SY0-401: Glossary, GSEC, SEC + 401 Study Guide Complete Final Exam.
0 view 0 purchase
Course
GSEC
Institution
GSEC
SY0-401: Glossary, GSEC, SEC + 401 Study Guide Complete Final Exam.
3DES - CORRECT ANSWER (Triple Data Encryption Standard) A symmetric encryption algorithm that encrypts data by processing each block of data three times, using a different DES key each time.
802.11 - CORRECT ANSWER A family o...
SY0-401: Glossary, GSEC, SEC + 401
Study Guide Complete Final Exam.
3DES - CORRECT ANSWER (Triple Data Encryption Standard) A symmetric encryption algorithm that
encrypts data by processing each block of data three times, using a different DES key each time.
802.11 - CORRECT ANSWER A family of specifications developed by the IEEE for wireless LAN technology.
802.11a - CORRECT ANSWER A fast, secure, but relatively expensive protocol for wireless
communication. It Supports speeds up to 54 Mbps in the 5 GHz frequency.
802.11ac - CORRECT ANSWER A wireless communication protocol that improves upon 802.11n by
adding wider channels to increase bandwidth.
802.11b - CORRECT ANSWER The first specification to be called Wi-Fi, it is the least expensive wireless
network protocol used to transfer data among computers with wireless network cards, or between a
wireless computer or device and a wired LAN. It provides for an 11 Mbps transfer rate in the 2.4 GHz
frequency.
802.11g - CORRECT ANSWER A specification for wireless data throughput at the rate of up to 54 Mbps in
the 2.4 GHz band that is a potential replacement for 802.11b
802.11n - CORRECT ANSWER A wireless standard for home and business implementations that adds QoS
features and multimedia support to 802.11a and 802.11b.
802.1x - CORRECT ANSWER An IEEE standard used to provide a port based authentication mechanism
over a LAN or WLAN
access control - CORRECT ANSWER In IT security terms, the process of determining and assigning
privileges to various resources, objects, and data.
,Access Control Lists (ACL) - CORRECT ANSWER In a DAC (discretionary access control) access control
scheme, this is the list that is associated with each object, specifying the subjects that can access the
object and their levels of access.
account federation - CORRECT ANSWER The practice of linking a single account across many different
management systems.
account management - CORRECT ANSWER A common term used to refer to the processes, functions,
and policies used to effectively manage user accounts within an organization.
account phishing - CORRECT ANSWER In social networking, and attack where an attacker creates an
account and gets on the friends list of an individual just to try to obtain information about the individual
and their circle of friends or colleagues.
account policy - CORRECT ANSWER A document that includes an organization's user account
management guidelines.
account privileges - CORRECT ANSWER Permissions granted to users that allow them to perform various
actions such as creating, deleting, and editing files, and also accessing systems and services on the
network.
accountability - CORRECT ANSWER In security terms, the process of determining who to hold
responsible for a particular activity or event.
accounting - CORRECT ANSWER In IT security terms, the process of tracking and recording system
activities and resource access.
Active Directory - CORRECT ANSWER The standards-based directory service from Microsoft that runs on
Microsoft Windows servers.
adware - CORRECT ANSWER Software that automatically displays or downloads advertisements when it
is used.
,AES (Advanced Encryption Standard) - CORRECT ANSWER A symmetric 128-, 192-, or 256-bit block
cipher based on the Rijndael algorithm developed by Belgian cryptographers Joan Daemen and Vincent
Rijmen and adopted by the U.S. government as its encryption standard to replace DES.
ALE (annual loss expectancy) - CORRECT ANSWER The total cost of a risk to an organization on an annual
basis.
all-in-one-security appliance - CORRECT ANSWER A single network device that is used to perform a
number of security functions to secure a network.
anomaly-based monitoring - CORRECT ANSWER A monitoring system that uses a database of
unacceptable traffic patterns identified by analyzing traffic flows.
anti-malware software - CORRECT ANSWER A category of software programs that scan a computer or
network for known viruses, Trojans, worms, and other malicious software.
anti-spam - CORRECT ANSWER A program that will detect specific words that are commonly used in
spam messages.
anti-spyware - CORRECT ANSWER Software that is specifically designed to protect systems against
spyware attacks.
antivirus software - CORRECT ANSWER An application that scans files for executable code that matches
specific patterns that are known to be common to viruses.
API (application programming interface) - CORRECT ANSWER A mechanism that defines how software
elements interact with each other.
application attacks - CORRECT ANSWER Attacks that are targeted at web-based and other client-server
applications.
application aware device - CORRECT ANSWER A network device that manages information about any
application that connects to it.
, application blacklisting - CORRECT ANSWER The practice of preventing undesirable programs from
running on a computer, computer network, or mobile device.
application whitelisting - CORRECT ANSWER The practice of allowing approved programs to run on a
computer, computer network, or mobile device.
arbitrary code execution - CORRECT ANSWER An attack that exploits an applications vulnerability into
allowing the attacker to execute commands on a user's computer.
archive bit - CORRECT ANSWER A file property that essentially indicates whether the file has been
modified since the last back up.
armored virus - CORRECT ANSWER A virus that is able to conceal its location or otherwise render itself
harder to detect by anti-malware programs.
ARO (annual rate of occurrence) - CORRECT ANSWER How many times per year a particular loss is
expected to occur.
ARP (Address Resolution Protocol) - CORRECT ANSWER The mechanism by which individual hardware
MAC addresses are matched to an IP address on a network.
ARP poisoning - CORRECT ANSWER A method in which an attacker, with access to the target network,
redirects an IP address to the MAC address of a computer that is not the intended recipient.
asymmetric encryption - CORRECT ANSWER A two-way encryption scheme that uses paired private and
public keys.
attachment attack - CORRECT ANSWER An attack where the attacker can merge malicious software or
code into a downloadable file or attachment on an application server so that users download and
execute it on client systems.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Nursewendo. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
