Comp TIA CASP
Comp TIA CASP
3. CIA TRIAD -
a. Confidentiality- The assurance that information can be read, interpreted, or
accessed in any way only by persons and processes explicitly authorized to do
so.
b. Integrity- To protect data from deletion or modification from any unauthorized
party, and it ensures that when an authorized person makes a change that
should not have been made the damage can be reversed.
c. Availability- This is the final component of the CIA Triad and refers to the actual
availability of your data. Authentication mechanisms, access channels, and
systems all have to work properly for the information they protect and ensure it’s
available when it is needed (Forcepoint.com, 2019).
5. Threats- Refers to anything that has the potential to cause serious harm to a computer
system. A threat is something that may or may not happen, but has the potential to
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
1
cause serious damage. Threats can lead to attacks on computer systems, networks, and
more (Reddy, 2017).
7. Residual Risk- A risk that remains after controls are applied or a risk that can’t or is not
feasible to eliminate. Example: Windows 98 machine in a production environment that
runs special software and will not work on any other operating system.
8. Risk Appetite- The level of risk that an organization is prepared to accept in pursuit of
its objectives, and before action deemed necessary to reduce risk (Audiopedia, 2017).
10. Countermeasures- Any process that serves to counter specific threats and be
considered a targeted control.
12. Benchmark- A point of reference later used for comparison, captures the same data as
a baseline and can even be used as a new baseline should the need arise (Guidera,
2016).
13. Baseline- A reference point that is defined and captured to be used as a future
reference (Guidera, 2016).
14. Gap Analysis- An examination of your current performance for the purpose of
identifying the differences between your current state of business and where you’d like
to be (Connectis Group, 2019).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
2
Module 2: Vulnerability Management
16. Threat Modeling- A powerful way to identify potential threats, visualize risk, and
understand the security of the software system (Security Innovation Follow, 2017).
17. Threat Ratings- Is a quantitative measure of your network’s threat level after IPS
mitigation (Cisco Inc., 2017).
18. RFC (Request for Comments) is a pure technical document published by the Internet
Engineering Task Force (IETF) (OmniSecu.com. 2019).
20. Banner- A message that a service transmits when another program connects to it
(Jorhma, 2019).
21. Banner Grabbing- When a program is used to intentionally gather this information. It
can be used as an assessment tool to perform an inventory on the services and systems
operating on a server (Jorhma, 2019).
23. Honeynets- is a network set up with intentional vulnerabilities; its purpose is to invite
attack so that an attacker's activities and methods can be studied and that information
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
3
used to increase network security. A honeynet contains one or more honey pot s, which
are computer systems on the Internet expressly set up to attract and "trap" people who
attempt to penetrate other people's computer systems (Rouse, 2007).
24. Vulnerability Scanning- An automated software search through a system for known
weaknesses that creates a report of those potential exposures (Lochridge, 2015).
25. Penetration Testing- Designed to exploit system weaknesses. Relies on tester’s skill,
knowledge, cunning usually conducted by independent contractor Tests usually
conducted outside the security perimeter and may even disrupt network operations
(Jorhma, 2019).
26. Hardening- It is to eliminate as many security risks as possible (Total Uptime, 2019).
28. Security Framework- A series of documented processes that are used to define
policies and procedures around the implementation and ongoing management of
information security controls in an enterprise environment (Granneman, 2019).
29. IT Governance- Is the collective tools, processes, and methodologies that enable an
organization to align business strategy and goals with IT services, infrastructure or the
environment (Techopedia Inc., 2019).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
4
31. Security Policy- Set of rules defining who is authorized to access what and under which
conditions, and the criteria under which such authorization is given or canceled.
32. Change Control- This refers to the formal procedures adopted by an organization to
ensure that all changes to system and application software are subject to the appropriate
level of management control.
33. Security Impact Assessment- The analysis conducted by qualified staff within an
organization to determine the extent to which changes to the information system affect
the security posture of the system.
34. System Architecture- Is the conceptual model that defines the structure, behavior, and
more views of a system, organized in a way that supports reasoning about the structures
and behaviors of the system (Feldman, 2017).
35. Interoperability of Systems- The extent to which systems and devices can exchange
data and interpret that shared data (Brown, 2017).
