Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
161 Cards in this Set
- Front
- Back
Identification, assessment, and prioritization of risks by minimizing, monitoring, controlling the probability and/or impact of unfortunate events. |
Risk Management |
|
STS |
Security Token Service |
|
SAML |
Security Assertion Markup Language |
|
CIA |
Confidentiality Integrity Availability |
|
Ensures that only authorized people are able to see data |
Confidentiality |
|
Ensures accuracy of data |
Integrity |
|
Ensures ablility to get to data when needed |
Availability |
|
Senior Management's role as it relates to security policy |
To endorse and own company data |
|
Responsibility of data owner |
Determining who has access to the data or designating other data owners |
|
Responsibility of Senior Management in company's security program |
Set security policies |
|
Role responsible for the classification of data |
Data owner |
|
Benefit of using a third-party for auditing |
Objective review |
|
Benefit of classifying data |
Puts appropriate controls in place to safeguard that data |
|
Weakness with a lack of countermeasure |
Vulnerability |
|
Danger of someone taking advantage of a vulnerability |
Threat |
|
Likelihood of someone exploiting a vulnerability and impact |
Risk |
|
Degree of exposure to a loss |
Exposure |
|
Mitigates threat to a vulnerability |
Control |
|
2 types of Risk Analysis |
1) Quantitative - evidence/numbers 2) Qualitative - anecdotal |
|
ALE |
Annual Loss Expectancy |
|
SLE |
Single Loss Expectancy |
|
EF |
Exposure Factor |
|
Formula for calculating SLE |
Asset Value * EF = SLE |
|
3 Types of Quantitative Risk |
1) ALE 2) SLE 3) EF |
|
Formula for calcutaling ALE |
SLE * ARO = ALE |
|
ARO |
Annual Rate of Occurence |
|
Might cause a DoS during a penetration test? |
Excessive scanning |
|
Two factors agreed on prior to penetration testing |
1) Scope 2) Rules |
|
MTD |
Maximum Tolerable Delay |
|
2 things that impact time to do a penetration test |
1) RPO 2) RTO |
|
RPO |
Recovery Point Objective |
|
RTO |
Recovery Time Objective |
|
Primary concern when adding new software to a production system |
Risk |
|
How unified communications, including VoIP adds risk |
Loss of functionality means loss of business (need fault-tolerance) |
|
3 options regarding risk management |
1) Mitigating the risk 2) Transferring risk (buying insurance) 3) Assume the risk |
|
Least Privilege |
|
|
RBAC |
Role Based Access Control |
|
Used to simplify the provisioning and administration of rights. |
RBAC |
|
3 Categories of Access Control |
1) Administrative Controls 2) Technical Controls 3) Physical Controls |
|
AAA |
A = Authentication A = Authorization A = Accountability (records) |
|
What ISO 27001 directs about access. |
Establish a procedure for management's review of access rights. |
|
Authorization Creep |
Where a user maintains access to areas he no longer works on. |
|
Excess Privilege |
|
|
When it is discovered that an admin has accidentally (or intentionally), misconfigured the system. |
Data Diddling |
|
A data integrity tool used with bar code and QR code scanning. |
Check Digit |
|
2 examples of administrative control |
1) Job rotation 2) Mandatory vacation |
|
Taking a little off each transaction |
Salami technique |
|
Creating views with different levels of access |
Polyinstantiation |
|
The ability to deduce information based on other information |
Inference |
|
A locking device (physical or electronic) is an example of these 4 types of access control. |
1) Physical 2) Preventative 3) Deterrent (if a sign is posted) 4) Detective (if logging is enabled) |
|
The primary security concern when preventing a level 5 user from writing to level 4. |
Confidentiality |
|
The main method of protecting confidentiality with laptops |
Encryption |
|
Benefit of using VPN with public networks |
Virtual Private Network tunnel with IPsec |
|
2 examples of Social Engineering |
1) Phishing Attack 2) Shoulder Surfing |
|
Media Sanitization |
Process that renders access to target data on media infeasible for given level of effort. |
|
2 circumstances that would make a laptop safe to use on a public WAP |
1) Strong/updated virus protection software 2) Immediate connection to VPN tunnel |
|
Ethical Hacking |
Authorized activity management has approved |
|
802.1x |
Authentication method used on wired and wireless for network access. |
|
Reason to use third party for penetration testing |
No bias |
|
Goal/limits of penetration testing |
Expose and document vulnerabilities; NO changes should be made |
|
IPS/ISD |
Intrusion Prevention System Intrusion Detection System |
|
Service provided by IPS/IDS |
Look for specific attack > build a baseline > trigger an alert when the baseline is exceeded |
|
Flexible Hypothesis Methodology |
Imagining a worse-case security scenario |
|
Device used to control what a third party penetration tester is and is not allowed to do. |
