In each blank, try to type in the
word that is missing. If you've
typed in the correct word, the
blank will turn green.
If your not sure what answer should be entered, press the space bar and the next missing letter will be displayed. When you are all done, you should look back over all your answers and review the ones in red. These ones in red are the ones which you needed help on. Term: use policy (AUP)Definition: a policy that defines the actions users may perform while systems and networking equipment Term: controlDefinition: the mechanism used in an information system to allow or restrict access to data or Term: access listDefinition: a set of permissions that are to an object Term: access control Definition: a standard that provides a predefined framework for and software developers who need to implement access control in their devices or applications Term: access Definition: a record or list of individuals who have permission to enter a secure area, the time that they entered, and the time they left the Term: access Definition: a log that can details regarding requests for specific files on a system Term: Definition: the that provides tracking of events Term: add-onsDefinition: that provide additional functionality to Web browsers Term: Resolution Protocol (ARP)Definition: part of the TCP/IP protocol suite, determines the MAC based on the IP address Term: Advanced Encryption (AES)Definition: a symmetric that was approved by the NIST in late 2000 as a replacement for DES Term: Definition: a program that delivers advertising content is a manner that is unexpected and unwanted by the user Term: AES-CCMPDefinition: the encryption protocol for WAP2 Term: algorithmDefinition: based on a mathematical formula; used to encrypt data Term: all-in-one network appliancesDefinition: network hardware that provides multiple security Term: Loss Expectancy (ALE)Definition: the monetary loss that can be anticipated for an asset due to a risk over a one-year period Term: Rate of Occurrence (ARO)Definition: the probability that a risk will in a particular year Term: anomaly-based Definition: a monitoring technique used by an IDS that a baseline of normal activities and compares actions against the baseline Term: anti-spywareDefinition: software that prevent computers from becoming infected by different types of spyware Term: anti-virus (AV)Definition: that can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus Term: architectural Definition: the process of defining a collection of hardware and software components along with their interfaces in order to the framework for software development Term: ARP Definition: an attack that the ARP cache Term: Definition: an item that has Term: asymmetric cryptographic Definition: encryption that uses two related keys Term: asymmetric clusterDefinition: a in which a standby server exists only to take over for another in the event of its failure Term: Definition: that are coupled to e-mail messages Term: surfaceDefinition: the code that can be executed by unauthorized users in a program Term: audit Definition: a lg that can user authentication attempts Term: audit Definition: logs that are the second most common type of security-related system logs Term: Definition: the steps that ensure that the individual is who they claim to Term: authorizationDefinition: the act of providing permission or authority to conduct a Term: Definition: security actions that ensure that data is accessible to users Term: Definition: software code that gives access to a program or a that circumvents normal security protections Term: backout/contingency Definition: rolling back a disaster implementation to the starting point so that a different approach can be taken Term: reportingDefinition: a comparison of the state of a system compared to its baseline Term: filteringDefinition: spam filtering that analyzes the contents of every word in an e-mail and determines how frequently a word occurs in order to determine if it is spam Term: behavioral Definition: authenticating a user by the normal actions that the user Term: behavior-based Definition: a monitoring technique used by an IDS that uses the normal processes and as the standard and compares actions against it Term: boxDefinition: a test in the tester has no prior knowledge of the network infrastructure that is being tested Term: cipherDefinition: a cipher that manipulates an block of plaintext at one time Term: BlowfishDefinition: a cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits Term: Definition: an attack that sends unsolicited to Bluetooth-enabled devices Term: Definition: an attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop Term: Definition: a wireless technology that uses short-range frequency (RF) transmissions and provides for rapid ad hoc pairings Term: botnetDefinition: a logical computer network of zombies the control of an attacker Term: trust modelDefinition: a trust model with one CA that acts as a facilitator to all other CA's Term: brute attackDefinition: a password in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched with those in a stolen password file Term: overflowDefinition: an attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length buffer Term: continuityDefinition: the ability of an organization to maintain its and services in the face of a disruptive event Term: business continuity plan and Definition: the process of identifying exposure to threats, creating preventative and procedures, and then testing them to determine if they are sufficient Term: impact analysis (BIA)Definition: an analysis of the most important -critical business