Studied by 7 people
Looks like no one added any tags here yet for you.
Confidentiality
Ensures data is not disclosed to unintended people
Integrity
Ensures data is not tampered with
Availability
Uptime of system to make data accessible
Non-repudiation
Validation of a message’s origin
Security
Protection against danger, damage, loss, and criminal activity
Asset
Value to an individual/organization
Threat
Potential to cause the loss of an asset
Threat Agent
Person/entity attempting to carry out a threat
Vulnerability
Weakness in a system
Exploit
Act/procedure/software taking advantage of a vulnerability
Malware
Software to take over/damage a computer without consent
Virus
Program damaging computer systems and replicating
Worm
Self-replicating malware
Trojan horse
Malicious program disguised as legitimate software
Zombie
Infected computer controlled by a central command center
Botnet
Group of zombie computers controlled centrally
Rootkit
Programs allowing hidden admin access
Logic Bomb
Malware executing under predefined conditions
Spyware
Software intercepting or controlling a user’s computer
Adware
Monitors user preferences and sends matching ads
Ransomware
Denies access until a ransom is paid
Scareware
Deceptive emails to trick users
Crimeware
Malware for identity theft
Social engineering
Attack involving human interaction for access
Footprinting
Gathering info about an organization
Pretexting
Persuading someone with a fake scenario
Elicitation
Extracting info without arousing suspicion
Pharming
Redirecting URL traffic to attacker’s site
Typosquatting
Leading users to URLs due to mistakes
Whaling
Targeting senior executives and high-profile victims
Vishing
Using VoIP for phishing
Spear phishing
Sending personalized emails to victims
Air gap
Physically isolating a network portion
Faraday cage
Blocks electromagnetic emissions
Hardening
Securing devices by reducing security exposure
Hotfix
Quick fix for a specific software problem
Patch
Thoroughly tested fix for wider deployment
Service pack
Collection of patches and enhancements for deployment.
Trusted Operating System/TOS
Operating system hardened and validated to a specific security level, supporting multilevel security where users can't access data at different classification levels.
Security baseline
Part of a configuration baseline ensuring workstations and servers comply with security goals of the organization.
Standard Operating Environment/SOE
Implemented as a standard disk image for deploying new computers, based on TOS and fully patched.
Manage software
Ensuring up-to-date licenses, installing security software, needed software only, avoiding untrusted software, and reducing attack surface by limiting applications and services.
Security zone
Network/system portion with specific security concerns.
Wireless network
Network without physical connections.
Guest network
Provides internet access to guest users with firewall regulation.
Honeynet
Special network to trap potential attackers.
Ad hoc
Decentralized network allowing direct connections between devices.
Intranet zone
Private network using internet services internally.
Internet
Public network with publicly available servers.
Extranet
Privately controlled network between the internet and a private LAN.
Demilitarized zone
Network with publicly accessible resources between private network and untrusted network.
Proxy server
Firewall intermediary between clients and servers.
Internet content filter
Software to monitor and restrict web content.
Network access control
Software controlling network access based on security requirements.
All-in-one security appliance
Device combining multiple security functions.
Application-aware device
Device managing network traffic based on application-layer protocol.
Intelligence Fusion
Sharing information between multiple government agencies and private security firms.
Vulnerability Scan
Process of capturing and analyzing packets to identify security weaknesses in a network, computer system, local applications, or web applications.
Common Vulnerability Scoring System (CVSS)
System that ranks vulnerabilities based on severity.
Security Information and Event Management (SIEM)
Tool that gathers network information and centralizes it for analysis to detect threats.
Security Orchestration, Automation, and Response (SOAR)
Solution stack of compatible software programs that collect and respond to security threats automatically.
Man-In-The-Middle (MITM) Attack
Hacker intercepts communication between two devices.
ARP Poisoning
Attack targeting the ARP protocol where the attacker changes the ARP cache by spoofing the IP address of a target.
MAC Spoofing
Hacker spoofs the MAC address of the gateway to overwrite the gateway’s MAC address in the switch’s CAM table.
MAC Flooding
Attack where the attacker overwhelms a network switch by sending a large number of Ethernet frames with various MAC addresses.
DNS Attack
Attack that targets the Domain Name System service.
Distributed Denial of Service (DDoS)
Attack designed to overwhelm a target with more data than it can handle, causing a shutdown.
Macros
Code used to perform a series of steps or functions within an application.
Brute Force Attack
Password attack where a cracking tool submits every possible combination of letters, numbers, and symbols in a short amount of time.
Password Spraying
Brute force attack that uses the same password across multiple user accounts.
Dictionary Attack
Brute force attack where a hacker uses a list of words or phrases to guess the password.
Rainbow Attack
Attack using special tables with common passwords and generated hashes of each password.
Dumpster Diving
Social engineering attack where an attacker searches through trash to find important documents or information.
Packet Capture
Process of collecting Layer 3 (Network) information over the wire, like IP addresses.
TCPDUMP
Linux tool for collecting packet data for later analysis.
Wireshark
Network protocol analyzer tool.
Secure Shell (SSH)
Remote admin protocol for secure connections to remote systems.
PuTTY
Open-source software supporting various protocols like SSH and Telnet.
Secure Sockets Layer (SSL)
Encryption protocol for secure connections to remote systems.
Public Key Infrastructure (PKI)
System for secure data transmission using key pairs and certificates for verification.
Fault Tolerance
Ability to respond to unexpected hardware/software failures without data loss.
Redundancy
Method for providing fault tolerance by using duplicate or multiple components performing the same function.
Geo Dispersion
Storing data in multiple locations to mitigate downtime due to loss of availability at one location.
Multipath
Fault-tolerance technique providing multiple physical paths between a CPU and a mass-storage device.
Load Balancers
Process distributing processing among multiple nodes.
Uninterrupted Power Supply (UPS)
Stand-alone power supply allowing servers to be gracefully shut down during a power outage.
Active/Active
Two load balancers working together to distribute network traffic.
Active/Passive
Two load balancers with one active and the other in standby mode to take over if the active one fails.
Virtual IP
IP address usable by multiple endpoints, commonly used in failover systems and for load balancing.
Storage Area Network (SAN)
High-speed network of storage devices, typically used for file shares.
Full Backup
Captures all data on a machine, usually the first backup to be run.
Incremental Backup
Contains all changes since the last incremental backup.
Differential Backup
Contains all changes since the last full backup.
Snapshot
Instant copy of an individual computer, often used on virtual machines for reverting changes.
Network Storage Appliance (NAS)
Device used to store backups or other files.
Scalability
Ability to increase or decrease data storage space.
Restoration Order
Pre-planned sequence for restoring servers following a disastrous event based on their importance.
3-2-1 Rule
Backup strategy requiring three copies of each complete backup, two kept on-site on different appliances, and one kept off-site.
Note
Flashcard