Exam (elaborations)
SANS Cyber Security Terms Questions and Answers Latest Updated
- Course
- Institution
SANS Cyber Security Terms
[Show more]
Content preview
SANS Cyber Security TermsAccess Control - answer Ensures that resources are only granted to those users who
are entitled to them.
Access Control List - answer A mechanism that implements access control for a system
resource by listing the identities of the system entities that are permitted to access the
resource. (or referred to as ACL)
Access Control Service - answer A security service that provides protection of system
resources against unauthorized access. The two basic mechanisms for implementing
this service are ACLs and tickets.
Access Management Access - answer The maintenance of access information which
consists of four tasks: account administration, maintenance, monitoring, and revocation.
Access Matrix - answer Uses rows to represent subjects and columns to represent
objects with privileges listed in each cell.
Account Harvesting - answer The process of collecting all the legitimate account names
on a system.
ACK Piggybacking - answer The practice of sending an ACK inside another packet
going to the same destination.
Active Content - answerProgram code embedded in the contents of a web page. When
the page is accessed by a web browser, the embedded code is automatically
downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS)
Activity Monitors - answerAim to prevent virus infection by monitoring for malicious
activity on a system, and blocking that activity when possible.
Address Resolution Protocol - answerA protocol for mapping an Internet Protocol
address to a physical machine address that is recognized in the local network. A table,
usually called the ARP cache, is used to maintain a correlation between each MAC
address and its corresponding IP address. ARP provides the protocol rules for making
this correlation and providing address conversion in both directions. (ARP)
Advanced Encryption Standards - answerAn encryption standard being developed by
NIST. Intended to specify an unclassified, publicly-disclosed, symmetric encryption
algorithm.
,Algorithm - answerA finite set of step-by-step instructions for a problem-solving or
computation procedure, especially one that can be implemented by a computer.
Applet - answerJava programs; an application program that uses the client's web
browser to provide a user interface.
Advanced Research Projects Agency Network - answerA pioneer packet-switched
network that was built in the early 1970s under contract to the US Government, led to
the development of today's Internet, and was decommissioned in June 1990.
(ARPANET)
Asymmetric Cryptography - answerPublic-key cryptography; A modern branch of
cryptography in which the algorithms employ a pair of keys (a public key and a private
key) and use a different component of the pair for different steps of the algorithm.
Asymmetric Warfare - answerThe fact that a small investment, properly leveraged, can
yield incredible results.
Auditing - answerThe information gathering and analysis of assets to ensure such
things as policy compliance and security from vulnerabilities.
Authentication - answerThe process of confirming the correctness of the claimed
identity.
Authenticity - answerThe validity and conformance of the original information.
Authorization - answerThe approval, permission, or empowerment for someone or
something to do something.
Autonomous System - answerOne network or series of networks that are all under one
administrative control; sometimes referred to as a routing domain; assigned a globally
unique number. (ASN)
Availability - answerThe need to ensure that the business purpose of the system can be
met and that it is accessible to those who need to use it.
Backdoor - answerA tool installed after a compromise to give an attacker easier access
to the compromised system around any security mechanisms that are in place.
Bandwidth - answerCommonly used to mean the capacity of a communication channel
to pass data through the channel in a given amount of time. Usually expressed in bits
per second
Banner - answerThe information that is displayed to a remote user trying to connect to a
service. This may include version information, system information, or a warning about
authorized use.
, Basic Authentication - answerThe simplest web-based authentication scheme that
works by sending the username and password with each request.
Bastion Host - answerHas been hardened in anticipation of vulnerabilities that have not
been discovered yet.
Berkeley Internet Name Domain - answerAn implementation of DNS. DNS is used for
domain name to IP address resolution. (BIND)
Biometrics - answerUses physical characteristics of the users to determine access.
Bit - answerThe smallest unit of information storage; a contraction of the term "binary
digit;" one of two symbolsÑ"0" (zero) and "1" (one) - that are used to represent binary
numbers.
Block Cypher - answerEncrypts one block of data at a time.
Boot Record Infector - answerA piece of malware that inserts malicious code into the
boot sector of a disk.
Border Gateway Patrol - answerAn inter-autonomous system routing protocol. Used to
exchange routing information for the Internet and is the protocol used between Internet
service providers (ISP). (BGP)
Botnet - answerLarge number of compromised computers that are used to create and
send spam or viruses or flood a network with messages as a denial of service attack.
Bridge - answerA product that connects a local area network (LAN) to another local
area network that uses the same protocol (for example, Ethernet or token ring).
British Standard 7799 - answerA standard code of practice and provides guidance on
how to secure an information system. It includes the management framework,
objectives, and control requirements for information security management systems.
Broadcast - answerTo simultaneously send the same message to multiple recipients.
One host to all hosts on network.
Broadcast Address - answerAn address used to broadcast a datagram to all hosts on a
given network using UDP or ICMP protocol.
Browser - answerA client computer program that can retrieve and display information
from servers on the World Wide Web.
Brute Force - answerA cryptanalysis technique or other kind of attack method involving
an exhaustive procedure that tries all possibilities, one-by-one.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller julianah420. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
85169 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now