Information Assurance Final (Ch 8-14)
IEEE
Institute of Electrical and Electronics Engineers
Fair Credit Reporting Act (FCRA)
U.S. legislation that defines national standards for all consumer reports
Secure VPNs
VPNs in which all traffic is encrypted
Hub
a box with several connectors, or ports, that allows multiple network cables to attach to it. A hub is basically a hardware repeater. It takes input from any port and repeats the transmission, sending it as output on every port, including the original port
Network Access Control (NAC)
a combination of security controls that define and implement a policy that describes the requirements to access your network
Network monitoring platforms (NMPs)
a dedicated computer on the LAN running network management software
Dual-home ISP connection
a design in which a network maintains 2 connections to its ISP
uninterruptible power supply (UPS)
a device that provides continuous usable power to one or more devices
Open Systems Interconnection (OSI) reference model
a generic description for how computers use multiple layers of protocol rules to communicate across a network. The OSI reference model defines 7 distinct layers
IEEE 802.11
a group of standards for WLAN communication protocols
Ethernet MAN
a hybrid network that uses Ethernet on a Metro Ethernet, or MAN
Confidentiality agreement
a legally binding document in which the parties agree that certain types of information will pass among the parties and must remain confidential and not divulged (aka non-disclosure agreement)
Router
a network device that connects 2 or more separate networks
Intrusion Detection System (IDS)
a network hardware device or software that monitors real-time network activity and compares the observed behavior with performance thresholds and trends to detect unusual activity that might represent an intrusion
Intrusion Prevention System (IPS)
a network hardware device or software that monitors real-time network activity, compares the observed behavior with performance thresholds and trends to detect unusual activity that might represent an intrusion, and takes action to stop the attack
Multiprotocol Label Switching (MPLS)
a network mechanism that adds a simple label to each network packet, making routing of the packet faster than routing based on data in the header portion of the packet
Firewall
a network security measure designed to filter out undesirable network traffic
Switch
a networking device that forwards input it receives only to the appropriate output port
Card verification value (CVV)
a number printed on a credit card that provides additional authentication when rendering payment for online transactions
Dedicated line
a permanent circuit between 2 endpoints
Virtual Private Network (VPN)
a persistent connection between 2 nodes that allows bidirectional communication as if the connection were a direct connection with both nodes in the same network
Configuration control board (CCB)
a person or group of people who reviews each change request and approves or denies the request
Type 3 authentication (what you are)
a physical characteristic (biometric), such as a fingerprint, handprint, or retina characteristic
Type 2 authentication (what you have)
a physical object that contains identity information, such as a token, card, or other device
Acceptable Use Policy (AUP)
a policy that defines which actions are acceptable and which ones aren't
Kerberos
a popular computer network authentication protocol that allows nodes to prove their identities to one another
Service Level Agreement (SLA)
a portion of a service contract that promises specific levels of service
Worm
a self-contained program that replicates and send copies of itself to other computers, generally across a network
Demilitrized zone (DMZ)
a separate network or portion of a network that is connected to a WAN and at least one LAN, with at least one firewall between the DMZ and the LAN
Honeypot
a server deliberately set up to be unsecure in an effort to trap or track attackers
Protocol
a set of rules that govern communication
Service
a set of software functionality that a client accesses using a prescribed interface
Virus
a software program that attaches itself to or copies itself into another program for the purpose of causing the program to follow instructions that were not intended by the original program developer
Need to know
a subject has a need to access an object to complete a task
RACI Matrix
a table used to document tasks and the personnel responsible for the assignments RACI = Responsible, Accountable, Consulted, Informed
Malware
a term that refers to a collection of different types of software that share the goal of infiltrating a computer and making it do something
Nonintrusive test
a test that only validates the existence of a vulnerability
Two-factor authentication
a type of authentication that uses 2 types of authentication to authenticate a user
Multifactor authentication
a type of authentication that uses more than 2 methods to authenticate a user
Proxy server
a type of firewall that makes requests for remote services on behalf of local clients
Media Access Control (MAC) address
a unique identifier assigned to most network adapters
Subject
a user or object that requests to access a file, folder, or other resource
Owner
a user who has complete control of an object, including the right to grant access to other users or groups
Ethernet
a widely used LAN protocol for connecting a network. It is inexpensive to deploy and provides substantial bandwidth for the low cost
Wireless Local Area Network (WLAN)
a wireless network covering a small physical area, such as an office or building
LAN-to-WAN Domain
an IT domain that bridges between the LAN and WAN
Mandatory Access Control (MAC)
an access control method based on data classification and user clearance
Discretionary Access Control (DAC)
an access permission based on roles or groups that allows object owners and administrators to grant access rights at their discretion
Internal attack
