SANS CYBER SECURITY TERMS
UPDATE QUESTIONS
AND ANSWERS WITH COMPLETE
SOLUTIONS GRADED A+ SOLVED
CORRECTLY
Hypertext Transfer Protocol - CORRECT ANSWES -- The protocol in the Internet
Protocol (IP) family used to transport hypertext documents across an internet. (HTTP)
Identity - CORRECT ANSWES -- Whom someone or what something is, for example,
the name by which something is known.
Incident - CORRECT ANSWES -- An incident as an adverse network event in an
information system or network or the threat of the occurrence of such an event.
Incident Handling - CORRECT ANSWES -- An action plan for dealing with intrusions,
cyber-theft, denial of service, fire, floods, and other security-related events. It is
comprised of a six step process: Preparation, Identification, Containment, Eradication,
Recovery, and Lessons Learned.
Incremental Backups - CORRECT ANSWES -- Backup the files that have been
modified since the last backup. If dump levels are used, incremental backups only
backup files changed since last backup of a lower dump level.
Inetd - CORRECT ANSWES -- An application that controls smaller internet services like
telnet, ftp, and POP. ( Internet Daemon)
Inference Attacks - CORRECT ANSWES -- Rely on the user to make logical
connections between seemingly unrelated pieces of information.
Information Warfare - CORRECT ANSWES -- The competition between offensive and
defensive players over information resources.
Ingress Filtering - CORRECT ANSWES -- Filtering inbound traffic.
,Input Validations Attacks - CORRECT ANSWES -- An attacker intentionally sends
unusual input in the hopes of confusing an application.
Integrity - CORRECT ANSWES -- The need to ensure that information has not been
changed accidentally or deliberately, and that it is accurate and complete.
Integrity Star Property - CORRECT ANSWES -- A user cannot read data of a lower
integrity level then their own.
Internet - CORRECT ANSWES -- A term to describe connecting multiple separate
networks together.
Internet Control Message Protocal - CORRECT ANSWES -- An Internet Standard
protocol that is used to report error conditions during IP datagram processing and to
exchange other information concerning the state of the IP network. (ICMP)
Internet Engineering Task Force - CORRECT ANSWES -- The body that defines
standard Internet operating protocols such as TCP/IP. The IETF is supervised by the
Internet Society Internet Architecture Board (IAB). IETF members are drawn from the
Internet Society's individual and organization membership.
Internet Message Access Protocol - CORRECT ANSWES -- A protocol that defines how
a client should fetch mail from and return mail to a mail server. Intended as a
replacement for or extension to the Post Office Protocol (POP). It is defined in RFC
1203 (v3) and RFC 2060 (v4). (IMAP)
Internet Protocol - CORRECT ANSWES -- The method or protocol by which data is sent
from one computer to another on the Internet.
Internet Standard - CORRECT ANSWES -- A specification, approved by the IESG and
published as an RFC, that is stable and well-understood, is technically competent, has
multiple, independent, and interoperable implementations with substantial operational
experience, enjoys significant public support, and is recognizably useful in some or all
parts of the Internet.
Interrupt - CORRECT ANSWES -- A signal that informs the OS that something has
occurred.
Intranet - CORRECT ANSWES -- A computer network, especially one based on Internet
technology, that an organization uses for its own internal, and usually private, purposes
and that is closed to outsiders.
Intrusion Detection - CORRECT ANSWES -- A security management system for
computers and networks. An IDS gathers and analyzes information from various areas
within a computer or a network to identify possible security breaches, which include
, both intrusions (attacks from outside the organization) and misuse (attacks from within
the organization).
IP Address - CORRECT ANSWES -- A computer's inter-network address that is
assigned for use by the Internet Protocol and other protocols. Written as a series of four
8-bit numbers separated by periods.
IP Flood - CORRECT ANSWES -- A denial of service attack that sends a host more
echo request ("ping") packets than the protocol implementation can handle.
IP Forwarding - CORRECT ANSWES -- An Operating System option that allows a host
to act as a router. A system that has more than 1 network interface card must have
__________ turned on in order for the system to be able to act as a router.
IP Spoofing - CORRECT ANSWES -- The technique of supplying a false IP address.
International Organization for Standardization - CORRECT ANSWES -- A voluntary,
non-treaty, non-government organization, established in 1947, with voting members that
are designated standards bodies of participating nations and non-voting observer
organizations. (ISO)
An Issue-Specific Policy - CORRECT ANSWES -- Intended to address specific needs
within an organization, such as a password policy.
International Telecommunications Union, Telecommunication Standardization Sector -
CORRECT ANSWES -- A United Nations treaty organization that is composed mainly of
postal, telephone, and telegraph authorities of the member countries and that publishes
standards called "Recommendations." (CCITT) (ITU -T)
Jitter - CORRECT ANSWES -- The modification of fields in a database while preserving
the aggregate characteristics of that make the database useful in the first place
Jump Bug - CORRECT ANSWES -- A container that has all the items necessary to
respond to an incident inside to help mitigate the effects of delayed reactions.
Access Control - CORRECT ANSWES -- Ensures that resources are only granted to
those users who are entitled to them.
