Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Information Security Concepts and Terminology, Exams of Nursing

A comprehensive overview of various information security concepts and terminology. It covers a wide range of topics, including authentication methods, access control, cryptography, network security, incident response, and common cyber threats. The document serves as a valuable reference for understanding the fundamental principles and practices in the field of information security. It delves into the definitions, explanations, and examples of key security-related terms, equipping readers with the necessary knowledge to navigate the complex landscape of information protection. Whether you are a student, it professional, or someone interested in cybersecurity, this document offers a solid foundation for understanding the core concepts and terminology essential for ensuring the confidentiality, integrity, and availability of information systems.

Typology: Exams

2023/2024

Available from 09/21/2024

TopRank
TopRank 🇬🇧

397 documents

1 / 16

Toggle sidebar

Related documents


Partial preview of the text

Download Information Security Concepts and Terminology and more Exams Nursing in PDF only on Docsity!

Systems Security Certified Practitioner

(SSCP) - Exam Prep

Access Control Object - correct answer ✔✔A passive entity that typically receives or contains some form of data. Access Control Subject - correct answer ✔✔An active entity and can be any user, program, or process that requests permission to cause data to flow from an access control object to the access control subject or between access control objects. Asynchronous Password Token - correct answer ✔✔A one-time password is generated without the use of a clock, either from a one-time pad or cryptographic algorithm. Authorization - correct answer ✔✔Determines whether a user is permitted to access a particular resource. Connected Tokens - correct answer ✔✔Must be physically connected to the computer to which the user is authenticating. Contactless Tokens - correct answer ✔✔Form a logical connection to the client computer but do not require a physical connection. Disconnected Tokens - correct answer ✔✔Have neither a physical nor logical connection to the client computer. Entitlement - correct answer ✔✔A set of rules, defined by the resource owner, for managing access to a resource (asset, service, or entity) and for what purpose. Identity Management - correct answer ✔✔The task of controlling information about users on computers.

Proof of Identity - correct answer ✔✔Verify people's identities before the enterprise issues them accounts and credentials. Kerberos - correct answer ✔✔A popular network authentication protocol for indirect (third-party) authentication services. Lightweight Directory Access Protocol (LDAP) - correct answer ✔✔A client/server-based directory query protocol loosely based on X.500, commonly used to manage user information. LDAP is a front end and not used to manage or synchronize data per se as opposed to DNS. Single Sign-On (SSO) - correct answer ✔✔Designed to provide strong authentication using secret-key cryptography, allowing a single identity to be shared across multiple applications. Static Password Token - correct answer ✔✔The device contains a password that is physically hidden (not visible to the possessor) but that is transmitted for each authentication. Synchronous Dynamic Password Token - correct answer ✔✔A timer is used to rotate through various combinations produced by a cryptographic algorithm. Trust Path - correct answer ✔✔A series of trust relationships that authentication requests must follow between domains Availability - correct answer ✔✔Refers to the ability to access and use information systems when and as needed to support an organization's operations. Breach - correct answer ✔✔The intentional or unintentional release of secure information to an untrusted environment. CMDB - correct answer ✔✔A configuration management database (CMDB) is a repository that contains a collection of IT assets that are referred to as configuration items. Compensating Controls - correct answer ✔✔Introduced when the existing capabilities of a system do not support the requirements of a policy.

Confidentiality - correct answer ✔✔Refers to the property of information in which it is only made available to those who have a legitimate need to know. Configuration Management (CM) - correct answer ✔✔A discipline that seeks to manage configuration changes so that they are appropriately approved and documented, so that the integrity of the security state is maintained, and so that disruptions to performance and availability are minimized. Corrective Control - correct answer ✔✔These controls remedy the circumstances that enabled unwarranted activity, and/ or return conditions to where they were prior to the unwanted activity. COTS - correct answer ✔✔A Federal Acquistion Regulation (FAR) term for commercial off-the-shelf (COTS) items, that can be purchased n the commercial marketplace and used under government contract. Deduplication - correct answer ✔✔A process that scans the entire collection of information looking for similar chunks of data that can be consolidated. Defense-in-depth - correct answer ✔✔Provision of several overlapping subsequent limiting barriers with no respect to one safety or security threshold, so that the threshold can only be surpassed if all barriers have failed. Degaussing - correct answer ✔✔A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data. Deluge System - correct answer ✔✔A fire suppression system with open sprinker heads, water is held back until a detector in the area is activated. Deterrent Control - correct answer ✔✔Controls that prescribe some sort of punishment, randing from embarrassment to job termination or jail time for noncompliance. Their intent is to dissuade people from performing unwanted acts. Directive Control - correct answer ✔✔Controls dictated by organizational and legal authorities.

