CYB 220 Exam (Glossary Terms)
Questions and Answers 100% Correct
Access Controls (Models and Mechanisms) - ANSWER-The management of admission
to system and network resources. It grants authenticated users access to specific
resources based on company policies and the permission level assigned to the user or
user group. Access control often includes authentication, which proves the identity of
the user or client machine attempting to log in (PC Magazine, 2018).
Adversarial Thinking - ANSWER-The ability to think like a hacker. Identifying
characteristics including where, when, and how hackers might attack, and their tactics
for evading detection (Hamman, Hopkinson, Markham, Chaplik, & Metzler, 2017).
Anomaly Detection - ANSWER-An approach to intrusion detection that establishes a
baseline model of behavior for users and components in a computer system or network.
Deviations from the baseline cause alerts that direct the attention of human operators to
the anomalies (PC Magazine, 2018).
Artificial Intelligence - ANSWER-Devices and applications that exhibit human
intelligence and behavior, including robots, self-driving cars, medical diagnosis, and
voice- and natural-language recognition. AI implies the capability to learn and adapt
through experience and the ability to come up with solutions to problems without using
rigid, predefined algorithms, which is the approach of non-AI software (PC Magazine,
2018).
Attack Vector - ANSWER-The approach used to assault a computer system or network.
As it is a fancy way of saying "method or type of attack," the term may refer to a variety
of vulnerabilities. For example, an operating system or web browser may have a flaw
that is exploited by a website. Human shortcomings are also used to engineer attack
vectors. For example, a novice user may open an email attachment that contains a
virus, and most everyone can be persuaded at least once in a lifetime to reveal a
password for some seemingly relevant reason (PC Magazine, 2018).
Correlation Techniques - ANSWER-The analysis of intrusion detection based on
previous incidents that may be similar to the current incident. Can be used to identify
possible ways to start to create a fix for the vulnerability.
Cross Log Comparison and Analysis - ANSWER-The comparison of two different log
files to try and determine outliers and anomalies. Usually done with some type of
software analysis tool (PC Magazine, 2018).
Data Logging - ANSWER-The continuous recording of data. The term may refer to the
automatic collection of data from sensors in the field, or in a factory or scientific
, environment. It may also refer to gathering traffic statistics in a network or events in the
computer (PC Magazine, 2018).
Deep Packet Inspection - ANSWER-Analyzing network traffic to discover the type of
application that sent the data. In order to prioritize traffic or filter out unwanted data,
deep packet inspection can differentiate data such as video, audio, chat, voice over IP
(VoIP), email, and web. As it inspects the packets all the way up to layer seven, deep
packet inspection can be used to analyze anything and everything within the packet that
is not encrypted. For example, it can determine not only that the packets contain the
contents of a webpage, but also which website the page is from (PC Magazine, 2018).
Defense in Depth - ANSWER-Using multiple systems to resist attackers. For example, if
an external firewall is breached, an internal intrusion detection system can sound an
alarm. If systems are breached and data can be stolen, keeping all vital records
encrypted on disk and encrypted during transmission prevents attackers from using the
data, even if they get it (PC Magazine, 2018).
Demilitarized Zone (DMZ) - ANSWER-A middle ground between an organization's
trusted internal network and an untrusted, external network such as the internet. Also
called a perimeter network, the DMZ is a subnetwork (subnet) that may sit between
firewalls or off one leg of a firewall. Organizations typically place their web, mail, and
authentication servers in it. It is a military term that refers to the area between two
enemies (PC Magazine, 2018).
Device Reconfiguration - ANSWER-The changing of hardware on the fly to protect
against a compromised device. Restoring the device to the system defaults or changing
the protection scheme to secure the device from an attack in real time.
Distributed Intrusion Detection - ANSWER-The implementation of network protection
across multiple computers or devices. The formation allows for systems to not fall prey if
a single machine is compromised. Normally a system has measure to regain control of
a compromised system.
Exposure - ANSWER-The degree to which information can be accessed using
authorized or unauthorized methods (PC Magazine, 2018).
Establishing Profiles - ANSWER-Creating patterns and signatures of attack vectors for
the purpose of identifying threats.
Files Systems - ANSWER-The software that people use to copy, move, rename, and
delete files is known as a file manager, not a file system.
The software and method for storing and retrieving files on a disk, SSD, or USB drive.
The file system takes commands from the operating system to read and write the disk
clusters (groups of sectors). It manages the folder/directory structure and provides an
index to the files. It also defines the syntax used to access them (i.e., how the "path" to
