Application Server - correct answer A computer responsible for hosting applications to user workstations. NIST SP 800-82 Rev.2
Asymmetric Encryption - correct answer An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext.
Checksum - correct answer A digit...
Application Server - correct answer ✔✔A computer responsible for hosting applications to user
workstations. NIST SP 800-82 Rev.2
Asymmetric Encryption - correct answer ✔✔An algorithm that uses one key to encrypt and a different
key to decrypt the input plaintext.
Checksum - correct answer ✔✔A digit representing the sum of the correct digits in a piece of stored or
transmitted digital data, against which later comparisons can be made to detect errors in the data.
Ciphertext - correct answer ✔✔The altered form of a plaintext message so it is unreadable for anyone
except the intended recipients. In other words, it has been turned into a secret.
Classification - correct answer ✔✔Classification identifies the degree of harm to the organization, its
stakeholders or others that might result if an information asset is divulged to an unauthorized person,
process or organization. In short, classification is focused first and foremost on maintaining the
confidentiality of the data, based on the data sensitivity.
Configuration management - correct answer ✔✔A process and discipline used to ensure that the only
changes made to a system are those that have been authorized and validated.
Cryptanalyst - correct answer ✔✔One who performs cryptanalysis which is the study of mathematical
techniques for attempting to defeat cryptographic techniques and/or information systems security. This
includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the
algorithm itself.
Cryptography - correct answer ✔✔The study or applications of methods to secure or protect the
meaning and content of messages, files, or other information, usually by disguise, obscuration, or other
transformations of that content and meaning.
,Data Loss Prevention (DLP) - correct answer ✔✔System capabilities designed to detect and prevent the
unauthorized use and transmission of information.
Decryption - correct answer ✔✔The reverse process from encryption. It is the process of converting a
ciphertext message back into plaintext through the use of the cryptographic algorithm and the
appropriate key for decryption (which is the same for symmetric encryption, but different for
asymmetric encryption). This term is also used interchangeably with the "deciphering."
Degaussing - correct answer ✔✔A technique of erasing data on disk or tape (including video tapes) that,
when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data.
Digital Signature - correct answer ✔✔The result of a cryptographic transformation of data which, when
properly implemented, provides the services of origin authentication, data integrity, and signer non-
repudiation. NIST SP 800-12 Rev. 1
Egress Monitoring - correct answer ✔✔Monitoring of outgoing network traffic.
Encryption - correct answer ✔✔The process and act of converting the message from its plaintext to
ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used
interchangeably in literature and have similar meanings.
Encryption System - correct answer ✔✔The total set of algorithms, processes, hardware, software, and
procedures that taken together provide an encryption and decryption capability.
Hardening - correct answer ✔✔A reference to the process of applying secure configurations (to reduce
the attack surface) and locking down various hardware, communications systems, and software,
including operating system, web server, application server, application, etc. Hardening is normally
performed based on industry guidelines and benchmarks, such as those provided by the Center for
Internet Security (CIS).
Hash Function - correct answer ✔✔An algorithm that computes a numerical value (called the hash
value) on a data file or electronic message that is used to represent that file or message and depends on
the entire contents of the file or message. A hash function can be considered to be a fingerprint of the
file or message. NIST SP 800-152
, Hashing - correct answer ✔✔The process of using a mathematical algorithm against data to produce a
numeric value that is representative of that data. Source CNSSI 4009-2015
Information Sharing - correct answer ✔✔The requirements for information sharing by an IT system with
one or more other IT systems or applications, for information sharing to support multiple internal or
external organizations, missions, or public programs. NIST SP 800-16
Ingress Monitoring - correct answer ✔✔Monitoring of incoming network traffic.
Message Digest - correct answer ✔✔A digital signature that uniquely identifies data and has the
property such that changing a single bit in the data will cause a completely different message digest to
be generated. NISTIR-8011 Vol.3
Operating System - correct answer ✔✔The software "master control application" that runs the
computer. It is the first program loaded when the computer is turned on, and its main component, the
kernel, resides in memory at all times. The operating system sets the standards for all application
programs (such as the Web server) that run in the computer. The applications communicate with the
operating system for most user interface and file management operations. NIST SP 800-44 Version 2
Patch - correct answer ✔✔A software component that, when installed, directly modifies files or device
settings related to a different software component without changing the version number or release
details for the related software component. Source: ISO/IEC 19770-2
Patch Management - correct answer ✔✔The systematic notification, identification, deployment,
installation and verification of operating system and application software code revisions. These revisions
are known as patches, hot fixes, and service packs. Source: CNSSI 4009
Plaintext - correct answer ✔✔A message or data in its natural format and in readable form; extremely
vulnerable from a confidentiality perspective.
Records - correct answer ✔✔The recordings (automated and/or manual) of evidence of activities
performed or results achieved (e.g., forms, reports, test results), which serve as a basis for verifying that
the organization and the information system are performing as intended. Also used to refer to units of
related data fields (i.e., groups of data fields that can be accessed by a program and that contain the
complete set of information on particular items). NIST SP 800-53 Rev. 4
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller JUICYGRADES. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.