Dry System - correct answer ✔✔A fire suppression system that does not have water in the pipes until the electric valve is stimulated by excess heat. Dual Control - correct answer ✔✔A procedure that uses two or more entities (usually persons) operating in concert to protect a system resource, such that no single entity acting alone can access that resource. Information Rights Management (IRM) - correct answer ✔✔Assigns specific properties to an object such as how long the object may exist, what users or systems may access it, and if any notifications need to occur when the file is opened, modified, or printed. Integrity - correct answer ✔✔The property of information whereby it is recorded, used, and maintained in a way that ensures its completeness, accuracy, internal consistency, and usefulness for a stated purpose. IT Asset Management (ITAM) - correct answer ✔✔Entails collecting inventory and financial and contractual data to manage the IT asset throughout its life cycle. Least Privilege - correct answer ✔✔A security principle in which any user/process is given only the necessary, minimum level of access rights (privileges) explicitly, for the minimum amount of time, in order for it to complete its operation. Non-repudiation - correct answer ✔✔A service that is used to provide assurance of the integrity and origin of data in such a way that the integrity and origin can be verified by a third party as having originated from a specific entity in possession of the private key of the claimed signatory. Pre-action System - correct answer ✔✔A fire suppression system that contains water in the pipes but will not release the water until detectors in the area have been activated. This can eliminate concerns of water damage due to accidental or false activation. Preventive Control - correct answer ✔✔Controls that block unwanted actions. Privacy - correct answer ✔✔The rights and obligations of individuals and organizations with respect to the collection, use, retention, and disclosure of personal information.

Procedures - correct answer ✔✔Step-by-step instructions for performing a specific task or set of tasks. Release Management - correct answer ✔✔A software engineering discipline that controls the release of applications, updates, and patches to the production environment. Release Management Policy - correct answer ✔✔Specifies the conditions that must be met for an application or component to be released to production, roles and responsibilities for packaging, approving, moving, and testing code releases, and approval and documentation requirements. Release Manager - correct answer ✔✔Responsible for planning, coordination, implementation, and communication of all application releases. Separation of Duties - correct answer ✔✔An operational security mechanism for preventing fraud and unauthorized use that requires two or more individuals to complete a task or perform a specific function. Systems Integrity - correct answer ✔✔The maintenance of a known good configuration and expected operational function. Annualized Loss Expectancy (ALE) - correct answer ✔✔The expected annual loss because of a risk to a specific asset. Annualized Rate of Occurrence (ARO) - correct answer ✔✔The expected number of exploitations by a specific threat of a vulnerability to an asset in a given year. Antivirus Gateways - correct answer ✔✔Monitoring control for viruses contained within communications of major application types, such as web traffic, e-mail, and FTP. Asset - correct answer ✔✔Anything of value that is owned by an organization. Assets include both tangible items such as information systems and physical property and intangible assets such as intellectual property. Countermeasure - correct answer ✔✔An added-on reactive security controls.

Exploit - correct answer ✔✔A particular attack. It is named this way because these attacks exploit system vulnerabilities. False Negative - correct answer ✔✔The monitoring system missed reporting an exploit event by not firing an alarm. False Positive - correct answer ✔✔Monitoring triggered an event but nothing was actually wrong, and in doing so the monitoring has incorrectly identified benign communications as a danger. Impact - correct answer ✔✔The magnitude of harm that could be caused by a threat's exercise of a vulnerability. Java/ActiveX Filters - correct answer ✔✔These security gateway systems screen communications for these components and block or limit their transmission. Likelihood - correct answer ✔✔The probability that a potential vulnerability may be exercised within the construct of the associated threat environment. Network Mapping - correct answer ✔✔A process that "paints the picture" of which hosts are up and running externally or internally and what services are available on the system. Promiscuous Interface - correct answer ✔✔A network interface that collects and processes all of the packets sent to it regardless of the destination MAC address. Risk - correct answer ✔✔A function of the likelihood of a given threat source exercising a potential vulnerability, and the resulting impact of that adverse event on the organization. Residual Risk - correct answer ✔✔The risk that remains after risk reduction and mitigation efforts are complete.

