Cissp Flashcards Pdf

The remains of partial or even the entire data set of digital information

Deals with restoring normal business operations after the disaster takes place...works to get the business back to normal

The maximum period of time that a critical business function can be inoperative before the company incurs significant and long-lasting damage.

IEEE standard defines the Token Ring media access method

The balance against the cost of recover and the cost of disruption

portion of the BIA that lists the resources that an organization needs in order to continue operating each critical business function.

This type of DRP test is a detailed review of DRP documents, performed by individuals working on their own. It is used to identify inaccuracies, errors, and omissions in DRP documentation.

The one person responsible for data, its classification and control setting

To move from location to location, keeping the same function

A side-channel attack carry-out on smart cards that examining the power emission release during processing

Defined as real-time monitoring and analysis of network activity and data for potential vulnerabilities and attacks in progress.

A side-channel attack on smart cards that examine the frequencies emitted and timing

Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk.

Maintaining full control over requests, implementation, traceability, and proper documentation of changes.

Mitigate damage by isolating compromised systems from the network.

Most organizations enforce policies to change password ranging from

Process must within set time constrains, applications are video related where audio and video must match perfectly

Identification and notification of an unauthorized and/or undesired action

Makes copies of files as they are modified and periodically transmits them to an off-site backup site

Mitigation of system or component loss or interruption through use of backup capability.

A backup method use when time and space are a high importance

Protocol designed to same individual message securely

Conduct that violates government laws developed to protect society

Has 256 hosts

Creates one large disk by using several disks

Deemed proprietary to a company and often include information that provides a competitive edge, the information is protected as long the owner takes protective actions

Active Directory standard

Controls deployed to avert unauthorized and/or undesired actions.

A group of hard drives working as one storage unit for the purpose of speed and fault tolerance

Define the way in which the organization operates.

Used to connect two networks using dissimilar protocols at different layers of the OSI model

The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.

The property that data meet with a priority expectation of quality and that the data can be relied upon.

The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks

A cable consisting of a core, inner conductor that is surrounding by an insulator, an outer cylindrical conductor

Layer 1 network device that is used to connect network segments together, but provides no traffic control (a hub).

Result of a user performing an action on a hash value with a private key, provides authentication, nonrepudiation, and data integrity

A passive network attack involving monitoring of traffic.

Forgery of the sender's email address in an email header.

Potentially compromising leakage of electrical or acoustical signals.

Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult.

A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses.

Interception of a communication session by an attacker.

Layer 1 network device that is used to connect network segments together, but provides no traffic control (a concentrator).

An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.

Unauthorized access of information (e.g. Tapping, sniffing, unsecured wireless communication, emanations)

Forging of an IP address.

An attack that breaks up malicious code into fragments, in an attempt to elude detection.

A network authentication protocol, provide protection by: authentication, authorization, and auditing

The response of an organization to a disaster or other significant event that may significantly impact the organization, its people, or its ability to function productively.

A type of attack involving attempted insertion, deletion or altering of data.

A device that sequentially switches multiple analog inputs to the output.

A mail server that improperly allows inbound SMTP connections for domains it does not serve.

The legal act of luring an intruder, with intend to monitor their behavior

A basic level of network access control that is based upon information contained in the IP packet header.

Provides a physical cross connect point for devices.

A telephone exchange for a specific office or business.

A social engineering attack that uses spoofed email or websites to persuade people to divulge information.

Unauthorized access of network devices.

Mediates communication between un-trusted hosts on behalf of the hosts that it protects.

Layer 1 network device that is used to connect network segments together, but provides no traffic control (a concentrator).

A disturbance that degrades performance of electronic devices and electronic communications.

Unauthorized wireless network access device.

A layer 3 device that used to connect two or more network segments and regulate traffic.

A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.

An attack involving the hijacking of a TCP session by predicting a sequence number.

Enclosure of electronic communication devices to prevent leakage of electromagnetic signals.

A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle)

Eavesdropping on network communications by a third party.

A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network.

Unsolicited commercial email

A layer 2 device that used to connect two or more network segments and regulate traffic.

A Denial of Service attack that floods the target system with connection requests that are not finalized.

