ISC2 - CC SOLUTIONS LATEST EDITION 2023 GUARANTEED GRADE A+

Application Server A computer responsible for hosting applications to user workstations. NIST SP 800-82 Rev.2 Asymmetric Encryption An algorithm that uses one key to encrypt and a different key to decrypt the input plaintext. Checksum A digit representing the sum of the correct digits in a piece of stored or transmitted digital data, against which later comparisons can be made to detect errors in the data. Ciphertext The altered form of a plaintext message so it is unreadable for anyone except the intended recipients. In other words, it has been turned into a secret. Classification Classification identifies the degree of harm to the organization, its stakeholders or others that might result if an information asset is divulged to an unauthorized person, process or organization. In short, classification is focused first and foremost on maintaining the confidentiality of the data, based on the data sensitivity. Configuration management A process and discipline used to ensure that the only changes made to a system are those that have been authorized and validated. Cryptanalyst One who performs cryptanalysis which is the study of mathematical techniques for attempting to defeat cryptographic techniques and/or information systems security. This includes the process of looking for errors or weaknesses in the implementation of an algorithm or of the algorithm itself. Cryptography The study or applications of methods to secure or protect the meaning and content of messages, files, or other information, usually by disguise, obscuration, or other transformations of that content and meaning. Data Loss Prevention (DLP) System capabilities designed to detect and prevent the unauthorized use and transmission of information. Decryption The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key for decryption (which is the same for symmetric encryption, but different for asymmetric encryption). This term is also used interchangeably with the "deciphering." Degaussing A technique of erasing data on disk or tape (including video tapes) that, when performed properly, ensures that there is insufficient magnetic remanence to reconstruct data. Digital Signature The result of a cryptographic transformation of data which, when properly implemented, provides the services of origin authentication, data integrity, and signer non-repudiation. NIST SP 800-12 Rev. 1 Egress Monitoring Monitoring of outgoing network traffic. Encryption The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings. Encryption System The total set of algorithms, processes, hardware, software, and procedures that taken together provide an encryption and decryption capability. Hardening A reference to the process of applying secure configurations (to reduce the attack surface) and locking down various hardware, communications systems, and software, including operating system, web server, application server, application, etc. Hardening is normally performed based on industry guidelines and benchmarks, such as those provided by the Center for Internet Security (CIS). Hash Function An algorithm that computes a numerical value (called the hash value) on a data file or electronic message that is used to represent that file or message and depends on the entire contents of the file or message. A hash function can be considered to be a fingerprint of the file or message. NIST SP 800-152 Hashing The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data. Source CNSSI Information Sharing The requirements for information sharing by an IT system with one or more other IT systems or applications, for information sharing to support multiple internal or external organizations, missions, or public programs. NIST SP 800-16 Ingress Monitoring Monitoring of incoming network traffic. Message Digest A digital signature that uniquely identifies data and has the property such that changing a single bit in the data will cause a completely different message digest to be generated. NISTIR-8011 Vol.3 Operating System The software "master control application" that runs the computer. It is the first program loaded when the computer is turned on, and its main component, the kernel, resides in memory at all times. The operating system sets the standards for all application programs (such as the Web server) that run in the computer. The applications communicate with the operating system for most user interface and file management operations. NIST SP 800-44 Version 2 Patch A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component. Source: ISO/IEC 19770-2 Patch Management The systematic notification, identification, deployment, installation and verification of operating system and application software code revisions. These revisions are known as patches, hot fixes, and service packs. Source: CNSSI 4009 Plaintext A message or data in its natural format and in readable form; extremely vulnerable from a confidentiality perspective. Records The recordings (automated and/or manual) of evidence of activities performed or results achieved (e.g., forms, reports, test results), which serve as a basis for verifying that the organization and the information system are performing as intended. Also used to refer to units of related data fields (i.e., groups of data fields that can be accessed by a program and that contain the complete set of information on particular items). NIST SP 800-53 Rev. 4 Records Retention A practice based on the records life cycle, according to which records are retained as long as necessary, and then are destroyed after the appropriate time interval has elapsed. Remanence Residual information remaining on storage media after clearing. NIST SP 800-88 Rev. 1 Request for change (RFC) The first stage of change management, wherein a change in procedure or product is sought by a stakeholder. Security Governance The entirety of the policies, roles, and processes the organization uses to make security decisions in an organization. Social engineering Tactics to infiltrate systems via email, phone, text, or social media, often impersonating a person or agency in authority or offering a gift. A low-tech method would be simply following someone into a secure building. Symmetric encryption An algorithm that uses the same key in both the encryption and the decryption processes. Web Server A computer that provides World Wide Web (WWW) services on the Internet. It includes the hardware, operating system, Web server software, and Web site content (Web pages). If the Web server is used internally and not by the public, it may be known as an "intranet server." NIST SP 800-44 Version 2 Whaling Attack Phishing attacks that attempt to trick highly placed officials or private individuals with sizable assets into authorizing large fund wire transfers to previously unknown entities. Application programming interface (API) A set of routines, standards, protocols, and tools for building software applications to access a web-based software application or web tool. Bit The most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model. Broadcast Broadcast transmission is a one-to-many (one-to-everyone) form of sending internet traffic. Byte The byte is a unit of digital information that most commonly consists of eight bits. Cloud computing A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. NIST 800-145 Community cloud A system in which the cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy and compliance considerations). It may be owned, managed and operated by one or more of the organizations in the community, a third party or some combination of them, and it may exist on or off premises. NIST 800-145 De-encapsulation The opposite process of encapsulation, in which bundles of data are unpacked or revealed. Denial-of-Service (DoS) The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.) Source: NIST SP 800-27 Rev A Domain Name Service (DNS) This acronym can be applied to three interrelated elements: a service, a physical server and a network protocol. Encapsulation Enforcement of data hiding and code hiding during all phases of software development and operational use. Bundling together data and methods is the process of encapsulation; its opposite process may be called unpacking, revealing, or using other terms. Also used to refer to taking any set of data and packaging it or hiding it in another data structure, as is common in network protocols and encryption. Encryption The process and act of converting the message from its plaintext to ciphertext. Sometimes it is also referred to as enciphering. The two terms are sometimes used interchangeably in literature and have similar meanings. File Transfer Protocol (FTP) The internet protocol (and program) used to transfer files between hosts. Fragment attack In a fragment attack, an attacker fragments traffic in such a way that a system is unable to put data packets back together. Hardware The physical parts of a computer and related devices. Hybrid cloud A combination of public cloud storage and private cloud storage where some critical data resides in the enterprise's private cloud while other data is stored and accessible from a public cloud storage provider. Infrastructure as a Service (IaaS) The provider of the core computing, storage and network hardware and software that is the foundation upon which organizations can build and then deploy applications. IaaS is popular in the data center where software and servers are purchased as a fully outsourced service and usually billed on usage and how much of the resource is used. Internet Control Message Protocol (ICMP) An IP network protocol standardized by the Internet Engineering Task Force (IETF) through RFC 792 to determine if a particular service or host is available. Internet Protocol (IPv4) Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks. CNSSI Man-in-the-Middle An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between them. Source: NISTIR 7711 Microsegmentation Part of a zero-trust strategy that breaks LANs into very small, highly localized zones using firewalls or similar technologies. At the limit, this places firewall at every connection point. Oversized Packet Attack Purposely sending a network packet that is larger than expected or larger than can be handled by the receiving system, causing the receiving system to fail unexpectedly. Packet Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model. Payload The primary action of a malicious code attack. Payment Card Industry Data Security Standard (PCI DSS) An information security standard administered by the Payment Card Industry Security Standards Council that applies to merchants and service providers who process credit or debit card transactions. Platform as a Service (PaaS) The web-authoring or application development middleware environment that allows applications to be built in the cloud before they're deployed as SaaS assets. Private cloud The phrase used to describe a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department. A private cloud is designed to offer the same features and benefits of cloud systems, but removes a number of objections to the cloud computing model, including control over enterprise and customer data, worries about security, and issues connected to regulatory compliance. Protocols A set of rules (formats and procedures) to implement and control some type of association (that is, communication) between systems. NIST SP 800-82 Rev. 2 Public cloud The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. NIST SP 800-145 Simple Mail Transport Protocol (SMTP) The standard communication protocol for sending and receiving emails between senders and receivers. Software Computer programs and associated data that may be dynamically written or modified during execution. NIST SP 80--37 Rev. 2 Software as a Service (SaaS) The cloud customer uses the cloud provider's applications running within a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. Derived from NIST 800-145 Spoofing Faking the sending address of a transmission to gain illegal entry into a secure system. CNSSI Transport Control Protocol/Internet Protocol (TCP/IP) Model Internetworking protocol model created by the IETF, which specifies four layers of functionality: Link layer (physical communications), Internet Layer (network-to-network communication), Transport Layer (basic channels for connections and connectionless exchange of data between hosts), and Application Layer, where other protocols and user applications programs make use of network services. VLAN A virtual local area network (VLAN) is a logical group of workstations, servers, and network devices that appear to be on the same LAN despite their geographical distribution. VPN A virtual private network (VPN), built on top of existing networks, that can provide a secure communications mechanism for transmission between networks. WLAN A wireless area network (WLAN) is a group of computers and devices that are located in the same vicinity, forming a network based on radio transmissions rather than wired connections. A Wi-Fi network is a type of WLAN. Zenmap The graphical user interface (GUI) for the Nmap Security Scanner, an open-source application that scans networks to determine everything that is connected as well as other information. Zero Trust Removing the design belief that the network has any trusted space. Security is managed at each possible level, representing the most granular asset. Microsegmentation of workloads is a tool of the model. Audit Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures. NIST SP 1800-15B Crime Prevention through Environmental Design (CPTED) An architectural approach to the design of buildings and spaces which emphasizes passive features to reduce the likelihood of criminal activity. Defense in Depth Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization. Source: NIST SP 800-53 Rev 4 Discretionary Access Control (DAC) A certain amount of access control is left to the discretion of the object's owner, or anyone else who is authorized to control the object's access. The owner can determine who should have access rights to an object and what those rights should be. NIST SP 800-192 Encrypt To protect private information by putting it into a form that can only be read by people who have permission to do so. Firewalls Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules. Insider Threat An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service. NIST SP 800-32 iOS An operating system manufactured by Apple Inc. Used for mobile devices. Layered Defense The use of multiple controls arranged in series to provide several consecutive controls to protect an asset; also called defense in depth. Linux An operating system that is open source, making its source code legally available to end users. Log Anomaly A system irregularity that is identified when studying log entries which could represent events of interest for further surveillance. Logging Collecting and storing user activities in a log, which is a record of the events occurring within an organization's systems and networks. NIST SP 1800-25B. Logical Access Control Systems An automated system that controls an individual's ability to access one or more computer system resources, such as a workstation, network, application or database. A logical access control system requires the validation of an individual's identity through some mechanism, such as a PIN, card, biometric or other token. It has the capability to assign different access privileges to different individuals depending on their roles and responsibilities in an organization. NIST SP 800-53 Rev.5. CONTINUED..