Blockchain
The ledger functionality can be used to track or verify components, digital media, votes, and other physical or digital objects
CASB
offer visibility into application use and data security policy use
it also offers verification with formal standards and monitoring and identification of threats
integrity measurement check
designed to check for the secure baseline of firewall settings, patch levels, operating system versions, and any other security components associated with the application.
VDI
would allow the field team to access the application on many different devices and we don't have to worry about data being stored on their own device, and it seems like all the different MDM policies like COPE, corporate owned, BYOD, would still force to keep data on the phones
containerization
uses a single virtual machine to use as a foundation for separate application "containers." These containers are implemented as isolated instances, and an application in one container is not inherently accessible from other containers on the system.
S/MIME (Secure/Multipurpose Internet Mail Extensions)
provides a way to integrate public key encryption and digital signatures into most modern email clients. This would encrypt all email information from client to client, regardless of the communication used between email servers.
A company's outgoing email server currently uses SMTP with no encryption. The security administrator would like to implement encryption between email clients without changing the existing server-to-server communication. Which of the following would be the BEST way to implement this requirement?
S/MIME
screened subnet
a good location to configure services that can be accessed from the Internet, and building a system that can be easily compromised is a common tactic
VPN concentrator
provides encryption and decryption of network traffic and usually is integrated into a firewall
PAP (password authentication protocol)
old system, very system, extraordinary weak, no encryption used
CHAP (challenge handshake authentication Protocol
provides a encrypted challenge sent over the network
three-way handshake
client respsoned with a password hash
Chain of Custody
control evidence, maintain integrity, make sure evidence does not change
everyone who contacts the evidence, touches it, moves it, transport it, must be part of chain of custody, to avoid tampering and uses hashes
must label everything catalog every, take as many pictures as possible
seal everything and store way
Indirect Object reference
refers to leaving a reference to an object completely exposed like a use rid of someone being displayed in the URL and if you change it, you have access to another persons infomation base off of that
SoC
multiple components that run on a single chip are categorized as SoC
UTM
watches traffic flows across network and does not commonly manage storage options
Login Banner
provide a definitive warning to any possible intruders that may want to access your system that certain types of activity are illegal, but at the same time, it also advises the authorized and legitimate users of their obligations relating to acceptable use of the computerized or networked environment(s).
SED
provides data protection of a storage device using full disk encryption in the drive hardware
curl
command will retrieve a web page and display it as HTML at the command line.
grep
used to search through the file for a specific string of text.
WAF
commonly used to monitor the input to web-based applications.
‘
Reconstitution
The recovery after a breach can be a phased approach that may take months to complete.
Swap/pagefiles
A place to store RAM when memory is depleted-transfer pages of RAM to a storage drive
sandboxing
referring to the development process, it is an isolated testing environment
QA team
verifies features are working as expected
validates new functionalities
Staging environment
working with a copy of production data to test and see performance