Eavesdropping on network communications by a third party.

Mitigation of spamming and other attacks by delaying incoming connections as long as possible.

A Denial of Service attack that exploits systems that are not able to handle malicious, overlapping and oversized IP fragments.

A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment.

A simple, inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.

Reconnaissance technique, involving automated, brute force identification of potentially vulnerable modems.

A specification for wireless Metropolitan Area Networks (IEEE 802.16) that provides an alternative to the use of cable and DSL for last mile delivery.

The managerial approval to operate a system based upon knowledge of risk to operate

18 USC - Fraud and Related Activity in Connection with Access Devices

The technical and risk assesment of a system within the context of the operating environment

The current internationally accepted set of standards and processes for information security products evaluation and assurance, which joins function and assurance requirements

An unintended communication path

A software design technique for abstraction of a process

Hardware or software that is part of a larger system

Usually inspect the header, because the data payload is encrypted in most cases

Third party processes used to organize the implementation of an architecture

Committee for internet design, engineering, and management, responsible for the architectural oversight of the IETF

Registered ports as defined by IANA

The past internationally accepted set of standards and processes for information security products evaluation and assurance, which separates function and assurance requirements

Semiformally verified design and tested

A program in the operating system responsible for maintaining the hierarchical storage relocation requirements for processes and data from RAM to hard drives

A state where two subjects can access the same object without proper mediation

To execute more than one instruction at an instant in time

More than one processor sharing same memory, also know as parallel systems

Rapid switching back and forth between programs from the computer's perspective and appearing to do more that one thing at a time from the user's perspective

More than one process in the middle of executing at a time

A type of multitasking that allows for more even distribution of computing time among competing request

Memory - RAM

A form of data hiding which protects running threads of execution from using each other's memory

Memory management technique that allows two processes to run concurrently without interaction

The hardware and software mediator of all subject and object interactions which has as its primary goal security policy enforcement.

Memory management technique which allows data to be moved from one memory address to another

Implementation of operating system protection mechanism, where more sensitive built upon the layering concept

Protect words, names, product shapes, symbols, colors, or a combination of these, used to identify product a company

The hard drive

Memory management programming which make the limited RAM of the physical machine appear to be more by using a portion of the hard drive

A passive attack that eavesdrops on communications, only legal with prior consent or warrant

Subset of operating systems components dedicated to protection mechanisms

One method of testing a specific component of a plan. Typically, a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.

Abstract and mathematical in nature, defining all possible states, transitions and operations

Information that can be distribute within the organization but could harm the company if disclosed externally

Generates a one-time password that is only valid for a short period of time

(problem or program state) the problems solving state, the opposite of supervisor mode

The past U.S. military accepted set of standards and processes for computer systems evaluation and assurance, which combines function and assurance requirements

A unit of execution

The past U.S. military accepted set of standards and processes for network evaluation and assurance, which combines function and assurance requirements

All of the protection mechanism in a computer system

Many implementations run LDAP on SSL on this port

To start business continuity processes

1- Defining resources 2- Determining users 3- Specifying how users use recourse

Location to perform the business function

Organization's prior arrangements made to maintain the functions and processes important to the existence of the organization

An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed, resources are allocated and, recovery and continuity strategies and procedures are completed and tested.

A committee of decision makers, business owners, technology experts and continuity professionals, tasked with making strategic recovery and continuity planning decisions for the organization.

Encrypt/Decrypt are processes in queues, key benefit utilization of hardware devices and multiprocessor systems

Protects the expression of an idea, rather than the idea itself

Insurance coverage for disaster related expenses that may be incurred until operations are fully recovered after a disaster.

Message encrypted is input into the hash function then the hash value is encrypted with the sender's private key

The chronological sequence of recovery activities, or critical path, that must be followed to resume an acceptable level of operations following a business interruption.

The component of Disaster Recovery which deals specifically with the relocation of a key function or department in the event of a disaster, including personnel, essential records, communication facilities, fax, mail services, etc.

(desk check) a test that answers the questions: Does the organization have the documentation it needs? Can it be located?

an empty computer room with environmental facilities (UPS; heating, ventilation, and air conditioning [HVAC]; and so on) but no computing equipment.

