Shared Flashcard Set

Details

Security+ SYS-401 Glossary
Security+ SYS-401 Glossary Terms & Definitions
55
Computer Science
Professional
01/26/2015

Additional Computer Science Flashcards

 


 

Cards

Term
Account Policy
Definition
A document that includes an organization's user account management guidelines.
Term
ALE
Definition
(annual loss expectancy) The total cost of a risk to an organization on an annual basis.
Term
3DES
Definition
(Triple DES) A symmetric encryption
algorithm that encrypts data by processing
each block of data three times, using a
different DES key each time.
Term
802.ll
Definition
A family of specifications developed by the
IEEE for wireless LAN technology.
Term
802.lla
Definition
A fast, secure, but relatively expensive
protocol for wireless communication. The
802.11a protocol supports speeds up to 54
Mbps in the 5 GHz frequency.
Term
802.llac
Definition
A wireless communication protocol that
improves upon 802.11n by adding wider
channels to increase bandwidth.
Term
802.llb
Definition
The first specification to be called Wi-Fi, 802.11b is the least expensive wireless
network protocol used to transfer data
among computers with wireless network
cards, or between a wireless computer or
device and a wired LAN. The 802.11 b
protocol provides for an 11 Mbps transfer
rate in the 2.4 GHz frequency.
Term
802.llg
Definition
A specification for wireless data
throughput at the rate of up to 54 :Mbps in the 2.4 GHz band that is a potential
replacement for 802.11 b.
Term
802.l1 n
Definition
A wireless standard for home and business
implementations that adds QoS features
and multimedia support to 802.11 a and
802.11b.
Term
802.lx
Definition
An IEEE standard used to provide a port-based
authentication mechanism over a
LAN or wireless LAN.
Term
access control
Definition
In security terms, the process of
determining and assigning privileges to
various resources, objects, and data.
Term
account federation
Definition
The practice of linking a single account
across many different management
systems.
Term
account management
Definition
A common term used to refer to the
processes, functions, and policies used to effectively manage user accounts within an organization.
Term
account phishing
Definition
In social networking, an attack where an
attacker creates an account and gets on the friends list of an individual just to obtain information about the individual
and their circle of friends or colleagues.
Term
account policy
Definition
A document that includes an organization's
user account management guidelines.
Term
account privileges
Definition
Permissions granted to users that allow
them to perform various actions such as
creating, deleting, and editing files, and also accessing systems and services on the
network.
Term
accountability
Definition
In security terms, the process of
determining who to hold responsible for a
particular activity or event.
Term
accounting
Definition
In security terms, the process of tracking
and recording system activities and
resource access.
Term
ACL
Definition
(Access Control List) In a DAC access
control scheme, this is the list that is
associated with each object, specifying the subjects that can access the object and their levels of access.
Term
Active Directory
Definition
The standards-based directory service from
Microsoft that runs on Microsoft Windows
servers.
Term
adware
Definition
Software that automatically displays or
downloads advertisements when it is used.
Term
AES
Definition
(Advanced Encryption Standard) A
symmetric 128-, 192-,or 256-bit block
cipher based on the Rijndael algorithm
developed by Belgian cryptographers Joan
Daemen and Vincent Rijmen and adopted
by the U.S. government as its encryption
standard to replace DES.
Term
ALE
Definition
(annual loss expectancy) The total cost of a
risk to an organization on an annual basis.
Term
all-in-one security appliance
Definition
A single network device that is used to
perform a number of security functions to
secure a network.
Term
anomaly-based monitoring
Definition
A monitoring system that uses a database
of unacceptable traffic patterns identified
by analyzing traffic flows.
Term
anti-malware software
Definition
A category of software programs that scan
a computer or network for known viruses,
Trojans, worms, and other malicious
software.
Term
anti-spam
Definition
A program that will detect specific words
that are commonly used in spam messages.
Term
anti-spyware
Definition
Software that is specifically designed to
protect systems against spyware attacks.
Term
antivirus software
Definition
An application that scans files for
executable code that matches specific
patterns that are known to be common to
viruses.
Term
API
Definition
(application programming interface) A
mechanism that defines how software
elements interact with each other.
Term
application attacks
Definition
Attacks that are targeted at web-based and
other client-server applications.
Term
application aware device
Definition
A network device that manages
information about any application that
connects to it.
Term
application blacklisting
Definition
The practice of preventing undesirable
programs from running on a computer,
computer network, or mobile device.
Term
application whitelisting
Definition
The practice of allowing approved programs to run on a computer, computer network, or
mobile device.
Term
arbitrary code execution
Definition
An attack that exploits an application
vulnerability into allowing the attacker to execute commands on a user's computer.
Term
archive bit
Definition
A file property that essentially indicates
whether the file has been modified since the last back up.
Term
armored virus
Definition
A virus that is able to conceal its location or otherwise render itself harder to detect by anti-malware programs.
Term
ARO
Definition
(annual rate of occurrence) How many times
per year a particular loss is expected to occur.
Term
ARP
Definition
(Address Resolution Protocol) The mechanism
by which individual hardware MAC addresses
are matched to an IP address on a network.
Term
ARP poisoning
Definition
A method in which an attacker with access to the target network redirects an IP address to the MAC address of a computer that is not the intended recipient.
Term
asymmetric encryption
Definition
A two-way encryption scheme that uses pa.iced
private and public keys.
Term
attachment attack
Definition
An attack where the attacker can merge
malicious software or code into a
downloadable file or attachment on an
application server so that users download and execute it on client systems.
Term
attack
Definition
Any technique that is used to exploit a
vulnerability in any application on a computer system without the authorization to do so.
Term
attack surface
Definition
The portion of a system or application that is exposed and available to attackers.
Term
attackers
Definition
A term for users who gain unauthorized access
to computers and networks for malicious
purposes.
Term
attacking
Definition
The final phase of a hack in which the attacker steals data, disrupts traffic, or damages systems.
Term
auditing
Definition
The practice of examining logs of what was
recorded in the accounting process.
Term
authentication
Definition
In security teems, the process of validating a particular individual or entity's unique credentials.
Term
authorization
Definition
In security teems, the process of determining what rights and privileges a particular entity has.
Term
availability
Definition
The fundamental security goal of ensuring that systems operate continuously and that
authorized persons can access data that they need.
Term
backdoor
Definition
A mechanism for gaining access to a computer that bypasses or subverts the normal method of authentication.
Term
backdoor attack
Definition
A type of attack where the attacker creates a software mechanism to gain access to a system and its resources. This can involve software or a bogus user account.
Term
backout contingency plan
Definition
A documented plan that Incdudes specific
procedures and processes that are applied in the event that a change or modification made to a system must be undone.
Term
baseline report
Definition
A collection of security and configuration
settings that a.re to be applied to a particular system or network in the organization.
Term
BCP
Definition
(business continuity plan) A policy that defines how normal day-to-day business will be maintained in the event of a business disruption or crisis.
Supporting users have an ad free experience!