Contract |
|
Encryption process |
Running clear text through an algorithm and producing ciphertext |
|
AES |
Advanced encryption standard |
|
methods of creating ciphertext |
Transposition and substitution concealment and steganography |
|
Caesar Cipher |
Substitutes letters of the alphabet |
|
The Caesar Cipher uses what method of encryption |
Substitution |
|
5 different names for the shared secret key used by symmetric encryption |
1) single key 2) secret key 3) section key 4) shared key 5) private key |
|
5 standards for symmetrical encryption |
1) AES 2) DES / 3DES 3) Blowfish 4) IDEA 5) RC4, RC5, RC6 |
|
4 bit variations for SHA |
1) 160 2) 256 3) 384 4) 512 |
|
Most highly regarded symmetric encryption standard to date |
AES |
|
PSK |
Pre-shared key |
|
The function of a PSK |
To provide authentication between two users of symmetric encryption. (NOT used to encrypt/decrypt) |
|
ECC |
Elliptic Curve Cryptography |
|
Best encryption for devices with limited processing power |
ECC |
|
A mathematical function which takes a variable-length input string and converts it into a fixed-length binary sequence. |
One-way hash or message digest |
|
HMAC |
Hashed Message Authentication Code |
|
How HMAC work to ensure against intercepted messages. |
It works with the hash value |
|
Bit length of MD5 |
128 |
|
Another name for a one-way hash |
Message digest |
|
2 examples of one-way hash algorithms |
1) SHA 2) MD5 |
|
2 things HMAC verifies |
1) data integrity 2) Authentication |
|
A set of protocols that provides security for Internet Protocol. It can use cryptography to provide security. |
IPSec |
|
The difference between encryption and hashing |
Hashing is one way . You can not get convert your data/ string from a hash code. Encryption is 2 way - you can decrypt again the encrypted string if you have the key with you. |
|
A form of Encryption where keys come in pairs. |
Asymmetric encryption |
|
Two keys used in asymmetric encryption |
Public and private key |
|
Type of encryption used by SSL |
Asymmetric encryption |
|
SSL |
Secure socket layer |
|
2 services provided by RSA |
1) asymmetric encryption 2) certificates |
|
2 uses of asymmetric encryption |
1) authentication of devices 2) exchange of keys |
|
fire detection systems |
Heat detection smoke detection |
|
Momentary Rush of Power |
Spike |
|
An oversupply of voltage from the power company that can last up to 50 microseconds. |
Surge |
|
A short duration reduction in rms voltage which can be caused by a short circuit, overload or starting of electric motors. |
Sag |
|
An intentional or unintentional drop in voltage in an electrical power supply system. |
Brown-out |
|
Any abnormal electric current. |
Fault |
|
A short- or long-term loss of the electric power to an area. |
Blackout |
|
UPS |
Uninterruptible Power Supply |
|
Provides automatic voltage regulation (AVR) to keep equipment working through low-voltage (brownouts) and high-voltage conditions without draining battery power. |
Interactive UPS
|
|
Two power supplies (A-side/B-side) that drive a load through diodes to OR their outputs together. In this way, the power supplies can either share the load or have one active and the other in standby. |
Redundant power |
|
ESD |
Electro Static Discharge |
|
Interference that appears on both signal leads (signal and circuit return), or the terminals of a measuring circuit, and ground. |
Common-mode Noise / Interference |
|
7 considerations for locations of a data center |
1) Sea level (above) 2) Natural disasters (not prone) 3) Hazardous waste (not nearby) 4) Power/Utilities (accessible) 5) Communications (available) 6) Primary/secondary data centers (separate) 7) Location in building (not basement) |
|
Redundant power supports which part of CIA |
Availability |
|
3 functions of OSI Physical Layer |
1) transmission / reception 2) describes interfaces 3) carries higher layer signals |
|
3 functions of OSI Data Link Layer |
1) detect transmission errors 2) regulate the flow of data 3) provide well-defined interface to network layer |
|
3 functions of OSI network layer |
1) Connection model 2) Host addressing 3) Message forwarding |
|
5 functions of OSI transport layer |
1) Connection-oriented communication 2) Reliability 3) Flow control 4) Congestion avoidance 5) Multiplexing |
|
UTP Categories |
3 - 10 Mbit/s 5/5e - 100 MHz 6/6a - |
|
UTP |
Unshielded Twisted Pair |
|
STP |
Shielded Twisted Pair |
|
Allows the transmission of signals in both directions but not simultaneously |
Half-duplex |
|
Acts like a Layer 1 repeater |
Hub |
|
The physical link or circuit that connects from the demarcation point of the customer premises to the edge of the common carrier or telecommunications service provider's network. |
Last mile OR Local Loop |
|
1.54 Mbps |
T1 |
|
Another name for physical address |
MAC address |
|
Refers to the transmission of data in two directions simultaneously.