Enables data owners to dictate what subjects have access to the objects they own

A plan used by an organization or business unit to respond to a specific systems failure or disruption of operations. May use any number of resources (e.e workaround procedures, alternate work area, etc.)

A critical event, which, if not handled in an appropriate manner, may dramatically impact an organization's profitability, reputation, or ability to operate.

Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.

Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization, community, nation, etc

Records or documents that, if damaged or destroyed, would cause considerable inconvenience and/or require replacement or recreation at considerable expense.

The process of assessing damage, following a disaster, to computer hardware, vital records, office facilities, etc. And determining what can be salvaged or restored and what must be replaced.

Those actions and backup processes determined by an organization to be necessary to meet its data recovery and restoration objectives, including timeframes, technologies, offsite storage, and will ensuretime objectives can be met.

The back up of system, application, program and/or production files to secondary media. Data backups can be used to restore corrupted or lost data or to recover entire systems and databases in the event of a disaster.

The restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.

The partial or full duplication of data from a source database to one or more destination databases.

A formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions (e.g. A move to an alternate site.)

A test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?

An event which stops business from continuing.

The document that defines the resources, actions, tasks and data required to manage the business recovery process in the event of a business interruption within the stated disaster recovery goals.

A structured group of teams ready to take control of the recovery operations if a disaster should occur.

Simulates the alert tones of coins being deposited into a pay phone

A back up type, where the organization has excess capacity in another location.

Enable the attacker to re-route traffic from a network device to a personal machine

EAL Methodically designed, tested, and reviewed

A sudden, unexpected event requiring immediate action due to potential threat to health and safety, the environment, or property.

More than 3-4 of all security violations are linked to insiders of a company are

A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.

Planning for the delegation of authority required when decisions must be made without the normal chain of command

Ensure availability of data and provide fault-tolerance by creating and maintaining two identical disks, provide online backup storage, but is very expensive

The process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.

A BCP testing type, a test that answers the question: Can the organization operate at the alternate location only?

Heavily populated areas, particularly susceptible to high-intensity earthquakes, floods, tsunamis, or other disasters, for which emergency response may be necessary in the event of a disaster.

Fully configured with hardware, software, and environmental needs, can be up and running quickly, expensive

Regular operations is completely stop and move to the alternative site

A test conducted on multiple components of a plan, in conjunction with each other, typically under simulated operating conditions

Hackers who specialize in committing telephone fraud

Amount of time for restoring a business process or function to normal operations without major loss

A logical name for the data store and does not use the drive letter or directory location of the database. Can be use when programming ODBC

An application that is essential to the organization's ability to perform necessary business functions. Loss of the mission-critical application would have a negative impact on the business, as well as legal or regulatory impacts.

A mobilized resource purchased or contracted for the purpose of business recovery.

ISO/IEC standard for smart cards - Transmission protocol

One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all, or most, of the applicable teams.

The act of collecting and analyzing large quantities of information to determine pattern of behavior and use them to form a conclusion about past, current, and future behavior

A backup of data located where staff can not gain access readily and a regional disaster will not cause harm

Alternate facility, other than the primary production site, where duplicated vital records and documentation may be stored for use during disaster recovery.

Spreading out of light pulses which overlap the preceding or upcoming purses, most prevalent in fiber optic cabling

One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises are typically performed under actual operating conditions

Determines the impact of the loss of an operational or technological resource. The loss of a system, network or other critical resource may affect a number of business processes.

A test conducted on one or more components of a plan under actual operating conditions.

Uses time or a counter between the token and the authentication server, secure-ID is an example

Agreement between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other's site.

The time period between a disaster and a return to normal functions, during which the disaster recovery plan is employed.

The point in time to which systems and data must be recovered after an outage.

An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy.

Maximum tolerance for loss of certain business function, basis of strategy

Transmit the journal or transaction log offsite to a backup location

EAL Structurally tested

Is only 4mm in size, but compression technique and head scanning makes it a large capacity and fast

Users have clearances, and resources have security levels that contain data classifications

Process of identifying the risks to an organization, assessing the critical functions, defining the controls in place to reduce organization exposure and evaluating the cost for such controls.

