2nd law of operations security The need to evaluate our info assets - determine critical info
Policies, procedures, standards, user education, incident respond, disaster
Admin controls
recovery, compliance and physical security
AES AES is the standard encryption algorithm used by the US Federal governm
Encryption that uses two separate keys- a public key and a private key.
Asymmetric Key Cryptography Advantage is that you can post the public key and anyone can send you an
encrypted message.
Hold users of your system accountable. A methodical examination and revi
Auditing
an organization's records.
Whether the data in question comes from who or where it says it comes fro
Authenticity
(i.e. did this person actually send this email?)
Authenticity is affected by what type of Interruption (assets are unusable), modification (tampering with an asset),
attacks? fabrication (generating false data)
BSA A company that audits other companies for licensing requirements
Burp Suite is a web assessment and analysis tool that looks for issues on
Burp Suite
websites such as cross-site scripting or SQL injection flaws.
Burpsuite Web Proxy Tool
click jacking Client side attack
, Multifactor authentication
Compare authentication types.
Mutual authentication
the process of gathering and analyzing publicly available information to su
competetive intelligence
business decisions
the practice of managing the range of intelligence-gathering activities dire
Competitive Counterintelligence
at an organization
the practice of managing the range of intelligence-gathering activities dire
Competitive counterintelligence
at an organization
the process of gathering and analyzing information to support business
Competitive intelligence
decisions
competitive intelligence the process of intelligence gathering and analysis to support business deci
Confidentiality is affected by what type Interception (eaves dropping)
of attack?
COPPA Children's Online Privacy Protection Act
Children's Online Privacy Protection Act: a law that intends to keep children
COPPA under the age of 13 protected from the collection of private information an
safety risks online.
, finds vulnerabilities in an organization's web server. This tool allows a user to
Core Impact evaluate the security posture of a web server by using the same techniques
currently employed by cyber criminals.
employing multiple layers of controls to avoid a
single point of failure
Defense in Depth
nonrepudiation, deterrence, intrusion detection and prevention, and
Define accountability and its benefits
admissibility of records
Define authentication A set of methods used to determine if a claim of identity is true.
Define cryptography, including its origins The science of protecting the confidentiality and integrity of data
and influencers.
Define identification The claim of who we/networks are
Define identity verification. Someone claims who they are and you take it one step father and ask for ID
The protection of information and information systems from unauthorized
Define information security. access, use, disclosure, disruption, modification, or destruction in order to
provide confidentiality, integrity, and availability.
The ability to prevent people from changing your data and the ability to rev
Define integrity in the CIA triad.
unwanted changes. (Access control, read and write permissions, info corre
Policies, procedures, standards, user education, incident respond, disaster
Admin controls
recovery, compliance and physical security
AES AES is the standard encryption algorithm used by the US Federal governm
Encryption that uses two separate keys- a public key and a private key.
Asymmetric Key Cryptography Advantage is that you can post the public key and anyone can send you an
encrypted message.
Hold users of your system accountable. A methodical examination and revi
Auditing
an organization's records.
Whether the data in question comes from who or where it says it comes fro
Authenticity
(i.e. did this person actually send this email?)
Authenticity is affected by what type of Interruption (assets are unusable), modification (tampering with an asset),
attacks? fabrication (generating false data)
BSA A company that audits other companies for licensing requirements
Burp Suite is a web assessment and analysis tool that looks for issues on
Burp Suite
websites such as cross-site scripting or SQL injection flaws.
Burpsuite Web Proxy Tool
click jacking Client side attack
, Multifactor authentication
Compare authentication types.
Mutual authentication
the process of gathering and analyzing publicly available information to su
competetive intelligence
business decisions
the practice of managing the range of intelligence-gathering activities dire
Competitive Counterintelligence
at an organization
the practice of managing the range of intelligence-gathering activities dire
Competitive counterintelligence
at an organization
the process of gathering and analyzing information to support business
Competitive intelligence
decisions
competitive intelligence the process of intelligence gathering and analysis to support business deci
Confidentiality is affected by what type Interception (eaves dropping)
of attack?
COPPA Children's Online Privacy Protection Act
Children's Online Privacy Protection Act: a law that intends to keep children
COPPA under the age of 13 protected from the collection of private information an
safety risks online.
, finds vulnerabilities in an organization's web server. This tool allows a user to
Core Impact evaluate the security posture of a web server by using the same techniques
currently employed by cyber criminals.
employing multiple layers of controls to avoid a
single point of failure
Defense in Depth
nonrepudiation, deterrence, intrusion detection and prevention, and
Define accountability and its benefits
admissibility of records
Define authentication A set of methods used to determine if a claim of identity is true.
Define cryptography, including its origins The science of protecting the confidentiality and integrity of data
and influencers.
Define identification The claim of who we/networks are
Define identity verification. Someone claims who they are and you take it one step father and ask for ID
The protection of information and information systems from unauthorized
Define information security. access, use, disclosure, disruption, modification, or destruction in order to
provide confidentiality, integrity, and availability.
The ability to prevent people from changing your data and the ability to rev
Define integrity in the CIA triad.
unwanted changes. (Access control, read and write permissions, info corre