functions, which identifies and quantifies the impact such a loss of the functions may have on the organization in terms of its operational and financial position Term: cable Definition: a device that can be inserted into the security slot of a portable device and so that the cable lock is secured to the device to prevent it from being stolen Term: 's Database Security Breach Notification ActDefinition: the first state law that covers any state agency, person, or company that does in California Term: Certificate (CA)Definition: a trusted third-party that is responsible for issuing digital certificates Term: Certificate (CR)Definition: a publicly accessible directory that contains digital certificates that can be used to view the status of a digital certificate Term: of custodyDefinition: a process of documentation that shows that evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the Term: change Definition: a methodology for modifications to a system and keeping track of those changes Term: ciphertextDefinition: data that has been Term: cleartextDefinition: data Term: client-side Definition: an attack that targets vulnerabilities in client that interact with a compromised server or processes malicious data Term: -circuit television (CCTV)Definition: using video cameras to transmit a signal to a specific and limited set of receivers used for surveillance in that require security monitoring Term: cloud Definition: a pay-per-use computing model in which customers pay only for the computing resources that they need, and the can be easily scaled Term: code Definition: presenting the code to multiple in order to reach agreement about its security Term: cognitive Definition: authenticating a user through the perception, process, and understanding of the user Term: cold Definition: a remote site that provides office space; the customer must provide and install all the equipment needed to operations Term: common card (CAC)Definition: a Department of Defense (DoD)smart card used for identification for -duty and reserve military personnel along with civilian employees and special contractors Term: injectionDefinition: injecting and executing commands to on a server Term: virus (virus)Definition: a malicious computer code that itself on the same computer Term: Definition: security actions that ensure only authorized can view information Term: cookieDefinition: a file on a local computer in a server stores user-specific information Term: cross-site frequency (XSRF)Definition: an attack that uses the user's Web browser settings to impersonate the Term: -site scripting (XSS)Definition: an attack that injects scripts into a Web application server to attacks at clients Term: Definition: the science of transforming information into a secure form while it is being transmitted or stored so that unauthorized persons can not it Term: Definition: attacks against financial networks, unauthorized access to information, and the theft of personal information Term: Definition: a network of attackers, identity thieves, spammers, and fraudsters Term: Definition: a premeditated, politically motivated attack against information, computer systems, computer programs, and data that in violence Term: Definition: attackers whose motivation may be defined as ideology, or attacking for the sake of their principles or Term: data Definition: the process of copying information to a different medium and it (preferably at an off-site location) so that it can be used in the event of a disaster Term: Data Standard (DES)Definition: a symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit Term: data loss (DLP)Definition: a system that can identify critical data, monitor how it is being , and protect it from unauthorized users Term: lockDefinition: a door lock that a solid metal bar into the door frame for extra security Term: zone (DMZ)Definition: a separate network that rests outside the secure network perimeter; untrusted users can access the DMZ but cannot enter the secure network Term: of service (DoS)Definition: an attack that attempts to prevent a from performing its normal functions Term: design Definition: an of the design of a software program by key personnel from different levels of the project Term: attackDefinition: a password attack that creates encrypted of common dictionary words and compares them against those in a stolen password file Term: certificateDefinition: a technology used to associate a user's identity to a key, in which the user's public key is "digitally signed" by a trusted third party Term: trustDefinition: a type of trust model in which a relationship exists between two individuals one person knows the other person Term: directory Definition: an attack that takes advantage of a vulnerability in the Web application program or the Web server software so that a user can move from the root to other restricted directories Term: disabling portsDefinition: a technique to turn off ports on a network device that are not required Term: disaster Definition: the procedures and processes for restoring an organization's IT following a disaster Term: disaster plan (DRP)Definition: a written document that the process for restoring IT resources following an event that causes a significant disruption in service Term: Discretionary Access (DAC)Definition: the least restrictive access control model in which the of the object has total control over it Term: distributed of service (DDoS)Definition: an attack that uses multiple zombie computers (even hundreds or thousands) in a to flood device with requests Term: distributed modelDefinition: a model that has multiple