Implementation of measures to deter specific threats to the continuity of business operations, and/or respond to any occurrence of such threats in a timely and appropriate manner.

(file shadowing) a backup type, for databases at a point in time

An area where common processes and security control work to separate all entities involved in these processes from other entities

A flow of information between a subject and an object

A planned or unplanned interruption in system availability.

Information that utmost protection or, if discovered by unauthorized personnel, would caused irreparable damage

A backup supply that provides continuous power to critical equipment in the event that commercial power is lost.

A record that must be preserved and available for retrieval if needed.

Recovery alternative which includes cold site and some equipment and infrastructure is available

Plan for systems,networks, and major applications recovery procedures after disruptions, should be develop for each major system and application

A design methodology which addresses risk early and often

Strategy documents that provide detailed procedures that: ensure business functions are maintained, help minimize losses of life, operations, and systems

Robust project management process of new systems with at least the following phases: design and development, production, distribution, operation, maintenance, retirement, and disposal

A programming design philosophy and a type of programming language, which breaks a program into smaller units. Each unit has its own function.

The process of separating group of people and information from other groups such as isolated from each other thus information does not flow between them

Induces an individual to commit a crime other wise he won't, it is illegal

Refers to going through someone's trash to find information, it is legal, unless involves trespassing

OOP concept of an object's abilities, what it does

OOP concept of a class's details to be hidden from object

Objects or programming that looks the different but act same

OOP concept of a taking attributes from the original or parent

Converts a high level language into machine language

Converts source code to an executable

Line by line translation from a high level language to machine code

Program instructions based upon the CPU's specific architecture

A distributed system's transaction control that requires updates to complete or rollback

Manipulates line voltage to enable toll-free calling

A description of a database

Part of a transaction control for a database which informs the database of the last recorded transaction

A program with an inappropriate second purpose

Packet-switching technology that is used by telecom services for data-only traffic, operate at L3 and L2

A portable identity, and its associated entitlements, that can be used across business boundaries, allow user to be authenticated across multiple IT systems

A program that waits for a condition or time to occur that executes an inappropriate activity

Malware that makes small random changes to many data points

A Trojan horse with the express underlying purpose of controlling host from a distance

Malware that subverts the detective controls of an operating system

Final purpose or result

Organized group of compromised computers

Program that inappropriately collects private data or activity

Unsolicited advertising software

A condition in which neither party is willing to stop their activity for the other to complete

Qualitative & quantitative data is gathered, analyzed, interpreted, and presented to management

A token-passing ring scheme, has a second ring that remains dormant until an error condition is detected

A race condition where the security changes during the object's access

An availability attack, to consume resources to the point of exhaustion

An availability attack, to consume resources to the point of exhaustion from multiple vectors

A programming device use in development to circumvent controls

Unchecked data which spills into another location in memory

A covert storage channel on the file attribute

Inappropriate data

False memory reference

A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy

Malware that uses the trust on a website to redirect users to untrusted websites which captures data or installs more malware

Distributing tasks and associated privileges among multiple people, primary objective to prevent fraud and errors

Information that if release outside of the organization could create severe problems for the organization

A library of commands maintained by a system for other programs to use, provides consistency and integrity for the programs

Each encryption and decryption request is perform immediately

A set of best practices for programmers to seek in all application or data base design

Indivisible, data field must contain only one value that either all transactions take place or none do

Distance vector routing protocol, doesn't offer security and is interior gateway protocol

Another subject cannot see an ongoing or pending update until it is complete

An active entity that requests access to a passive entity

Passwords base on user's opinion or life experience

Evidence must be: admissible, authentic, complete, accurate, and convincing

Pertaining to law, high degree of veracity

Information residing on computer systems, that is readily visible to the operating system with which it was created and is immediately accessible to users without deletion, modification or reconstruction.

A specification for a set of communication protocols to standardize the way that wireless devices

A standard for encrypting and digitally signing electronic mail and for secure data transmissions.

Archival Data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes.

Text that does not include special formatting features and therefore can be exchanged and read by most computer systems

The practice of evaluating the risk levels of an organization's information to ensure that it receives the appropriate level of protection

The owner determines who has access to the data and what privileges they have - user centric

Ertaining to a number system that has just two unique digits.

