Term
| ____ are combination locks that use buttons which must be pushed in the proper sequence to open the door. |
|
Definition
|
|
Term
| In ____, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer. |
|
Definition
|
|
Term
| Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs. |
|
Definition
|
|
Term
| Data, once restricted to papers in the office filing cabinet, now flows freely both in and out of organizations, among employees, customers, contractors, and business partners. |
|
Definition
|
|
Term
| Passive tags have ranges from about 1/3 inch to ____ feet. |
|
Definition
|
|
Term
| A ____ is designed to separate a nonsecured area from a secured area. |
|
Definition
|
|
Term
| In Microsoft Windows, a ____ is a collection of security configuration settings. |
|
Definition
|
|
Term
| Cipher locks are the same as combination padlocks. |
|
Definition
|
|
Term
| Each host (desktop, wireless laptop, smartphone, gateway server) runs a local application called a ____, which is sent over the network to the devices and runs as an OS service. |
|
Definition
|
|
Term
| A ____ outlines the major security considerations for a system and becomes the starting point for solid security. |
|
Definition
|
|
Term
| Securing a restricted area by erecting a barrier is called ____. |
|
Definition
|
|
Term
| Using video cameras to transmit a signal to a specific and limited set of receivers is called ____. |
|
Definition
|
|
Term
| A ____ can be inserted into the security slot of a portable device and rotated so that the cable lock is secured to the device, while a cable connected to the lock can then be secured to a desk or immobile object. |
|
Definition
|
|
Term
| ____ can be prewired for electrical power as well as wired network connections. |
|
Definition
|
|
Term
| The signal from an ID badge is detected as the owner moves near a ____, which receives the signal. |
|
Definition
|
|
Term
| Instead of using a key or entering a code to open a door, a user can display a ____ to identify herself. |
|
Definition
|
|
Term
| ID badges that can be detected by a proximity reader are often fitted with tiny radio ____ tags. |
|
Definition
|
|
Term
| Keyed entry locks are much more difficult to defeat than deadbolt locks. |
|
Definition
|
|
Term
| ____ is defined as a security analysis of the transaction within its approved context. |
|
Definition
|
|
Term
| A ____ is software that is a cumulative package of all security updates plus additional features. |
|
Definition
|
|
Term
| An anti-climb collar is a ____ that extends horizontally for up to 3 feet (1 meter) from the pole to prevent anyone from climbing. |
|
Definition
|
|
Term
| A ____ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it. |
|
Definition
|
|
Term
| When a policy violation is detected by the DLP agent, it is reported back to the DLP server. |
|
Definition
|
|
Term
| ____ is a system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected. |
|
Definition
|
|
Term
| A(n) ____ is hardware or software that is designed to prevent malicious packets from entering or leaving computers. |
|
Definition
|
|
Term
|
Definition
| Lock the door but have access to unlock from the outside via a small hole. |
|
|
Term
|
Definition
| Use a key to open the lock from the outside. |
|
|
Term
|
Definition
| Lock the door from the inside but cannot be unlocked from the outside. |
|
|
Term
|
Definition
| Latch a door closed yet do not lock. - Halls and Closets |
|
|
Term
| Standard Keyed entry lock |
|
Definition
| Is the most common type of door lock for keeping out intruders, but security is minimal. |
|
|
Term
|
Definition
| Lock extends a solid metal bar into the door frame. |
|
|
Term
|
Definition
| The outside is always locked, entry is by key only, and the inside lever is always unlocked. |
|
|
Term
| Store entry double cylinder lock |
|
Definition
| Includes a keyed cylinder in both the outside and inside knobs so that a key if either knob locks or unlocks both at the same time. |
|
|
Term
|
Definition
| The outside can be locked or unlocked and the inside lever is always unlocked. |
|
|
Term
| A ____ is a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files. |
|
Definition
|
|
Term
| A ____ in effect takes a snapshot of the current security of the organization. |
|
Definition
|
|
Term
| The first step in a vulnerability assessment is to determine the assets that need to be protected. |
|
Definition
|
|
Term
| ____ is the probability that a risk will occur in a particular year. |
|
Definition
| ARO - Annualized Rate of Occurrence. |
|
|
Term
| The ____ for software is the code that can be executed by unauthorized users. |
|
Definition
|
|
Term
| A healthy security posture results from a sound and workable strategy toward managing risks. |
|
Definition
|
|
Term
| A ____ is a network set up with intentional vulnerabilities. |
|
Definition
|
|
Term
| The ____ is the expected monetary loss every time a risk occurs. |
|
Definition
| SLE - Single Loss Expectancy |
|
|
Term
| A security weakness is known as a(n) ____. |
|
Definition
|
|
Term
| ____ is a comparison of the present state of a system compared to its baseline. |
|
Definition
|
|
Term
| The end product of a penetration test is the penetration ____. |
|
Definition
|
|
Term
| The goal of ____ is to better understand who the attackers are, why they attack, and what types of attacks might occur. |
|
Definition
|
|
Term
| Vulnerability scans are usually performed from outside the security perimeter. |
|
Definition
|
|
Term
| When performing a vulnerability assessment, many organizations use ____ software to search a system for any port vulnerabilities. |
|
Definition
|
|
Term
| A(n) ____ examines the current security in a passive method. |
|
Definition
|
|
Term
| ____ is the proportion of an asset’s value that is likely to be destroyed by a particular risk. |
|
Definition
|
|
Term
| A ____ outlines the major security considerations for a system and becomes the starting point for solid security. |
|
Definition
|
|
Term
| A(n) ____ indicates that no process is listening at this port. |
|
Definition
|
|
Term
| Released in 1995, one of the first tools that was widely used for penetration testing was ____. |
|
Definition
|
|
Term
| If port 20 is available, then an attacker can assume that FTP is being used. |
|
Definition
|
|
Term
| A(n) ____ is hardware or software that captures packets to decode and analyze its contents. |
|
Definition
|
|
Term
| While the code for a program is being written, it is being analyzed by a ____. |
|
Definition
|
|
Term
| A ____ tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications. |
|
Definition
|
|
Term
| A(n) ____ means that the application or service assigned to that port is listening for any instructions. |
|
Definition
|
|
Term
| ____ is a means by which an organization can transfer the risk to a third party who can demonstrate a higher capability at managing or reducing risks. |
|
Definition
|
|
Term
| In an empty box test, the tester has no prior knowledge of the network infrastructure that is being tested. |
|
Definition
|
|
Term
|
Definition
| A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful. |
|
|
Term
|
Definition
| Identify what needs to be protected. |
|
|
Term
|
Definition
| Identifying what the pressures are against a company. |
|
|
Term
|
Definition
| Identifying how susceptible the current protection is |
|
|
Term
|
Definition
| Identify what damages could result from the threats |
|
|
Term
|
Definition
| An automated software search through a system for any known security weaknesses |
|
|
Term
|
Definition
| Designed to actually exploit any weaknesses in systems that are vulnerable |
|
|
Term
|
Definition
| Eliminating as many security risks as possible and make the system more secure |
|
|
Term
|
Definition
| Identify what to do about threats |
|
|