|
Full duplex |
|
A standard specification for Ethernet, a method of physical communication in a local area network (LAN), which is maintained by the Institute of Electrical and Electronics Engineers (IEEE). |
802.3 |
|
A set of media access control (MAC) and physical layer (PHY) specifications for implementing wireless local area network (WLAN) computer communication in the 900 MHz and 2.4, 3.6, 5, and 60 GHz frequency bands. |
802.11 |
|
The type of network in which relatively small units of data called packets are routed through a network based on the destination address contained within each packet.
|
Packet switched technologies |
|
An ITU-T standard protocol suite for packet switched wide area network (WAN) communication.
|
X.25 |
|
PPP |
Point-to-Point protocol |
|
ATM |
Asynchronous Transfer Mode |
|
MPLS |
Multi Protocol Layer Switching |
|
Enables the encapsulation of a packet from one type of protocol within the datagram of a different protocol. For example, VPN uses PPTP to encapsulate IP packets over a public network, such as the Internet. |
VPN tunnel |
|
Class A range (first octet) |
1-127 |
|
Class B range (first octet) |
128-191 |
|
Class C range (first octet) |
192-223 |
|
Private Address Space RFC |
RFC 1918 |
|
3 Private Address Space ranges |
1) 10.x.x.x 2) 172.16-31.x 3) 192.168.x.x |
|
NAT |
Network Address Translation |
|
Physical media MOST resistant to evesdropping |
Fiber (no electromagnetic signal) |
|
Mapping a Layer 3 IP address to a Layer 2 MAC address |
ARP |
|
ARP |
Address Resolution Protocol |
|
ICMP |
Internet Control Message Protocol |
|
IGMP |
Internet Group Management Protocol |
|
Protocol ping uses |
ICMP (Protocol #1) |
|
3 types of transmissions at OSI Network Layer |
1) unicast
2) broadcast (255.255.255.255) 3) multicast (Class D) |
|
Protocol associated with multicasts |
IGMP |
|
4 routing protocols |
1) OSPF 2) IS-IS 3) RIP / RIPv2 4) IGRP |
|
A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data.
|
checksum |
|
Well-known port range |
0-1023 |
|
Registered port range |
1024-4951 |
|
3 functions of the OSI Session Layer |
1) Authentication 2) Authorization 3) Session restoration |
|
4 functions of OSI Presentation Layer |
1) Data conversion
2) Character code translation 3) Compression 4) Encryption / Decryption |
|
6 functions (and associated protocols) of OSI Application Layer |
1) Remote login to hosts (Telnet) 2) File transfer (FTP, TFTP) 3) Electronic mail transport (SMTP) 4) Networking support (DNS) 5) Host initialization (BOOTP) 6) Remote host management (SNMP) |
|
Transport Protocol/Port for FTP |
TCP/21 |
|
Transport Protocol/Port for HTTP |
TCP/80
|
|
Transport Protocol/Port for HTTPS |
TCP/443
|
|
Transport Protocol/Port for IMAP |
TCP/143
|
|
Transport Protocol/Port for SMTP |
TCP/25
|
|
Transport Protocol/Port for POP3 |
TCP/110
|
|
Transport Protocol/Port for SNMP |
UDP/161
|
|
Transport Protocol/Port for DNS
|
UDP/53 (Request)
|
|
Transport Protocol/Port for TFTP |
UDP/69 |
|
Transport Protocol/Port for Telnet |
TCP/23 |
|
Transport Protocol/Port for SSH |
TCP/22 |
|
Software-based identity provider, issues security tokens (software tokens)part of claims-based identity system |
STS |
|
Window time for recovery |
MTD |