CAs that sign digital ceritfiactes Term: DNS Definition: an attack that substitutes DNS addresses so that the computer is automatically to another device Term: Name System (DNS)Definition: a hierarchical name system for computer names and numbers Term: divingDefinition: the act of digging through trash receptacles to find information that can be in an attack Term: curve cryptography (ECC)Definition: an algorithm that uses elliptic curves instead of numbers to compute keys Term: encryptionDefinition: the process of changing into ciphertext Term: (exceptions)Definition: faults in a program that occur the application is running Term: logsDefinition: logs that can document any unsuccessful events and the most significant successful Term: evil Definition: an AP set up by an attacker to mimic an authorized AP and capture transmissions, so a user's device will connect to this evil twin instead Term: Definition: the act of advantage of a vulnerability Term: Exposure (EF)Definition: the proportion of an asset's value that is likely to be destroyed by a particular risk (expressed as a ) Term: Extended Definition: the second version of the Access Control Access Control System (TACACS) authentication service Term: Extensible Authentication (EAP)Definition: a framework for authentication protocols that defines the format of the messages Term: fail-openDefinition: a control that errs on the side of in the event of a failure Term: fail-safe (fail-secure)Definition: a control that errs on the side of security in the of a failure Term: cageDefinition: a metallic enclosure that the entry or escape of an electromagnetic field Term: fencingDefinition: securing a restricted area by a barrier Term: File Protocol (FTP)Definition: an unsecure TCP/IP protocol that is commonly used for files Term: firewall (packet )Definition: hardware or software that is designed to prevent malicious packets from or leaving computers or networks Term: -party cookieDefinition: a cookie that is from the Web site that currently is being viewed Term: Flash Definition: a cookie named after the Adobe Flash Term: flood Definition: a feature that control's a device's tolerance for unanswered service requests and helps to prevent a DoS Term: forensics (forensic )Definition: the application of science to questions that are of interest to the profession Term: FTP Source Sockets Layer (FTPS)Definition: a TCP/IP protocol that uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to commands sent over the control port (Port 21) in an FTP session Term: fuzz (fuzzing)Definition: a software testing technique that provides invalid, unexpected, or random data as inputs to a computer program Term: GNU Guard (GPG)Definition: an open-source package that is commonly used to encrypt and decrypt e-mail messages Term: GPS Definition: using the Global Positioning System (GPS) to detect the of a portable device Term: -Leach-Bliley Act (GBLA)Definition: a U.S. law that requires banks and financial institutions to alert customers of their policies and practices in customer information Term: gray Definition: a test where some limited information has been to the tester Term: Definition: a term used to refer to a person who uses advanced computer skills to computers Term: hardeningDefinition: the process of eliminating as many security risks as possible and making the more secure
Term: Security Module (HSM)Definition: a cryptographic processor Term: hashDefinition: the unique digital fingerprint by a hashing algorithm
Term: Message Authentication Code (HMAC)Definition: a variation of a hash that the hash with a shared secret key before transmitting it Term: hashingDefinition: the process for creating a digital fingerprint signature for a set of data Term: Health Insurance and Accountability Act (HIPAA)Definition: a U.S. law designed to protect information and implement policies and procedures to safeguard it Term: , venting and air conditioning (HVAC)Definition: systems that and regulate heating and cooling Term: detectionDefinition: creating a virtualized environment to simulate the central processing unit (CPU) and memory of the to check for the presence of a virus Term: host detection system (HIDS)Definition: a software-based that runs on a local host computer that can detect an attack as it occurs Term: hierarchial trust Definition: a trust model that has a hierarchy with one master CA Term: high Definition: a system that can for an extended period of time with little downtime Term: Definition: a warning Term: honeynetDefinition: a setup with intentional vulnerabilities Term: honeypotDefinition: a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files, to trick attackers into revealing their attack Term: host-based firewallDefinition: a firewall that runs as a program on a local system to protect it attacks Term: host Definition: a list of the mappings of to computer numbers Term: hot aisle/cold Definition: a layout in a data center that can be used to reduce heat by that air flow Term: hotfixDefinition: software that addresses a specific customer and often may not be distributed outside that customer's organiztion Term: hot Definition: a duplicate of the production site that has all the equipment needed for an organization to continue running, including space and furniture, telephone jacks, computer equipment, and a live telecommunications link Term: HTTP Definition: part of HTTP that is of fields that contain the different characteristics of the data that is being transmitted Term: HTTP header Definition: modifying HTTP headers to create an Term: hybrid Definition: a password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or