A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code.

Slang for making (burning) a CD-ROM copy of data, whether it is music, software, or other data.

An attack that sends specially developed bot only to one or a few IP Addresses in the target organization

SLE x ARO =

A type a computer memory that temporarily stores frequently used information for quick access.

Recording the Who What When Where How of evidence

System of law based upon what is good for society

Software that is transmitted across the network from a remote source to a local system then executed at the local system

Covers standards of performance or conduct expected by government agencies from companies, industries, certain officials

Pertaining to law, lending it self to one side of an argument

Small data files written to a user's hard drive by a web server.

Responsible for starting the recovery of the original site

Process whereby data is removed from active files and other data storage structures

Portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery. May also be called "Backup Tapes."

Employee has more rights than necessary to complete his tasks

Actions measured against either a policy or what a reasonable person would do

A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.

A method of providing telecommunication continuity which involve routing traffic through split or duplicate cable facilities

A tag of three or four letters, preceded by a period, which identifies a data file's format or the application used to create the file.

Renders the file inaccessible to the operating system, available to reuse for data storage.

TCP/IP protocol provides for reliable end-to-end communication, ensure error free delivery, handles data's packet sequencing, and maintains the data's integrity

One of the key benefits of a network is the ability to share files stored on the server among several users.

A system designed to prevent unauthorized access to or from a private network.

An exact bit-by-bit copy of the entire physical hard drive or floppy disk, including slack and unallocated space. Only forensic copy quality will hold up in court.

Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.

Relies on UDP whereas services such as: FTP, Telnet and SMTP rely on TCP

A peripheral data storage device that may be found inside a desktop or laptop as permanent storage solution. The hard disk may also be a transportable version and attached to a desktop or laptop.

Practice execution of the plan takes place, focus on specifics scenario, continues up to the point of actual relocation of the alternative site

A computer designed for the purpose of studying adversaries

Methodical research of an incident with the purpose of finding the root cause

An image compression standard for photographs

Information which has retained its importance, but which has been created or stored by software/hardware that has been rendered obsolete.

18 USC - Fraud and Related Activity in Connection with Computers

The duplication of data for purposes of backup or to distribute network traffic among several computers with identical data.

A type of authentication that provides protections against impostors who can see, alter, and insert information passed between the claimant and verifier even after the claimant/verifier authentication is complete

Provides continuous online backup by using optical or tape jukeboxes

Residual Data (sometimes referred to as "Ambient Data") refers to data that is not active on a computer system.

Process of statistically testing a data set for the likelihood of relevant information.

One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension.

Mathematical function that determines the cryptographic operations

Encryption system using a pair of mathematically related unequal keys

It must be legally permissible, meaning it was seized legally, and the chance of custody was not alter

A mathematical tool for verifying no unintentional changes have been made

Scrambled form of the message or data

This control is based on the actual information within the data rather than the general definition

Normally consider the authority source for user identities because is where they are developed

Code breaking, practice of defeating the protective properties of cryptography.

Act of tricking or deceiving a person into giving confidential or sensitive information

The study of cryptography and cryptanalysis

Wrongs against individuals or companies, resulting in damage or loss

The administrator define and control access to rules for files in system

Has 65,536 hosts

Executed by carrying out smaller crimes with the hope that a larger crime will not be noticed

Act of scrambling the cleartext message by using a key.

Randomly-generated value used by many cryptosystems to ensure that a unique ciphertext is generated

An instance in which two different keys generate the same ciphertext from the same plaintext

For PKI, to store another copy of a key

Lightweight Directory Access Protocol

Total number of keys available that may be selected by the user of a cryptosystem

A hash that has been further encrypted with a symmetric algorithm

Subjects and objects are given the minimum level of access required to perform functions or, tasks

ISO/IEC standard for smart card physical characteristics

A device where the two connecting networks must have the same network protocol

Simulates a particular calling tone, enabling the theft of long distance service

Act of willfully modifying information, programs, or documentation in an effort to commit fraud or disrupt production

A running key using a random key that is never used again

Moving letters around

Natural or human-readable form of message

A cooperative collection of business processes and technologies used for the purpose of binding individuals to a digital certificate

