Shared Flashcard Set

Details

ITEC CH4
ITEC CH4
24
Computer Science
Undergraduate 4
02/08/2013

Additional Computer Science Flashcards

 


 

Cards

Term
ALE
Annualized Loss Expectancy
Definition
The expected monetary loss that can be expressed for an asset due to a risk over a one year period
Term
ARO
Annualized Rate of Occurrence
Definition
The probability that a risk will occur in a particular year
Term
Architectural Design
Definition
The process of defining a collection of hardware and software components along with their interfaces in order to create the framework for software development
Term
Attack Surface
Definition
The code that can be executed by unauthorized users in a software program
Term
Baseline Reporting
Definition
A comparison of the present state of a system compared to its baseline
Term
Black Box
Definition
A test in which the tester has no prior knowledge of the network infrastructure that is being tested
Term
Code Review
Definition
Presenting the code to multiple reviewers in order to reach agreement about it security
Term
Design Review
Definition
An analysis of the design of a software program by key personnel from different levels of the project
Term
EF
Exposure Factor
Definition
The proportion of an asset's value that is likely to be destroyed by a particular risk (expressed as a percentage)
Term
Fail-Open
Definition
A control that errs on the side of permissiveness in the event of a failure
Term
Fail-Safe
(Fail-Secure)
Definition
A control that errs on the side of security in the event of a failure
Term
Gray Box
Definition
A test where some limited information has been provided to the tester
Term
Hardening
Definition
The process of eliminating as many security risks as possible and making the system more secure
Term
Honeynet
Definition
A network set up with intentional vulnerabilities
Term
Honeypot
Definition
A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files, to trick attackers into revealing their attack techniques
Term
Penetration Testing
Definition
A test by an outsider to actually exploit any weaknesses in systems that are vulnerable
Term
Port Scanner
Definition
Software to search a system for any port vulnerabilities
Term
Sniffer
Protocol Analyzer
Definition
Hardware or software that captures packets to decode and analyze the contents
Term
SLE
Single Loss Expectancy
Definition
The expected monetary loss every time a risk occurs
Term
Vulnerability Assessment
Definition
A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm
Term
Vulnerability Scan
Definition
AN automated software search through a system for any known security weaknesses that then creates a report of those potential exposures
Term
Vulnerability Scanner
Definition
Generic term for a range of products that look for vulnerabilities in networks or systems
Term
White Box
Definition
A test where the tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addressing, and even the source code of custom applications
Term
Xmas Tree Port Scan
Definition
Sending a packet with every option set on for whatever protocol is in use to observe how a host responds
Supporting users have an ad free experience!