special characters Term: Hypertext Transport Protocol over Secure Layer (HTTPS)Definition: a version of HTTP sent over SSL/TLS Term: theftDefinition: stealing another person's personal information, such as Social Security number, and then using the information to impersonate the victim, generally for financial Term: IEEE 802.1xDefinition: a standard that blocks all traffic on a port-by-port basis until the client is authenticated using stored on an authorization server Term: impersonationDefinition: an attack that creates a fictitious character and then plays out the role of that on a victim Term: implicit Definition: rejecting unless a consition is explicitly met Term: incident Definition: the framework and functions to enable incident response and incident handling within an organization Term: information Definition: the tasks of secruing information that is is a format Term: initialization (IV)Definition: a 24-bit used in WEP that changes each time a packet is encrypted Term: input Definition: a user's input to an application Term: integrityDefinition: security actions that ensure that the is correct and no unauthorized person or malicious software have altered the data Term: Internet Control Message (ICMP)Definition: a TCP/IP protocol that is used by to communicate updates or error information to other devices Term: Internet version 6 (IPv6)Definition: the next generation of the IP protocol that addresses of IPv4 and provides several significant improvements Term: intrusion detection (IDS)Definition: a device designed to detect an attack as it Term: IP Definition: using a data-based IP to add digital voice clients and new voice applications onto the IP network Term: IP (IPsec)Definition: a set of protocols developed to support the exchange of packets Term: KerberosDefinition: an authentication system developed by the Massachusetts of Technology (MIT) and used to verify the identity of networked users Term: Definition: a mathematical value entered into the algorithm to produce Term: key Definition: a process in which keys are managed by a third-party, such as a trusted CA the root Term: keyloggerDefinition: hardware or software that captures and stores each keystroke that a user types on the computer's Term: key agent (KRA)Definition: a highly trusted person responsible for lost or damaged digital certificates Term: attack (IV attack)Definition: a method of the keystream by analyzing two packets that were created from the same initialization vector (IV) Term: LDAP injection Definition: an attack that constructs LDAP statements based on user input statements, allowing the to retrieve information from the LDAP database or modify its content Term: privilegeDefinition: providing only the amount of privileges necessary to perform a job or function Term: Lightweight Directory Protocol (LDAP) Definition: a protocol for a application to access an X.500 directory Term: EAP (LEAP)Definition: a proprietary EAP method developed by Cisco Systems requiring mutual used for WLAN encryption using Cisco client software Term: load Definition: a device that can direct requests to servers based on a variety of factors, such as the number connections, the server's processor utilization, and overall performance of the server Term: locking Definition: a secure storage unit that can be used for portable devices Term: Definition: a record of that occur Term: bombDefinition: computer code that lies dormant until it its triggered by a logical event Term: loop Definition: preventing broadcast by using the IEEE 802.1d standard spanning-tree algorithm (STA) Term: MAC and filteringDefinition: a security technique to the number of media access control (MAC) addresses allowed on a single port Term: malwareDefinition: software that enters a computer system without the user's knowledge or and then performs an unwanted and harmful action Term: Access Control (MAC)Definition: the most restrictive access control model, typically in military settings in which security is of supreme importance Term: vacationsDefinition: requiring that all employees take Term: man-in-the-middleDefinition: an attack that legitimate communications and forges a fictitious response to the sender Term: mantrapDefinition: a device that and controls two interlocking doors to a small room (a vestibule), designed to separate secure and nonsecure areas Term: mean time failures (MTBF)Definition: a statistical value that is the average time until a component , cannot be repaired, and must be replaced Term: mean time to (MTTR)Definition: the average time needed to reestablish to their former state Term: Media Access Control (MAC) filteringDefinition: a method for controlling to a WLAN based on the device's MAC address Term: Digest (MD)Definition: a common hash algorithm of several different Term: Digest 5 (MD5)Definition: a of MD4 that is designed to address its weaknesses Term: M-of-N Definition: a technique to recover a private key by parts to different individuals Term: multifactor Definition: using more than one type of authentication Term: network control (NAC)Definition: a technique that examines the current state of a system or network device before its to connect to the network Term: address translation (NAT)Definition: a that allows private IP addresses to be used on the public Internet Term: intrusion detection system (NIDS)Definition: a technology that watches for attacks on the network and to a central device Term: network intrusion system (NIPS)Definition: a technology that network traffic to immediately react to block a malicious attack Term: nonrepudiationDefinition: the of