Establish personnel safety and evacuation procedures

An encryption method that has a key as long as the message

Works as an email transfer agent at the application layer

Inference about encrypted communications

A method of hiding data within another media type, such as graphic, WAV file, or document

Cover losses caused by Denial-of-Service, Malware damage, hackers, electronic theft, privacy-related lawsuits, and more

Encryption system using shared key/private key/single key/secret key

Intellectual property management technique for identifying after distribution

Effort/time needed to overcome a protective measure

Prolonged, complete loss of electric power

Reduction of voltage by the utility company for a prolonged period of time

Hitting a filed down key in a lock with a hammer to open without real key

A system that's configured to automatically block suspected attacks in process without any intervention required by an operator

Momentary loss of power

Alerts personnel to the presence of a fire

Responsible for getting the alternative site into a functioning environment

To reduce fire

Fault tolerance for power

The initial surge of current required when there is an increase in power demand i.e starting a large motor

Transfers data by sending bits of data in irregular timing patterns

ISO/IEC standard for smart cards initialization and anticollision

Using small special tools all tumblers of the lock are aligned, opening the door

Second hand evidence and usually not admissible in court

Sudden rise in voltage in the power supply.

ensures that up-to-date data is available in the event that the primary data center is damaged or destroyed.

EAL Semiformally designed and tested

your organization and another organization sign a reciprocal agreement in which you both pledge the availability of your organization's data center in the event of a disaster.

larger organizations can consider the option of running daily operations out of two or more regional data centers that are hundreds (or more) of miles apart.

EAL Methodically tested and checked

Grants ownership and enables owner to legally enforce his rights to exclude others from using the invention.

The system applies controls based on the clearance of a user and the classification of an object or data - the owner provide the need to know

A BCP test - Some systems are run at the alternate site

this type of DRP test is similar to a parallel test except that in this test a function's computer systems are actually shut off or disconnected.

Describe the destination for a TCP/UDP packet

Are not vulnerable to DOS attacks, should be place in the outermost boundary with an untrusted network

RAID 2 - Created using hamming code, detects errors and establishes location of the error on the drive

Reduces maintenance, ease of reusing code

Framework of programs, procedures, communication protocols, and public key cryptography, enable secure communication among diverse individual

Other unauthorized copies of reports could be printed

Well Known ports

Manipulates line voltage for toll free calls

Ensured system accountability

Recognition of an individual's assertion of identity, does not ensure accountability

Central service, classified as AAA server, does not comparable with other similar server

one-to-one search to verify identity

LAN media access method

Use to share file between Unix computers

Tunneling protocols, operate at the Data Link Layer

Are limited due non-inclusion of IP header information

Can be perform by the same person in a well-controlled environment

Uses mathematical properties of modular arithmetic to make RSA more feasible for computer use

Maximum allow key size is 256

Are vulnerable to non-adversary disturbances

Most be able to scale to support the volume of data

Attacker sends spoofed packet SYSN flag set to the victim's IP address

Required when the communication is gateway-to-gateway or host-to-host

Proper BACKUP procedure steps

Requires all communications carriers to make wiretaps possible

(1) Identify assets and their values (2) Identify vulnerabilities and threats (3) Quantify the probability and business impact of these potential threats (4) Provide an economic balance between the impact of threat and the cost of the countermeasure

Mirroring, has the higher cost per megabyte

Supports multiple network types in the same serial link

Create ACLs on the fly, allows dynamic ports higher 1023

Support server (mandatory) and client (optional) authentication

Can delivery 52 Mbps downstream over a single cooper twisted wire

Deliver 1.544 of bandwidth each way

Delivers a max of 9 Mpbs downstream

IP Header Field = 6

IP Header Field = 17

IP Header Field = 1

IP Header Field = 2

System Development Life Cycle phase

Establishes minimal levels national standards for certifying national security systems

Is a preventive control

Provide reliability at the Transport Layer

Provides integrity, authentication, and (depend on the the algorithm) nonrepudation

The process of allowing only authorized users, programs, or other computer systems, to observe, modify, or otherwise take possession of the resources of a computer system. It also limit authorized users to some resources.

