks/architectures that are specific to a particular industry or market sector.

Regulatory

Information security frameworks/architectures that are required by agencies that regulate the industry.

Non-regulatory

Information security frameworks/architectures that are not required.

International

Information security framework/architectures that are worldwide.

National

Information security framework/architectures that are domestic.