proving that a user performed an action Term: NTML (New Technology LAN Manager) Definition: a password hash for Windows systems that is no longer recommended for use Term: NTLMv2 (New LAN Manager2)Definition: an version of NTLM that uses HMAC with MD5 Term: one-time pad (OTP)Definition: using a truly random key to create ciphertext Term: order of Definition: the sequence of volatile data that must be in a computer forensics investigations Term: passwordDefinition: a secret combination of letters, , and/or characters that only the user should know Term: Definition: a general security update intended to cover vulnerabilities that have been discovered Term: peer-to-peer (P2P) Definition: a network that does not have servers, so each simultaneously functions as both a client and a server to all other devices connected to the network Term: Identity Verification (PIV)Definition: a government standard for smart cards that all government employees Term: penetration Definition: a test by an to actually exploit any weaknesses in systems that are vulnerable Term: persistent cookie (tracking )Definition: a cookie that is recorded on the hard drive of the computer and does not when the browser closes Term: Definition: a phishing attack that automatically the user to a fake site Term: phishingDefinition: sending an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into private information Term: pingDefinition: a utility that sends an Internet Control Message (ICMP) to flood a victim with packers Term: ping Definition: an attack that uses the Internet Control Message Protocol (ICMP) to flood a with packets Term: plaintextDefinition: data input into an encryption Term: pop-up Definition: either a program or a incorporated within a browser that stops pop-up advertisements from appearing Term: port Definition: to search a system for any port vulnerabilities Term: key (PSK)Definition: a key value that must be and entered into both the access point and all wireless devices ("shared") prior ("pre") the devices communicating with the AP Term: Good Privacy (PGP)Definition: a commercial product that is commonly used to encrypt e-mail Term: privacy Definition: a policy that outlines how the organization uses personal information it Term: private Definition: an asymmetric encryption key that does have to be Term: private key Definition: algorithms that use a single key to encrypt and decrypt a message Term: escalationDefinition: an attack that exploits a in software to gain access to resources that the user would normally be restricted from obtaining Term: EAP (PEAP)Definition: an EAP method designed to simplify the deployment of 802.1x by using Microsoft Windows and passwords Term: analyzer (sniffer)Definition: hardware or software that captures packets to decode and analyze the Term: proximity Definition: a device that detects an emitted signal in to identify the owner Term: proxy Definition: a or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user Term: keyDefinition: an asymmetric encryption key that does not have to be Term: key cryptographyDefinition: encryption that uses two mathematically related Term: public key (PKI)Definition: a framework for all of the entities involved in digital management Term: quantum Definition: an asymmetric cryptography that attempts to use the unusual and behavior of microscopic objects to enable users to securely develop and share keys Term: RACE Primitives Evaluation Message Digest (RIPEMD)Definition: a hash algorithm that uses two different and independent parallel chains of computation and then combines the result at the end of the Term: RAID (Redundant Array of Independent )Definition: a technology that uses multiple hard disks for reliability and performance Term: rainbow Definition: large pregenerated data sets of encrypted passwords used in attacks Term: Definition: an RC stream cipher that will acept keys up to 128 bits in Term: point objective (RPO)Definition: the maximum length of time that an organization can tolerate backups Term: time objective (RTO)Definition: the length of time it will take to recover data that has been up Term: Authority (RA)Definition: a subordinate entity designed to handle specific CA tasks such as processing requests and authenticating users Term: accessDefinition: any combination of hardware and software that enables remote users to access a local internal Term: Remote Authorization Dial In User (RADIUS)Definition: an industry standard authentication service with support across nearly all vendors of networking equipment Term: wipe/sanitationDefinition: a technology that can remotely erase data from a device and reset it to its default factory settings Term: replayDefinition: an attack that a copy of the transmission before sending it tot the recipient Term: reverse Definition: a computer or an program that routes incoming requests to the correct server Term: riskDefinition: the likelihood that a threat agent will exploit the Term: Cipher (RC)Definition: a family of cipher designed by Ron Rivest Term: rogue pointDefinition: an AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks Term: Role Based Access (RBAC)Definition: a "real-world" access control model in which is based on a user's job function within the organization Term: rootkitDefinition: a set of tools used by an attacker to hide the actions or presence of other types of malicious software Term: routerDefinition: a device that can forward across computer networks Term: RSADefinition: an algorithm published in 1977 and patented by MIT in 1983 Term: Rule Based Access (RBAC)Definition: an access control model that can dynamically