Risk Assessments - correct answer ✔✔Assess threats to information systems, system vulnerabilities and weaknesses, and the likelihood that threats will exploit these vulnerabilities and weaknesses to cause adverse effects. Risk Register - correct answer ✔✔Serves as a way for the organization to know their possible exposure at a given time. Safeguard - correct answer ✔✔A built-in proactive security control implemented to provide protection against threats. Signature - correct answer ✔✔A string of characters or activities found within processes or data communications that describes a known system attack. Single Loss Expectancy (SLE) - correct answer ✔✔The expected monetary loss to an organization from a threat to an asset. Threat - correct answer ✔✔The potential for a threat source to exercise (accidentally trigger or intentionally exploit) a specific vulnerability. Threat Source - correct answer ✔✔Either intent or method targeted at the intentional exploitation of a vulnerability or a situation or method that may accidentally trigger a vulnerability. True Negative - correct answer ✔✔The monitoring system has not recognized benign traffic as cause for concern. True Positive - correct answer ✔✔The monitoring system recognized an exploit event correctly. Tuning - correct answer ✔✔Customizing a monitoring system to your environment. Vulnerability - correct answer ✔✔A system weakness.

War Dialing - correct answer ✔✔Attempts to locate unauthorized, also called rogue, modems connected to computers that are connected to networks. War Driving - correct answer ✔✔Involves traveling around with a wireless scanner looking for wireless access points. Web Traffic Screening - correct answer ✔✔These systems block web traffic to and from specific sites or sites of a specific type. Business Continuity Planning - correct answer ✔✔The proactive development of a plan that can be executed to restore business operations within predetermined times after a disaster or other significant disruption to the organization. Adverse Events - correct answer ✔✔Events with a negative consequence, such as system crashes, network packet floods, unauthorized use of system privileges, defacement of a web page, and execution of malicious code that destroys data. Clustering - correct answer ✔✔A method of configuring multiple computers so that they effectively operate as a single system. Computer Security Incident - correct answer ✔✔A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices. Differential Backups - correct answer ✔✔Records differences in data since the most recent full backup. Event - correct answer ✔✔Any observable occurrence in a system or network. Full Backup - correct answer ✔✔Copies the entire system to backup media. Full Interruption Testing - correct answer ✔✔When business operations are actually interrupted at the primary processing facility.

High Availability Clustering - correct answer ✔✔A clustering method that uses multiple systems to reduce the risk associated with a single point of failure. Incremental Backups - correct answer ✔✔Records changes that are made to the system since the last incremental backup. Intrusion Detection Systems (IDS) - correct answer ✔✔Use available information to determine if an attack is underway, send alerts, and provide limited response capabilities. Intrusion Prevention Systems (IPS) - correct answer ✔✔Use available information to determine if an attack is underway, send alerts but also block the attack from reaching its intended target. Locard's Principle of Exchange - correct answer ✔✔States that when a crime is committed, the perpetrators leave something behind and take something with them, hence the exchange. Maximum Tolerable Downtime (MTD) - correct answer ✔✔The maximum amount of time that a business function can be unavailable before the organization is harmed to a degree that puts the survivability of the organization at risk. Recovery Point Objective (RPO) - correct answer ✔✔Specifies the point in time to which data could be restored in the event of a business continuity disruption. Recovery Time Objective (RTO) - correct answer ✔✔Indicates the period of time within which a business function or information system must be restored after a disruption. Asymmetric - correct answer ✔✔Two different but mathematically related keys are used where one key is used to encrypt and another is used to decrypt. Asynchronous - correct answer ✔✔Encrypt/Decrypt requests are processed in queues. Certificate Authority (CA) - correct answer ✔✔An entity trusted by one or more users as an authority in a network that issues, revokes, and manages digital certificates.