Access control protect entry to, and movement around, an organization's physical location to protect its assets

Four Key to access control Specify:

Use to test response of antivirus software on a computer system, a detectable string is use

Involved knowing and keeping all company's IT assets up to date

All inspection and processing takes place within it at the lower layer

Allows multiple companies and networks to share WAN media

The equipment use at the company-end in a frame relay environment

The equipment use by the service provider in a frame relay environment

Represents the correct sequence of tasks in a event of a disaster

5 Rules of evidence

Early-warning device to start in evacuation, use photo-electric, detect variations in light intensity

Protects US citizen's sensitive information collected by government agencies

Minimize the number of public IP addresses that organization purchases

Massive computational power is available but is not suitable for processing sensitive data

Specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented information security management system

ISO standard related to Quality management

ISO standard related to Environmental management

ISO Standard related to Risk Management

The Business Continuity plan guidelines are defined

Operating systems functionality takes place in ring zero in privileged or supervisory mode

Simple method used in symmetric key cryptography to ensured data integrity

To protect sensitive data such as top secret, users lower-level users received fake view of the data

Caused by electronic Motors, lightning, etc

Caused by Components of Electrical System, Cables, Fluorescent Lighting, Truck Ignitions. Can cause permanent damage to sensitive system components

Affected from 100 degrees Fahrenheit

Damaged at 150 degrees Fahrenheit

Damaged at 175 degrees Fahrenheit

Damaged at 350 degrees Fahrenheit

Noise from Radiation Generated by the difference between Hot and Ground wires

Noise from Radiation Generated by the difference between Hot and Neutral wires

Involves getting management support, developing the scope of the plan, and securing funding and resources

Line noise that is superimposed on the supply Circuit can cause fluctuation in power

Power surge generated by a person or device contacting another device and transferring high voltage shock. Affected by low humidity

Causes problems with condensation on computer equipment, corrosion of electrical connections

Causes Increase in Electrostatic Discharge, up 4000 Volts under normal humidity and up to 25000 volts under very low humidity

Measure humidity levels

Static charge damage Sensitive Circuits and Transistors

Static charge damage Scramble Monitor Display

Static charge damage Disk Drive, causing data loss

Static charge damage System Shutdown

Static charge damage Printer Jam

Static charge damage Permanent Chip

Common Combustibles such as paper, wood, furniture, clothing - Water, Foam

Burnable fuels such as gasoline, oil, or alcohol - Inert Gas, CO2

Electrical fires such as computers and electronics - Inert Gas, CO2 - Turn off electricity first

Special Fires, such as chemical, metal - Dry powder

Commercial Kitchens - Wet Chemicals

Always contains water - most popular and reliable, 165 Fuse Melts - can freeze in winter - pipe breaks can cause floods

No water in Pipe - preferred for computer installations, use a clapper to hold the water, air blows out of pipe

Water Discharge is large, not recommended for computer installations

Most recommended for computer room, combines both dry and wet pipes, water released into pipe first then after fuse melts in nozzle the water is dispersed

Efforts to prevent unauthorized discloser of information to those who do not the need, or right to see it

First widespread public key encryption program, provide C by using IDEA and with MD5

Motive, opportunity, and means

These include the developing and publishing of policies, standards, procedures, guidelines, risk management, and security awareness training

These consist in implementing and maintaining access control mechanisms, password and resource management, identification and authentication methods, configuration of the infrastructure

These entail controlling access to a facility, and protecting its perimeter

Term and concept used to help determine liability in a court of law, ensure someone is acting responsible

A framework developed by the Information Systems Audit and Control Association and the IT Governance Institute. Defines the goals for the controls that should be used to properly manage IT and ensure IT maps to business needs. Four domains: Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate

Has 16,777,216 host

The possibility that someone or something would exploit a vulnerability, intentionally, or accidentally

The probability of a threat agent exploiting a vulnerability and the loss potential

Planning for longer term - 5 years or more

Midterm planning - less than 5 years

A strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall

Degree of confidence that certain security level provided

Set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensured objectives are achieved and risks are properly managed.