assign to subjects based on a set of rules defined by a custodian Term: rule-based Definition: the process of that relies on following procedural and technical rules Term: Definition: a ruggedized box with a lock Term: -Oxley Act (Sarbox)Definition: a U.S. law designed to corporate corruption Term: kiddiesDefinition: individuals who want to break into computer to create , yet lack the advanced knowledge of computers and networks needed to do so Term: cookieDefinition: a cookie that is only used when a browser is visiting a server using a secure Term: Copy Protocol (SCP)Definition: a TCP/IP protocol used mainly on UNIX and Linux devices that securely transports files by encrypting files and Term: FTP (SFTP)Definition: a TCP/IP protocol that is used for transporting files by encrypting and compressing all data and commands Term: Hash Algorithm (SHA)Definition: a secure hash algorithm that creates hash values of lengths than Message Digest algorithms Term: Shell (SSH)Definition: a UNIX-based command interface and protocol for accessing a remote computer Term: Sockets Layer (SSL)Definition: a protocol developed by Netscape for securely transmitting documents over the Internet that uses a key to encrypt data Term: logsDefinition: logs that are the primary source of log data Term: policyDefinition: a or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure Term: of dutiesDefinition: the of requiring that processes should be divided between two or more individuals Term: clusterDefinition: a combination of two or more servers that are interconnected to as one Term: single of failureDefinition: a component or entity in a system which, if it no longer functions, adversely affect the entire system Term: service Definition: software that is a cumulative package of all security plus additional features Term: Set Identifier (SSID)Definition: the user-supplied network name of a WLAN; it can be alphanumeric from 2 to 32 characters Term: cookieDefinition: a cookie that is stored in access memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting a Web site Term: hijackingDefinition: an attack in which an attacker attempts to impersonate the user by his session token Term: session Definition: a form of verification used when accessing a Web application Term: shoulder Definition: watching an authorized user enter a security code on a Term: -based monitoringDefinition: a monitoring technique used by an IDS that network traffic to look for well-known patterns and compares the activities against a predefined signature Term: signature Definition: a sequence of bytes (a string) found in the as a virus signature Term: Simple Network Protocol (SNMP)Definition: a TCP/IP protocol that exchanges management information between networked devices and allows network administrators to remotely monitor, manage, and configure on the network Term: single-factor Definition: using one type of credentials Term: Single Loss (SLE)Definition: the expected monetary loss time a risk occurs Term: sign-on (SSO)Definition: using one credential to access multiple accounts or applications Term: smart Definition: a card that contains an integrated circuit chip that can hold information used as part of the process Term: attack Definition: an attack that broadcasts a ping to all computers on the network yet changes the address from which the request came to that of the target Term: engineeringDefinition: a means of gathering information for an attack by relying on the of individuals Term: networking Definition: grouping and organizations into clusters or groups based on a like affiliation Term: networking siteDefinition: web sites that facilitate linking individuals with common interests like hobbies, religion, , or school or work contacts Term: spamDefinition: e-mail Term: fishingDefinition: a phishing attack that only specific users Term: spimDefinition: a variation of spam, targets instant messaging users instead of e-mail users Term: spoofingDefinition: impersonating another or device Term: spyDefinition: a who has been hired to break into a computer and steal information Term: Definition: a term used to describe software that spies on users by gathering information without consent, thus violating their privacy Term: SQL Definition: an attack that SQL by injecting commands to be manipulated by the database Term: SSID Definition: the transmission of the SSID from the access to wireless devices Term: biometricsDefinition: using fingerprints or unique physical characteristics of a person's face, hands, or eyes for autnetication Term: Definition: hiding the existence of data within a text, audio, image, or video Term: stream Definition: an algorithm that one character and replaces it with one character Term: (subnet addressing)Definition: a technique that uses IP to divide a network into network, subnet, and host Term: succession Definition: determining in advance who will be authorized to take over in the event of the incapacitation or death of key Term: Definition: a device that connects network segments and forwards only frames intended for that specific device or sent to all devices Term: symmetric cryptographic Definition: encryption that uses a single key to encrypt and decrypt a Term: symmetric server Definition: a technology in which every server in the cluster performs work, and if one server fails, the remaining servers continue to perform their normal work as well as that of the failed server Term: SYN attackDefinition: an attack that takes advantage of the procedures for a TCP session Term: imageDefinition: a snapshot of the state of the computer that contains all settings and