an attack in which an attacker is able to compromise a system's access controls and either establish a presence inside the network or place malware on an internal computer
Internal-to-external attack
an attack in which the attacker uses the organization's infrastructure to launch an attack on another organiztion
Denial of Service (DoS)
an attack that generally floods a network with traffic. A successful DoS attack renders the network unusable and effectively stops the victim organization's ability to conduct business
Background check
an investigation to divulge evidence of past behavior that may indicate that a prospect is a security risk
Internet Service Provider (ISP)
an organization that provides a connection to the Internet
Non-Disclosure Agreement (NDA)
another name for a confidentiality agreement
Metro Ethernet
another name for an Ethernet MAN
Single point of failure
any component on which service relies. If the single component fails, all other dependent components essentially fail as well
Node
any computer or device that is connected to the network
Remote resource
any resource accessible across the LAN
Local resource
any resource attached to a local computer - the same computer to which the user has logged on
Intrusive test
any test that simulates an attack and results in damage
Distributed applications
applications whose components reside on different computers
Digital certificates
cryptography-related electronic documents that allow for node identification and authentication. Digital certificates require more administrative work than some other methods but provide greater security
Preventive controls
detailed and specific measures to be applied to a system
Traffic-monitoring devices
devices that monitor network traffic and compare performance with a baseline
Networking devices
hardware devices that connect other devices and computers using connection media
Cleartext
human-readable data
Access Control List (ACL)
lists of permissions that define which users or groups can access an object
Detective controls
mechanisms that recognize when an undesired action has occurred, such as motion detectors or usage log analysis tools
Corrective controls
mechanisms that repair damage caused by an undesired action and limit further damage such as the procedure to remove detected viruses or the use of a firewall to block an attacking system
Data leak security appliances
network devices or software running on computers that scan network traffic for data-matching rules
WAN optimizers
network devices or software that can analyze current WAN performance and then modify how new traffic is sent across the WAN
Internal telecommunication union telecommunication standardization sector (ITU-T)
one of three divisions of the International Telecommunication Union, primarily responsible for communication standards
Disaster recover plan
plan that documents the steps you can take to replace damaged or destroyed components due to a disaster to restore the integrity of your IT infrastructure. DRPs, along with BCPs, enable you to recover from disruptions ranging from small to large
Business continuity plans (BCPs)
plans that document the steps to restore business operation after an interruption. BCPs, along with DRPs, enable you to recover from disruptions ranging from small to large
Due diligence
reasonable steps taken to ensure adherence to requirements
Packet sniffer
software that copies specified packets from a network interface to an output device, generally a file
Spyware
software that covertly collects information without the user's knowledge or permission
Trojan horse
software that either hides or masquerades as a useful or benign program
Rootkit
software that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised
Networking devices software
software that provides connection and communication services for users and devices
network operating system (NOS)
software that provides the interface between the hardware and the Application Layer software
C-I-A
the Confidentiality, Integrity, and Availability properties that describe a secure object
Time to Recovery (TTR)
the acceptable amount of time that is allowed to repair or replace failed components (aka time to repair)
FCAPS
the acronym for a network management functional model that stands for Fault, Configuration, Accounting, Performance, and Security
Connection media
the adapters and wires or wireless media that connect components together in the LAN domain
Transmission Control Protocol/Internet Protocol (TCP/IP)
the basic protocol, or language, of modern networks and the Internet
Business drivers
the components, including people, information, and conditions, that support business objectives
Permissions
the definitions of what object access actions are permitted for a specific user or group
Type 1 authentication (what you know)
the information that only a valid user knows. The most common examples are a password or PIN
Footprinting
the process of determining the operating system and version of a network node
Separation of duties
the process of dividing roles and responsibilities so a single individual can't undermine a critical process
Authorization
the process of granting rights and permissions to access objects to a subject
Fingerprinting
the process of identifying the operating system and general configuration of a computer
Wardialing
the process of instructing a computer to dial many telephone numbers looking for modems on the other end
Authentication
the process of providing additional credentials that match the user ID or user name
Identification
the process of providing user credentials or claiming to be a specific user
Encryption
the process of scrambling data in such a way that it is unreadable by unauthorized users but can be unscrambled by authorized users to be readable again
Object
the target of an access request, such as a file, folder, or other resource
Ciphertext
the unreadable output that results from encryption. Encryption turns cleartext data into ciphertext through the use of an algorithm and a key
Wardriving
using a laptop or other mobile device to quickly find wireless networks while driving around in a motor vehicle