An International organization that helps different governments to collaborate in order to tackled economic, social and governance challenges of the globalized economy

Threats x vulnerability x asset value =

(Threats x vulnerability x asset value) x control gap =

The process of identifying, assessing, and reducing risk to an acceptable level and implementing various mechanisms to maintain that level of risks

Defines the minimum level of access for subjects based on their job or business requirements

The attacker has the ciphertext of several message, each message encrypted using the same algorithm. His goal is to discover the key used in the encryption process

The attacker has the plaintext and ciphertext of one more messages. His goal is to discover the key used in the encryption process

The attacker has the plaintext and ciphertext, but can choose the plaintext that gets encrypted to see the corresponding ciphertext

The attacker can choose the ciphertext to be decrypted and has access to the resulting decrypted plaintext. Hard to accomplished, the attacker may need to have control of the system

The attacker takes two messages of plaintext and follows the changes that take place to the blocks as they go through the different S-boxes, each message is encrypted with same key

Attacker carries out a known-plaintext attack on several different messages encrypted with the same key, identifying specific output combination allows him to assign probability values to different keys, resulting on key display a pattern

Gathering outside information by watching how it behaves with the goal of uncovering the encryption key

The science of protecting information by encoding it into an unreadable format

The most famous rotor machine used by the Germans in Word War II

The mathematical rules that dictate the functions of enciphering and deciphering

Uses more than one alphabet to defeat frequency analysis

Provide confidentially, but does not provide authentication or nonrepudiation

DES, 3DES, Blowfish, IDEA, RC4-RC6, and AES are

Provide authentication or nonrepudiation, but is slower than its counterpart

RSA, ECC, Diffie-Hellman, El Gamal, Knapsack, and DSA

Use a keystream generator and encrypt a message one bit at a time, usually implemented in hardware

Divides the message into groups of bits and encrypts them, usually implemented in software

A block cipher that divides a message into 64-bit blocks and employs S-box-type functions on them

Uses 48 rounds of computation and up to three different keys

A symmetric block cipher with a key of 128 bits

Based one a one-way function that factors large numbers into prime numbers, only the private key knows the trapdoor to decrypt the message

Asymmetric algorithm, provide digital signature, secure key distribution, and encryption. Use much less resources, more suitable for wireless device and cell phone encryption

Trusted third party that generates and maintains user certificates, which hold their public key

Keep track of revoked certificates

A mechanism use to associate a public key to person's identity

Validates the user's identity and then sends a request to another entity to fulfill user's request

These algorithms provide data integrity only

When a hash algorithm is applied to a message, it produces _________ and this value is signed with a private key to produce ___________

Produces a variable-length hash value

The attacker tries to create two messages with the same hashing value, brute force

Produces a 160-bit hash value and is used in DSS

Random values XOred againts the message to produce ciphertext

Algorithm use for digital signature

Most challenging task in cryptography, pertains to creating, maintaining, distributing, and destroying it

A key agreement protocol, does not provide any security services nor digital signature

Individual's conduct violate certain criteria developed to protect the public

An Internet standard that provides secure e-email over the Internet by using encryption, digital signatures, and key management

The military version of Privacy-Enhance Mail

Provides protection for message sent between two computers, but not the actual link

Dynamic and/or private ports

Proposed electronic commerce technology that provides a safer method for customer and merchant to perform transactions over the a public domain

The data payload is protected - IPSec

The payload and headers are protected - IPSec

Standard dictates different type of fields used within a certificate and the value within those fields

Each block is encrypted independently, allowing randomly accessed files to be encrypted and still accessed without having to process the file in a linear encryption, for each block of plaintext the same block of ciphertext is produced - very short message 64 bits in length

The result of encrypting one data is fed back into the process to encrypt the next block of data - Authentication

Each bit produced in the keystream is the result of a predetermined number of fixed ciphertext bits - Authentication

In The keystream is generated independently of the message - Authentication

A 64 bit random data block is used as the first initialization - Used in high speed apps such as IPSec and ATM

Encrypts all the data along a specific communication path i.e satellite, T3 line or telephone circuit. Data is decrypt and encrypt at each point - Layer 1 & 2

The headers, addresses, routing, and trailer are not encrypted, provided at the end-user computer as result more flexible - Layer 7