SSCP Sybex Study Guid| 179 QUESTIONS| WITH COMPLETE SOLUTIONS

3DES Triple DES A symmetric encryption algorithm that uses either two (key 1 and key 3 are the same) or three keys and improves upon the Data Encryption Standard algorithm. AAA Triple A Referred to as the AAA of access control- authentication, authorization, and accounting. access control list (ACL) A list of subjects and assigned rights used in access control. Accreditation Formal acceptance by management that a system or application has been certified and may be placed into operation. administrative controls Controls put in place to enforce policies and directives as dictated by the organization. Advanced Encryption Standard (AES) A symmetric block algorithm selected by NIST to be used as a standard by the U.S. government. AIC security triad The three of confidentiality, integrity, and availability that form the basis for security objectives that are the essence of security for all information systems. Alert A message triggered by an event. Alerts may take the form of email, text messages, computer screen banners, flashing lights, and other methods of drawing attention to an issue. Algorithm A mathematical function cryptographic algorithm that encrypts or decrypts text. annualized rate of occurrence (ARO) A number representing the number of times during the period of a year that a threat will exploit a specific vulnerability. asymmetric algorithm The cryptographic algorithm that requires two separate keys; one is secret and the other public. asymmetric encryption The process of using two keys, a public key and a private key, to encrypt and decrypt messages. Authentication Method used to verify the identity claim of a user. Authorization The act of defining the network resources, applications, and data that may be accessed by a user. Availability One of the central principles of the AIC triad. A core goal of a security professional is to ensure that data and hardware are available when the user requires them. Back door An accessible port or portal created by a programmer for easy access when creating an application. Also may be a portal created by malware to allow the attacker easy access into a system or application. Bandwidth The speed at which information may be tran