Cryptanalysis - correct answer ✔✔The study of techniques for attempting to defeat cryptographic techniques and, more generally, information security services. Cryptology - correct answer ✔✔The science that deals with hidden, disguised, or encrypted communications. It embraces communications security and communications intelligence. Cryptosystem - correct answer ✔✔Represents the entire cryptographic operation. This includes the algorithm, the key, and key management functions. Decryption - correct answer ✔✔The reverse process from encryption. It is the process of converting a ciphertext message into plaintext through the use of the cryptographic algorithm and key that was used to do the original encryption. Digital Certificate - correct answer ✔✔An electronic document that contains the name of an organization or individual, the business address, the digital signature of the certificate authority issuing the certificate. Digital Signatures - correct answer ✔✔Provide authentication of a sender and integrity of a sender's message. Encryption - correct answer ✔✔The process of converting the message from its plaintext to ciphertext. Hash Function - correct answer ✔✔A one-way mathematical operation that reduces a message or data file into a smaller fixed length output, or hash value. Initialization Vector (IV) - correct answer ✔✔A nonsecret binary vector used as the initializing input algorithm for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment. Key - correct answer ✔✔The input that controls the operation of the cryptographic algorithm. It determines the behavior of the algorithm and permits the reliable encryption and decryption of the message.

Key Clustering - correct answer ✔✔When different encryption keys generate the same ciphertext from the same plaintext message Boundary Routers - correct answer ✔✔Primarily advertise routes that external hosts can use to reach internal ones. Bridges - correct answer ✔✔A device that connects two or more physical networks and forwards packets between them. Carrier Sense Multiple Access (CSMA) - correct answer ✔✔A multiple-station access scheme for avoiding contention in packet networks in which each station can sense the presence of carrier signals from other stations and thus avoid transmitting a packet that would result in a collision. See also collision detection. Circuit-switched Networks - correct answer ✔✔Network that establish a dedicated circuit between endpoints. Concentrators - correct answer ✔✔Multiplex connected devices into one signal to be transmitted on a network. Demilitarized Zone (DMZ) - correct answer ✔✔Isolates network elements such as e-mail servers that, because they can be accessed from trustless networks, are exposed to external attacks. Dynamic Host Configuration Protocol (DHCP) - correct answer ✔✔DHCP is an industry standard protocol used to dynamically assign IP addresses to network devices. Fiber Distributed Data Interface (FDDI) - correct answer ✔✔Token-passing architecture using two rings. Designed to be a 100-MBps network backbone with transmission distances of up to two kilometers. A legacy technology that has been supplanted by Asynchronous Transfer Mode (ATM) and Multiprotocol Label Switching (MPLS). Fibre Channel over Ethernet (FCoE) - correct answer ✔✔A lightweight encapsulation protocol and lacks the reliable data transport of the TCP layer.

File Transfer Protocol (FTP) - correct answer ✔✔The Internet protocol (and program) used to transfer files between hosts. Hypertext Transfer Protocol (HTTP) - correct answer ✔✔A communication protocol used to connect to serves on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser. The protocol used to transport hypertext files across the Internet. Internet Control Message Protocol (ICMP) - correct answer ✔✔A network layer Internet protocol that reports errors and provides other information relevant to IP packet processing. Intrusion Detection Systems (IDS) - correct answer ✔✔Real-time monitoring of events as they happen in a computer system or network, using audit trail records and network traffic and analyzing events to detect potential intrusion attempts. Lightweight Directory Access Protocol (LDAP) - correct answer ✔✔Authentication is specified as simple (basic), simple using SSL/TLS, or Simple Authentication and Security Layer (SASL). Modems - correct answer ✔✔Allow users remote access to a network via analog phone lines. Multiprotocol Label Switching (MPLS) - correct answer ✔✔A Layer 2.5 networking protocol. Network Basic Input Output System (NetBIOS) - correct answer ✔✔Developed in 1983 and later ported to TCP/IP (NetBT) Under TCP/IP, run over TCP on ports 137 and 138 and over UDP on port 139, additionally uses port 135 for Remote Procedure Calls. Network File System (NFS) - correct answer ✔✔A client/server file-sharing system common to the UNIX platform. Network Information Service (NIS/ NIS+) - correct answer ✔✔Directory services developed by Sun Microsystems, which are mostly used in UNIX environments. They are commonly used for managing user credentials across a group of machines.