data Term: Definition: the act of unauthorized individuals a restricted-access building by following an authorized user Term: Temporal Key Protocol (TKIP)Definition: a WPA technology Term: Terminal Access Control Access System (TACACS)Definition: an authentication service commonly used on UNIX devices that by forwarding user authentication information to a centralized server. the current version is TACACS+ Term: third-party Definition: a cookie that was created by a third party that is different from the Web site Term: -party trustDefinition: a trust model in which two individuals trust each because each individually trusts a third party Term: Definition: a type of action that has the potential to cause Term: threat Definition: a person or that has the power to carry out a threat Term: time of day Definition: limitations imposed as to when a user can log on to a Term: Definition: a small device that can be affixed to a keychain with a window display that shows a code to be used for Term: transitive Definition: an attack involving using a third to gain access rights Term: Transmission Control /Internet Protocol (TCP/IP)Definition: the most common protocol used today for local area networks (LANs) and the internet Term: Transport Security (TLS)Definition: a that is an extension of SSL and guarantees privacy and data integrity between applications Term: Triple Data Standard (3DES)Definition: a symmetric cipher that was designed to replace Term: horse (Trojan)Definition: an executable program as performing one activity, but actually does something else (or it may perform both the advertised and malicious activities) Term: trust Definition: the type of relationship that can exist between individuals or entities Term: operating system (trusted OS)Definition: a hardened operating that can keep attackers from accessing and controlling critical parts of a computer system Term: Platform Module (TPM)Definition: a chip on the motherboard of the that provides cryptpgraphic services Term: Definition: a derivation of the Blowfish algorithm that is considered to be strong Term: LAN (VLAN)Definition: a technology that allows scattered users to be logically grouped together even though they may be attached to switches Term: virtual private (VPN)Definition: a technology to use an public network, such as the Internet,like a sercure private network Term: virtualizationDefinition: a means of managing and presenting computer resources by function without regard to their physical or location Term: vishingDefinition: a phishing attack that uses a call instead of e-mail Term: encryptionDefinition: encryption to mask the content of voice communications Term: VPN Definition: a that aggregates hundreds of thousands of VPN connections Term: vulnerabilityDefinition: a flaw or weakness that allows a threat agent to bypass Term: vulnerability Definition: a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any entity that is a potential harm Term: vulnerability Definition: an automated software through a system for any known security weaknesses that then creates a report of those potential exposures Term: vulnerability Definition: term for a range of products that look for vulnerabilities in networks or systems Term: war Definition: the process of documenting and then advertising the of wireless LANs for other to use Term: war Definition: searching for wireless signals from an automobile or on foot using a portable computing Term: warm Definition: a remote site that contains computer equipment but does not have Internet or telecommunication facilities, and does not have backups of data Term: Web application Definition: a type of firewall that looks more deeply into packets that carry HTTP traffic Term: Web gatewayDefinition: a device that can block malicious content in "real as it appears (without forst knowing the URL of a dangerous site) Term: whalingDefinition: a attack that targets only wealthy individuals Term: white Definition: a test where the tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of the custom Term: disk encryptionDefinition: cryptography that can be to entire disks Term: Wi-Fi Protected (WPA)Definition: the original set of protections from the Wi-Fi Alliance in 2003 designed to protect both the present and future wireless Term: Wi-Fi Access 2 (WPA2)Definition: the generation of WPA security from the Wi-Fi Alliance in 2004 to address authentication and encryption on WLANs Term: Wired Equivalent (WEP)Definition: an IEEE 802.11 security protocol designed to ensure the only authorized parties can view transmitted wireless . WEP has significant vulnerabilities is not considered secure Term: word Definition: horizontally separating words so that they can be read by the human eye Term: Definition: a malicious program designed to take advantage of a vulnerability in an application or an operating system in order to enter a and then self-replicate to other computers Term: X.509Definition: the most widely acepted format for digital certificates as defined by the Telecommunication Union (ITU) Term: Xmas Tree port Definition: sending a packet with every option set on for whatever protocol is in use to observe how a hosts Term: XML (Extensible Markup )Definition: a markup language that is designed to data instead of indicating how to display it Term: XML Definition: an attack that injects XML tags and data into a Term: zero day Definition: attacks that exploit previously unknown vulnerabilities, so victims have no time (zero days) to prepare or defend against the |
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
Charter College Lynn
Popular Computers sets