CISSP - Practice

CISSP - Practice Data Remanence The remains of partial or even the entire data set of digital information Disaster Recovery Planning (DRP) Deals with restoring normal business operations after the disaster takes place...works to get the business back to normal Maximum tolerable downtime The maximum period of time that a critical business function can be inoperative before the company incurs significant and long-lasting damage. 802.5 IEEE standard defines the Token Ring media access method Recovery Time Objective The balance against the cost of recover and the cost of disruption Resource Requirements portion of the BIA that lists the resources that an organization needs in order to continue operating each critical business function. Checklist Test is one in which copies of the plan are handed out to each functional area to ensure the plan deal with their needs Information Owner The one person responsible for data, its classification and control setting Job Rotation To move from location to location, keeping the same function Differential power analysis A side-channel attack carry-out on smart cards that examining the power emission release during processing Mitigate Defined as real-time monitoring and analysis of network activity and data for potential vulnerabilities and attacks in progress. Electromagnetic analysis A side-channel attack on smart cards that examine the frequencies emitted and timing Analysis Systematic assessment of threats and vulnerabilities that provides a basis for effective management of risk. Change Control Maintaining full control over requests, implementation, traceability, and proper documentation of changes. Containment Mitigate damage by isolating compromised systems from the network. 30 to 90 Days Most organizations enforce policies to change password ranging from Isochronous Process must within set time constrains, applications are video related where audio and video must match perfectly Detection Identification and notification of an unauthorized and/or undesired action Electronic Vaulting Periodic, automatic and transparent backup of data in bulk. Fault Tolerance Mitigation of system or component loss or interruption through use of backup capability. Incremental A backup method use when time and space are a high importance Secure HTTP Protocol designed to same individual message securely Criminal Conduct that violates government laws developed to protect society Class C Has 256 hosts RAID 0 Creates one large disk by using several disks Trade secrets Deemed proprietary to a company and often include information that provides a competitive edge, the information is protected as long the owner takes protective actions X.400 Active Directory standard Prevention Controls deployed to avert unauthorized and/or undesired actions. Redundant Array Of Independent Drives (RAID) A group of hard drives working as one storage unit for the purpose of speed and fault tolerance Proprietary Define the way in which the organization operates. Gateway Used to connect two networks using dissimilar protocols at different layers of the OSI model Classification The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification. Data Integrity The property that data meet with a priority expectation of quality and that the data can be relied upon. Alarm Filtering The process of categorizing attack alerts produced from an IDS in order to distinguish false positives from actual attacks Coaxial Cable A cable consisting of a core, inner conductor that is surrounding by an insulator, an outer cylindrical conductor Concentrator Layer 1 network device that is used to connect network segments together, but provides no traffic control (a hub). Digital Signature An asymmetric cryptography mechanism that provides authentication. Eavesdropping A passive network attack involving monitoring of traffic. E-Mail Spoofing Forgery of the sender's email address in an email header. Emanations Potentially compromising leakage of electrical or acoustical signals. Fiber Optics Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is difficult. Fraggle A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. Hijacking Interception of a communication session by an attacker. Hub Layer 1 network device that is used to connect network segments together, but provides no traffic control (a concentrator). Injection An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input. Interception Unauthorized access of information (e.g. Tapping, sniffing, unsecured wireless communication, emanations) IP Address Spoofing Forging of an IP address. IP Fragmentation An attack that breaks up malicious code into fragments, in an attempt to elude detection. Kerberos A trusted third party authentication protocol Incident response Team should consist of: management, IT, legal, human resources, public relations, security etc. Modification A type of attack involving attempted insertion, deletion or altering of data. Multiplexers A device that sequentially switches multiple analog inputs to the output. Open Mail Relay Servers A mail server that improperly allows inbound SMTP connections for domains it does not serve. Enticement The legal act of luring an intruder, with intend to monitor their behavior Packet Filtering A basic level of network access control that is based upon information contained in the IP packet header. Patch Panels Provides a physical cross connect point for devices. Private Branch Exchange (PBX) A telephone exchange for a specific office or business. Phishing A social engineering attack that uses spoofed email or websites to persuade people to divulge information. Physical Tampering Unauthorized access of network devices. Proxies Mediates communication between un-trusted hosts on behalf of the hosts that it protects. Repeaters Layer 1 network device that is used to connect network segments together, but provides no traffic control (a concentrator). Radio Frequency Interference (RFI) A disturbance that degrades performance of electronic devices and electronic communications. Rogue Access Points Unauthorized wireless network access device. Routers A layer 3 device that used to connect two or more network segments and regulate traffic. Satellite A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication. Sequence Attack An attack involving the hijacking of a TCP session by predicting a sequence number. Shielding Enclosure of electronic communication devices to prevent leakage of electromagnetic signals. Smurf A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses. (See Fraggle) Sniffing Eavesdropping on network communications by a third party. Source Routing Exploitation A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal network. Spam Unsolicited commercial email Switches A layer 2 device that used to connect two or more network segments and regulate traffic. SYN Flooding A Denial of Service attack that floods the target system with connection requests that are not finalized. Tapping Eavesdropping on network communications by a third party. Tar Pits Mitigation of spamming and other attacks by delaying incoming connections as long as possible. Teardrop A Denial of Service attack that exploits systems that are not able to handle malicious, overlapping and oversized IP fragments. TEMPEST A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic equipment. Twisted Pair A simple, inexpensive cabling technology consisting of two conductors that are wound together to de