+
Related Flashcards
Related Topics
Cards In This Set
| Front | Back |
|
3DES
|
Triple Data Encryption Standard A symmetric algorithm used to encrypt data and provide confidentiality. It is a block cipher that encrypts data in 64-bit blocks.
|
|
802.1x
|
Port-based authentication Used with wired and wireless networks/ There are 3 components: Supplicant, Authenticator, & Authentication Server (RADIUS)
|
|
AAA
|
Authentication, Authorization, Accounting1. Authentication has 2 components: Identification (Username or email address) and the authentication factor (Something you know, Something you have, Something you are, Somewhere you are or are not, Something you do) 2. Authorization: the rights and privileges assigned to a user to be able to perform their job. 3. Accounting or Auditing: Accounting is the process of recording system activities and resource access. Auditing is part of accounting where an administrator examines logs of what was recorded.
|
|
AAR
|
After-Action Report
|
|
ABAC
|
Attribute-based Access Control: Access control based on different attributes: group membership, OS being used, IP address, the presence of up-to-date patches and anti-malware, geographic location. Typically used in an SDN (Software Defined Network).
|
|
ACL
|
Access Control List: A list of objects and what subjects can access them. Example; A user access a directory but only has read access to the documents inside.Routers and firewalls both employ ACLs, either allowing or denying access to different parts of the network.
|
|
AD
|
Active Directory Backup System State for recovery in case of a disaster
|
|
AES
|
Advanced Encryption Standard: Symmetric block cipher. Three different block sizes; 128, 192, & 256 bit. Used in BitLocker
|
|
AH
|
Authentication Header: An IPSec protocol that provides authentication as well as integrity & protection from replay attacks. Uses protocol # 51.
|
|
ALE
|
Annual Loss Expectancy: The amount of money an organization would lose over the course of a year. The formula is the SLE (Single Loss Expectancy) times the ARO (Annual Rate of Occurrence). SLE x ARO = ALE.
|
|
AP
|
Access Point: Sometimes referred to as a WAP (Wireless Access Point). An AP is a bridge between wireless and wired networks.
|
|
API
|
Application Programming Interface: A software module or component that identifies inputs and outputs for an application
|
|
APT
|
Advanced Persistent Threat: An attack that uses multiple attack vectors, attempt to remain hidden as to maintain a connection to compromised systems. You can normally tie this to nation-states (foreign countries).
|
|
ARO
|
Annual Rate of Occurrence: The number of times a year that a particular loss occurs. It is used to measure risk with ALE and SLE in a quantitative risk assessment.
|
|
ARP
|
Address Resolution Protocol: Matches the MAC address to a known IP address. Easily spoofed, used in MITM (Man-in-the-Middle) attack.
|