36. Cryptography- The art and science of concealing the messages to introduce secrecy in
information security are recognized (BFXCoin, 2017).
37. Salt or Salting- Is random data that is used as an additional input to a one-way function
that “hashes” data, a password or passphrase (Everitt, 2017).
38. Hashing- Is generating a value or values from a string of text using a mathematical
function. Hashing is one way to enable security during the process of message
transmission when the message is intended for a particular recipient only. A formula
generates the hash, which helps to protect the security of the transmission against
tampering (Techopedia Inc., 2019).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
5
39. Symmetric Encryption- A secret key, which can be a number, a word, or just a string
of random letters, is applied to the text of a message to change the content in a
particular way. This might be as simple as shifting each letter by a number of places in
the alphabet. As long as both sender and recipient know the secret key, they can
encrypt and decrypt all messages that use this key (Microsoft, Inc., 2018).
40. Asymmetric Encryption- The problem with secret keys is exchanging them over the
Internet or a large network while preventing them from falling into the wrong hands.
Anyone who knows the secret key can decrypt the message. One answer is asymmetric
encryption, in which there are two related keys--a key pair. A public key is made freely
available to anyone who might want to send you a message. A second, private key is
kept the secret so that only you know it (Microsoft, Inc., 2018).
42. Steganography- Is simply hiding one message inside another. Known as hiding in plain
sight, steganography may be used to hide a text message inside a photograph, an audio
recording, or a video recording.
43. Non-repudiation- It is the assurance that someone cannot deny something. Typically,
nonrepudiation refers to the ability to ensure that a party to a contract or a
communication cannot deny the authenticity of their signature on a document or the
sending of a message that they originated (Rouse, 2008).
45. Rootkit- Malware gives administrator-level control over a computer system without
being detected.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
6
46. Security Baseline- a set of basic security objectives that must be met by any given
service or system. The objectives are chosen to be pragmatic and complete and do not
impose technical means. Therefore, details on how these security objectives are fulfilled
by a particular service/system must be documented in a separate "Security
Implementation Document". These details depend on the operational environment a
service/system is deployed into, and might, thus, creatively use and apply any relevant
security measure. Derogations from the baseline are possible and expected, and must
be explicitly marked (ITSRM, 2010).
47. Host- A host (also known as "network host") is a computer or other device that
communicates with other hosts on a network. Hosts on a network include clients and
servers -- that send or receive data, services or applications (Scarpati, 2019).
49. Virus Hoax- Is a message warning the recipient of non-existent computer virus threat,
usually sent as a chain email that tells the recipient to forward it to everyone they know
(Chris, 2016).
51. Worm- Is a self-replicating program that replicates itself to other computers over the
network without any user intervention (Jimenez, 2014).
52. Trojan Horse- Is an executable program that as a desirable or useful program, users
are tricked into loading and executing the program on their system.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
7
53. Spyware- It is a type of malware that is installed on computers and collects personal
information or browsing habits often the user’s knowledge (Cobo, 2017).
55. Backdoor- Is a program that gives some remote, unauthorized control of a system or
initiates an unauthorized task (O’Neal, 2014).
57. Fuzz Testing (Fuzzing) - A software testing technique that deliberately provides invalid,
unexpected, or random data as inputs to a program.
58. Input Validation- A specific type of error handling is verifying responses that the user
makes to the application.
59. Cross-site Request Forgery (XSRF) - An attack that uses the user’s web browser
settings to impersonate the user (Skillset, 2016).
60. Application Hardening- Application hardening is a process for changing the default
application configuration in order to achieve greater security (TechTarget, 2004).
61. Big Data- It refers to a collection of data sets so large and complex that it becomes
difficult to process using traditional data processing apps (Tran, 2015).
62. Data Loss Prevention (DLP) - System of security tools used to recognize and identify
critical data and ensure it is protected (Stever, 2016).
63. Content Inspection- A security analysis of the transaction within its approved context.
Looks at the security level of data, who is requesting it, where the data is stored, when it
was requested, and where it is going (Mcelwee, 2017).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
8
64. Index Matching- Documents that have been identified as needing protection are
analyzed by DLP and complex computations are conducted based on the analysis
(Platter, 2014).
65. Virtualization- Is creating more logical IT resources, called virtual systems, within one
physical system. That’s called system virtualization.
