Term
Encryption:
EFS (encrypted file system) |
|
Definition
- to run, hard drive must be formatted with NTFS
- encyrpted files stay encrypted if moved to another NTFS drive |
|
|
Term
|
Definition
- allows user to encrypt an entire volume on the drive
- based on AES (advanced encryption standard)
- uses 128-bit encryption key
- native only to Windows
To use BitLocker, a user will need:
A Trusted Platform Module (TPM), which is a motherboard module that stores the encrypted keys, or an external USB key to store the encrypted keys. The Group Policy will need to be changed in order to use BitLocker without a TPM.
A hard drive with two volumes, preferably created during Windows installation. One volume, which will be encrypted, is for the OS, while the other is the active unencrypted volume so the computer can boot. If the computer was configured with only one drive, download the BitLocker Drive Preparation Tool from Windows Update. |
|
|
Term
| Hard drive recycling/destruction |
|
Definition
- remove hard drives platters and smash with hammer; recycle scrap
- zero-filling (overwrite hard drives) or disk scrubbing/wiping |
|
|
Term
|
Definition
| - must follow rules and regulations |
|
|
Term
Data Security:
Classifications |
|
Definition
- defines who 'owns' the data or is responsible for it
- backed up data must follow classifications as well |
|
|
Term
Data Security:
Social Engineering |
|
Definition
| - a technique involving tricking people to give up classified or important information |
|
|
Term
Data Security:
Social Engineering:
Pretexting |
|
Definition
| - hacker pretends to be from a service provider and asks for login credentials for routine maintenance. |
|
|
Term
Data Security:
Social Engineering:
Phishing |
|
Definition
| - uses bogus websites or fraudulent emails to trick users into providing personal or financial information |
|
|
Term
Data Security:
Social Engineering:
Trojan Horse |
|
Definition
| - involve malware programs disguised as popular videos or web links that trap keystrokes or transmit sensitive information |
|
|
Term
Data Security:
Social Engineering:
Baiting |
|
Definition
- involves leaving physical media (flash drive) with what appears to be confidential information somewhere easily found
- when inserted media automatically runs and delivers various malware payloads, including backdoor access to organizations network |
|
|
Term
Data Security:
Social Engineering:
Protection |
|
Definition
Ask for ID when approached in person by somebody claiming to be from a service provider.
Ask for a name and supervisor name when contacted by phone by someone claiming to be from a service provider.
Obtain contact information for the service provider and call an authorized contact person to verify the service call or information request is legitimate.
Log into systems themselves and provide the tech the computer, rather than giving out login information.
Change passwords immediately after service calls.
Report any potential social engineering calls or in-person contacts, even if no information was exchanged. Social engineering experts can gather background information from several users and use it to create a plausible narrative and thus gain restricted system access. |
|
|
Term
|
Definition
looks for
- viruses
- trojans
- worms
- spam
- spyware
- adware
- grayware |
|
|
Term
|
Definition
aka HDD password
- prompts for a password to be entered for the hard drive when the machine boots |
|
|
Term
|
Definition
- password to prevent users from altering BIOS
- if password is forgotten, settings can be reset via a jumper setting on the motherboard or by removing the CMOS battery for several minutes |
|
|
Term
BIOS security:
intrusion detection |
|
Definition
- uses a sensor connected to pins on the motherboard to detect if the case is opened.
- if so, an interrupt is sent by the sensor which is recorded by the BIOS |
|
|
Term
BIOS security:
TPM (trusted platform module) |
|
Definition
- motherboard chip used to store encrypted keys for various encryption methods, including Bitlocker
- if HDD is removed, the drive would not allow access without TPM's encrypted keys
- if Motherboard failure, a backup copy of the keys will be needed to access any data |
|
|
Term
Locking workstation:
Hardware |
|
Definition
- BIOS pws can be used when system is powered down
- drive locks can prevent access |
|
|