Open Shortest Path First (OSPF) - correct answer ✔✔An interior gateway routing protocol developed for IP networks based on the shortest path first or link-state algorithm. Packet-switched Networks - correct answer ✔✔Networks that do not use a dedicated connection between endpoints. Ping Scanning - correct answer ✔✔A basic network mapping technique that helps narrow the scope of an attack. Remote Procedure Calls (RPC) - correct answer ✔✔Represent the ability to allow for the executing of objects across hosts, with a client sending a set of instructions to an application residing on a different host on the network. Routers - correct answer ✔✔Forward packets to other networks. Routing Information Protocol (RIP) - correct answer ✔✔A standard for the exchange of routing information among gateways and hosts. Most useful as an interior gateway protocol. Security Event Management (SEM)/Security Event and Incident Management (SEIM) - correct answer ✔✔A solution that involves harvesting logs and event information from a variety of different sources on individual servers or assets and analyzing it as a consolidated view with sophisticated reporting. Simple Network Management Protocol (SNMP) - correct answer ✔✔Provides remote administration of network devices, allowing the manager to retrieve ("get") variable values and "set" variable values. TCP/IP Terminal Emulation Protocol (TELNET) - correct answer ✔✔A command line protocol designed to give command line access to another host. Transmission Control Protocol (TCP) - correct answer ✔✔The major transport protocol in the Internet suite of protocols providing reliable, connection-oriented, full-duplex streams. User Datagram Protocol (UDP) - correct answer ✔✔The User Datagram Protocol provides a lightweight service for connectionless data transfer without error detection and correction.

Voice over Internet Protocol (VoIP) - correct answer ✔✔A set of technologies that enables voice to be sent over a packet network Backdoor Attack - correct answer ✔✔An attack that exploits an unprotected access method or pathway. Boot Sector Virus - correct answer ✔✔Malcode that spreads in the wild by copying itself to the Master Boot Record (MBR) of a hard disk and boot sectors of floppy disks. Brain, the first PC virus, is a boot sector virus. Bot - correct answer ✔✔Malicious code that acts like a remotely controlled "robot" for an attacker, with other Trojan and worm capabilities. Botnet - correct answer ✔✔An army of compromised machines that are under the command and control of a single "botmaster." Buffer Overflow Attack - correct answer ✔✔An attack that exploits programs with poor buffer management. Covert Channel - correct answer ✔✔Hidden use of bandwidth or storage to communicate or hide a message. Cross-site Scripting - correct answer ✔✔A hacking technique that leverages vulnerabilities in the code of a web application to allow an attacker to send malicious content from an end user and collect some type of data from the victim. Directory Transversal - correct answer ✔✔An attack that exploits a lack of security in web applications and allows an attacker to directly access the webserver's filesystem. Dropper - correct answer ✔✔A malicious file used to install malicious code on a computer. File Infector - correct answer ✔✔Viruses that infect files.

Keylogger - correct answer ✔✔A type of Trojan used to capture data keylogged on a system. Logic Bomb - correct answer ✔✔A type of Trojan that typically executes a destructive routine when certain conditions are met, such as date and time. Memory-Based Rootkits - correct answer ✔✔Malware that has no persistent code and therefore does not survive a reboot. Payload - correct answer ✔✔The primary action of a malicious code attack. Phishing - correct answer ✔✔The attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Polymorphic Virus - correct answer ✔✔Viruses that assume many shapes and forms by encrypting code differently with each infection. Proof of Concept (POC) - correct answer ✔✔Functional code that can be used in order to validate that an exploit actually works, and to detail the specifics of how it functions. Rootkit - correct answer ✔✔Codes that mask intrusion as well as being used in the compromise of a system. Sandbox - correct answer ✔✔A secluded environment on a computer, where you can run untested code or malware to study the results without having any ill effects on the rest of your software. Social Engineering - correct answer ✔✔Methods that bad actors can use to trick users or "con" them into engaging in behavior in which they would not normally engage. Spam - correct answer ✔✔Unsolicited e-mail, normally with an advertising content sent out as a mass mailing.

Spoofing Attack - correct answer ✔✔A situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. Trojan - correct answer ✔✔A malicious program that is disguised as legitimate software. Vector of Attack - correct answer ✔✔How the transmission of malcode takes place, such as e-mail, a link sent to an instant messenger user, or a hostile website attempting to exploit vulnerable software on a remote host. Virus - correct answer ✔✔Malicious software that infects a host file in order to spread. Worm - correct answer ✔✔A self-replicating program that can be designed to do any number of things.