Access Control List - CORRECT ANSWES -- A mechanism that implements access
control for a system resource by listing the identities of the system entities that are
permitted to access the resource. (or referred to as ACL)
UPDATE QUESTIONS
AND ANSWERS WITH COMPLETE
SOLUTIONS GRADED A+ SOLVED
CORRECTLY
Hypertext Transfer Protocol - CORRECT ANSWES -- The protocol in the Internet
Protocol (IP) family used to transport hypertext documents across an internet. (HTTP)
Identity - CORRECT ANSWES -- Whom someone or what something is, for example,
the name by which something is known.
Incident - CORRECT ANSWES -- An incident as an adverse network event in an
information system or network or the threat of the occurrence of such an event.
Incident Handling - CORRECT ANSWES -- An action plan for dealing with intrusions,
cyber-theft, denial of service, fire, floods, and other security-related events. It is
comprised of a six step process: Preparation, Identification, Containment, Eradication,
Recovery, and Lessons Learned.
Incremental Backups - CORRECT ANSWES -- Backup the files that have been
modified since the last backup. If dump levels are used, incremental backups only
backup files changed since last backup of a lower dump level.
Inetd - CORRECT ANSWES -- An application that controls smaller internet services like
telnet, ftp, and POP. ( Internet Daemon)
Inference Attacks - CORRECT ANSWES -- Rely on the user to make logical
connections between seemingly unrelated pieces of information.
Information Warfare - CORRECT ANSWES -- The competition between offensive and
defensive players over information resources.
Ingress Filtering - CORRECT ANSWES -- Filtering inbound traffic.
,Input Validations Attacks - CORRECT ANSWES -- An attacker intentionally sends
unusual input in the hopes of confusing an application.
Integrity - CORRECT ANSWES -- The need to ensure that information has not been
changed accidentally or deliberately, and that it is accurate and complete.
Integrity Star Property - CORRECT ANSWES -- A user cannot read data of a lower
integrity level then their own.
Internet - CORRECT ANSWES -- A term to describe connecting multiple separate
networks together.
Internet Control Message Protocal - CORRECT ANSWES -- An Internet Standard
protocol that is used to report error conditions during IP datagram processing and to
exchange other information concerning the state of the IP network. (ICMP)
Internet Engineering Task Force - CORRECT ANSWES -- The body that defines
standard Internet operating protocols such as TCP/IP. The IETF is supervised by the
Internet Society Internet Architecture Board (IAB). IETF members are drawn from the
Internet Society's individual and organization membership.
Internet Message Access Protocol - CORRECT ANSWES -- A protocol that defines how
a client should fetch mail from and return mail to a mail server. Intended as a
replacement for or extension to the Post Office Protocol (POP). It is defined in RFC
1203 (v3) and RFC 2060 (v4). (IMAP)
Internet Protocol - CORRECT ANSWES -- The method or protocol by which data is sent
from one computer to another on the Internet.
Internet Standard - CORRECT ANSWES -- A specification, approved by the IESG and
published as an RFC, that is stable and well-understood, is technically competent, has
multiple, independent, and interoperable implementations with substantial operational
experience, enjoys significant public support, and is recognizably useful in some or all
parts of the Internet.
Interrupt - CORRECT ANSWES -- A signal that informs the OS that something has
occurred.
Intranet - CORRECT ANSWES -- A computer network, especially one based on Internet
technology, that an organization uses for its own internal, and usually private, purposes
and that is closed to outsiders.
Intrusion Detection - CORRECT ANSWES -- A security management system for
computers and networks. An IDS gathers and analyzes information from various areas
within a computer or a network to identify possible security breaches, which include
, both intrusions (attacks from outside the organization) and misuse (attacks from within
the organization).
IP Address - CORRECT ANSWES -- A computer's inter-network address that is
assigned for use by the Internet Protocol and other protocols. Written as a series of four
8-bit numbers separated by periods.
IP Flood - CORRECT ANSWES -- A denial of service attack that sends a host more
echo request ("ping") packets than the protocol implementation can handle.
IP Forwarding - CORRECT ANSWES -- An Operating System option that allows a host
to act as a router. A system that has more than 1 network interface card must have
__________ turned on in order for the system to be able to act as a router.
IP Spoofing - CORRECT ANSWES -- The technique of supplying a false IP address.
International Organization for Standardization - CORRECT ANSWES -- A voluntary,
non-treaty, non-government organization, established in 1947, with voting members that
are designated standards bodies of participating nations and non-voting observer
organizations. (ISO)
An Issue-Specific Policy - CORRECT ANSWES -- Intended to address specific needs
within an organization, such as a password policy.
International Telecommunications Union, Telecommunication Standardization Sector -
CORRECT ANSWES -- A United Nations treaty organization that is composed mainly of
postal, telephone, and telegraph authorities of the member countries and that publishes
standards called "Recommendations." (CCITT) (ITU -T)
Jitter - CORRECT ANSWES -- The modification of fields in a database while preserving
the aggregate characteristics of that make the database useful in the first place
Jump Bug - CORRECT ANSWES -- A container that has all the items necessary to
respond to an incident inside to help mitigate the effects of delayed reactions.
Access Control - CORRECT ANSWES -- Ensures that resources are only granted to
those users who are entitled to them.
Access Control List - CORRECT ANSWES -- A mechanism that implements access
control for a system resource by listing the identities of the system entities that are
permitted to access the resource. (or referred to as ACL)
