Shared Flashcard Set

Details

Security + Chapter 10
Security + Chapter 10
27
Computer Science
Not Applicable
08/02/2012

Additional Computer Science Flashcards

 


 

Cards

Term
Vulnerability
Definition
Weaknesses in your computer network design and individual host configuration.
Term
Risk
Definition
The possibility of a malicious attack or other threat causing damage or downtime to a computer system.
Term
Risk Management
Definition
The identification, assessment, and prioritization of risks, and the mitigating and monitoring of those risks.
Term
IA
Definition

Information Assurance

 

The practice of managing risks that are related to computer
hardware and software systems.

Term
Residual Risk
Definition
The risk that is left over after a security and disaster recovery plan have been implemented.
Term
Risk Assessment
Definition
The attempt to determine the amount of threats or hazards that could possibly occur in a given amount of time to your computers and networks.
Term
Qualitative Risk Assessment
Definition
An assessment that assigns numeric values to the probability of a risk and the impact it can have on the system or network.
Term
Quantitative Risk Assessment
Definition
An assessment that measures risk by using exact monetary values.
Term
Risk Mitigation
Definition
When a risk is reduced or eliminated altogether.
Term
Risk Transference
Definition
The transfer or outsourcing of risk to a third party. Also known as risk sharing.
Term
Risk Avoidance
Definition
When an organization avoids risk because the risk factor is too great.
Term
Risk Reduction
Definition
When an organization mitigates risk to an acceptable level.
Term
Risk Acceptance
Definition
The amount of risk an organization is willing to accept. Also known as risk retention.
Term
Vulnerability Management
Definition
The practice of finding and mitigating software vulnerabilities in computers and networks.
Term
Vulnerability Assessment
Definition
Baselining of the network to assess the current security state of computers, servers, network devices, and the entire network in general.
Term
Penetration Testing
Definition
A method of evaluating the security of a system by simulating one or more attacks on that system.
Term
OVAL
Definition

Open Vulnerability and Assessment Language

 

A standard and a programming language designed to standardize the transfer of secure public information across networks and the Internet utilizing any security tools and services available.

Term
Network Mapping
Definition
The study of physical and logical connectivity of networks.
Term
Vulnerability Scanning
Definition
The act of scanning for weaknesses and susceptibilities in the network and on individual systems.
Term
Port Scanner
Definition
Software used to decipher which ports are open on a host.
Term
Protocol Analyzer
Definition
Software tool used to capture and analyze packets.
Term
Password Cracker
Definition
Software tool used to recover passwords from hosts or to discover weak passwords.
Term
Dictionary Attack
Definition
A password attack that uses a prearranged list of likely words, trying each of them one at a time.
Term
Brute Force Attack
Definition
A password attack where every possible password is attempted.
Term
Cryptanalysis Attack
Definition
A password attack uses a considerable set of precalculated encrypted passwords located in a lookup table.
Term
Rainbow Tables
Definition
In password cracking, a set of precalculated encrypted passwords located in a lookup table.
Term
Salting
Definition
The randomization of the hashing process to defend against cryptanalysis password attacks and Rainbow Tables.
Supporting users have an ad free experience!