Security+ Study Guide

See Certificate Authority.

See Carlisle Adams Stafford Tavares.

A type of symmetric block cipher defined by RFC 2144.

See common criteria.

See Common Criteria Recognition Agreement.

The primary office from which most resources extend.

A digital entity that establishes who you are and is often used with e-commerce. It has your name and other identifying data within it.

The issuer of digital certificates (which are then used for digital signatures or key pairs).

Policies governing the use of certificates.

The principles and procedures employed in the issuing and managing of certificates.

A list of digital certificate revocations that must be regularly downloaded to stay current.

The act of removing a certificate from being valid.

The log of the history of evidence that has been collected.

A protocol that challenges a system to verify identity. CHAP is an improvement over PAP (Password Authentication Protocol) in which one-way hashing is incorporated into a three-way handshake. RFC 1334 applies to both PAP and CHAP.

Documentation required to make a change in the scope of any particular item. In the realm of project management, a change document is a formal document requiring many signatures before key elements of the project can be modified.

See Challenge Handshake Authentication Protocol.

A certain action or moment in time that is used as to perform a check. This allows for a restart to begin at the last point that the data was saved as opposed to from the beginning.

A hexadecimal value computed from transmitted data that is used in error- checking routines.

See cryptographic algorithm.

A switching method where a dedicated connection between the sender and receiver is maintained throughout the conversation.

An integrity model for creating a secure architecture.

Unencrypted text that can be read with any editor.

A client is a part of a client/server network. It is the part where the computing is usually done. In a typical setting, a client will use the server for remote storage, backups, or security such as a firewall.

A server-centric network in which all resources are stored on a file server and processing power is distributed among workstations and the file server.

An early encryption system offered by the NSA for civilian use that was a hardware implementation of the skipjack encryption algorithm.

A method of balancing loads and providing fault tolerance.

A type of cabling used in computer networks.

The storage and conditions of release of source code provided by a vendor.

A physical site that has all the resources to enable it to be used if the main site is inaccessible (destroyed). Commonly, plans call for turning to a cold site within a certain number of hours after the loss of the main site.

The means and orderly fashion by which evidence is collected, identified, and marked.

An agreement between individuals to commit fraud or deceit.

A document of specifications detailing security evaluation methods for IT products and systems.

A set of standards, formerly known as the Mutual Recognition Agreement (MRA), that define Evaluation Assurance Levels.

An older form of scripting that was used extensively in early web systems.

A virus that creates a new program that runs in place of an expected program of the same name.

Standards that support a non-hierarchical security classification.

The act of assuring that data remains private and no one sees it except for those expected to see it.

The administration of setup and changes to configurations.

Communications between two hosts that have no previous session established for synchronizing sent data. The data is not acknowledged at the receiving end. This can allow data loss.

Communications between two hosts that have a previous session established for synchronizing sent data. The data is acknowledged by the receiving PC. This allows for guaranteed delivery of data between PCs.

A plain text file stored on your machine that contains information about you (and your preferences) for use by a database server.

See Certificate Practice Statement.

See cyclical redundancy check.

Functions upon which the livelihood of the company is dependent.

See Certificate Revocation List.

The study and practice of finding weaknesses in ciphers.

Those who participate in cryptanalysis.

Those who participate in the study of cryptographic algorithms.

Symmetric algorithms, also known as ciphers, used to encrypt and decrypt data.

The field of mathematics focused on encrypting and decrypting data.

A data custodian is responsible for maintaining the data, and the integrity of it, within their area.

An error-checking method in data communications that runs a formula against data before transmissions. The sending station then appends the resultant value (called a checksum) to the data and sends it. The receiving station uses the same formula on the data. If the receiving station doesn't get the same checksum result for the calculation, it considers the transmission invalid, rejects the frame, and asks for retransmission.