Term
|
Definition
network management model made up of five functional areas:
- Fault management
- Configuration management
- Accounting management
- Performance management
- Security management
|
|
|
Term
|
Definition
| Network management function used to detect, isolate, notify and correct faults encountered in the network. This category analyzes traffic, trends, SNMP polls and alarms for automatic fault detection. |
|
|
Term
|
Definition
Network management function used to manage configuration aspects of network devices include configuration file management,
inventory management and software management |
|
|
Term
|
Definition
| Network management function used to manage usage information of network resources. |
|
|
Term
|
Definition
| Function used to monitor and measure various aspects of network performance metrics so that acceptable performance can be maintained. This includes response time, link utilization and error rates. Administrators can monitor trends and set threshold alarms. |
|
|
Term
|
Definition
network management function provides access to network devices and corporate resources to authorized individuals.
This category focuses on authentication, authorization, firewalls, network segmentation, IDS and notifications of
attempted breaches |
|
|
Term
| PENETRATION TESTING COMMON PHASES |
|
Definition
- Planning
- Discovery
- Attack
- Reporting
|
|
|
Term
| Vulnerability - Technical Errors |
|
Definition
Vulnerability cause is due to errors in design, implementation, placement or configuration
EXAMPLES:
• Coding errors
• Inadequate passwords
• Open network ports
• Lack of monitoring |
|
|
Term
|
Definition
Cause is due to errors in operation
EXAMPLES:
• Failure to monitor logs
• Failure to patch software |
|
|
Term
| Organizational Vulnerability |
|
Definition
Cause of vulnerability due to errors in management, decision, planning or from ignorance
EXAMPLES:
• Lack of policies
• Lack of awareness
• Failure to implement controls |
|
|
Term
|
Definition
A weakness in the design, implementation, operation or internal control of a process that could
expose the system to adverse threats from threat events. |
|
|
Term
|
Definition
Identifies patterns in network communications. Traffic analysis does not need to have the actual content of the communication but analyzes where traffic is taking place, when and for how long
communications occur and the size of information transferred |
|
|
Term
|
Definition
a violation or imminent threat of violation of computer security policies, acceptable use policies, or
standard security practices |
|
|
Term
|
Definition
an adverse event that negatively impacts the confidentiality, integrity and availability of data.These events may also be classified as technical or physical.
Technical incidents include viruses, malware, denial-of-service (DoS) and system failure. Physical incidents may
include social engineering and lost or stolen laptops or mobile devices |
|
|
Term
|
Definition
An attack that employs brute force methods to compromise, degrade, or destroy systems, networks or services
Example:
- Denial of service intended to impair or deny access to an application
- a brute force attack against an authentication mechanism, such as passwords or digital signatures
|
|
|
Term
|
Definition
An attack executed from a website or web-based
application.
EXAMPLE:
- Cross-site (XSS) scripting attack used to steal credentials, or
- redirect to a site that exploits a browser vulnerability & installs malware
|
|
|
Term
|
Definition
An attack executed via an email message or attachment.
EXAMPLE:
- Exploit code disguised as an attached document,
- or a link to a malicious website in the body of an email message
|
|
|
Term
| External/Removable Media Attak |
|
Definition
An attack executed from removable media or a
peripheral device
EXAMPLE:
Malicious code spreading onto a system from an
infected flash drive |
|
|
Term
|
Definition
Impersonation - An attack involving replacement of legitimate content/services with a malicious substitute
EXAMPLE:
Spoofing, man in the middle attacks, rogue wireless
access points and structured query language injection
attacks all involve impersonation |
|
|
Term
|
Definition
|
|
Term
| System hardening should implement the principle of ____________________ or ____________________ |
|
Definition
| Least priviledge and access controls |
|
|
Term
|
Definition
| multiple guests coexisting on the same server in isolation of one another. |
|
|
Term
|
Definition
| is a term that refers to documenting, in detail, how evidence is handled and maintained, including its ownership, transfer and modification. This is necessary to satisfy legal requirements that mandate a high level of confidence regarding the integrity of evidence. |
|
|
Term
| What are the 4 major considerations in the chain of events in regards to evidence in digital forensics? |
|
Definition
|
|
Term
|
Definition
This type of attack is:
1. Well-researched
2. Sophisticated - can exploit multiple vulnerabilities in a single attack
3. Stealthy - often go undetected for months and sometimes years
4. Persistent |
|
|
Term
|
Definition
|
|