66. Hypervisor- This is what controls and allocates what portion of hardware resources
each operating system should get; in order every one of them to get what they need and
not to disrupt each other.
69. Resilience- It refers to a network or system’s ability to withstand the slings and arrows
of life and operations, from a human error to migration failure to natural disaster.
70. Shared Storage- Is “centralizing” data in one “place” however it is more than just that
(Ivanova, 2016).
71. Surveillance- Ongoing close observation and collection of data or evidence, for a
specified purpose or confined to a narrow sector. In comparison, environmental
scanning is broad and includes all associated external factors (Web Finance Inc., 2019).
72. Data Ownership- Is the act of having legal rights and complete control over a single
piece or set of data elements (Techopedia Inc., 2019).
73. Jurisdiction- Power or right of a legal or political agency to exercise its authority over a
person, subject matter, or territory (Smith, 2014).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
9
74. Electronic Discovery (also called e-discovery or ediscovery) refers to any process in
which electronic data is sought, located, secured, and searched with the intent of using it
as evidence in a civil or criminal legal case (Quizlet, 2017).
76. Software Attack Surface- The software attack surface is the complete profile of all
functions in any code running in a given system that is available to an unauthenticated
user (Haughn, 2015).
77. Software Vulnerability- This is a glitch, flaw, or weakness present in the software or in
an OS (Operating System) (Mohanty, 2018).
78. Vulnerability Assessment- Is the process of identifying, quantifying and prioritizing the
vulnerabilities in a system (Tiwari, 2018).
79. Vulnerability Assessment Process- Is intended to identify threats and the risks they
pose typically involve the use of automated test tools, such as network scanners, whose
results are listed in a vulnerability assessment report (Rosencrance, 2018).
80. Escalation of Privilege- Occurs when code runs with higher privileges than that of the
user who executed it.
81. Buffer Overflow- This occurs when more data are written to a buffer than it can hold.
82. Directory Traversal- Is security exploit within HTTP that enables an individual to access
restricted files or directories and execute commands that are external to the Web
server’s root directory (Techopedia Inc., 2019).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
10
83. Cross-Site Scripting- It is a type of computer security vulnerability typically found in
web applications, which enables attackers to inject and execute client-side malicious
scripts into web pages in another user’s browser. Cross-site Scripting is a type of
computer security vulnerability typically found in web applications, which enables
attackers to inject and execute client-side malicious scripts into web pages in another
user’s browser (Chen, 2013).
85. Cross-Site Request Forgery (CSRF) - Also known as XSRF, Sea Surf or Session
Riding, is an attack vector that tricks a web browser into executing an unwanted action in
an application to which a user is logged in.
86. SQL Injection- An SQL injection is a computer attack in which malicious code is
embedded in a poorly-designed application and then passed to the backend database.
The malicious data then produces database query results or actions that should never
have been executed (Techopedia Inc., 2019).
87. Software Assurance- This is defined as the level of confidence that software is free
from vulnerabilities, either intentionally designed into the software or accidentally
inserted at any time during its lifecycle, and that software functions in the intended
manner (Quizlet, 2016).
88. Secure DevOps- It is the process of integrating secure development best practices and
methodologies into the development and deployment processes that DevOps makes
possible (Matthew, 2017).
89. System Development Life Cycle (SDLC) - All systems have a life cycle or series of
stages they naturally undergo.
a. The number and name of the stages vary, but the primary stages are conception,
development, maturity, and decline.
b. The systems development life cycle (SDLC) therefore, refers to the development
stage of the system’s life cycle.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
11
90. SDLC Models- SDLC or the Software Development Life Cycle is a process that
produces software with the highest quality and lowest cost in the shortest time. SDLC
includes a detailed plan for how to develop, alter, maintain, and replace a software
system (Stackify, 2017).
91. Waterfall Model- This SDLC model is the oldest and most straightforward. With this
methodology, we finish one phase and then start the next. Each phase has its own mini-
plan and each phase “waterfalls” into the next. The biggest drawback of this model is
that small details left incomplete can hold up the entire process (Stackify, 2017).
92. Iterative Model-This SDLC model emphasizes repetition. Developers create a version
very quickly and for relatively little cost, then test and improve it through rapid and
successive versions. One big disadvantage here is that it can eat up resources fast if left
unchecked (Stackify, 2017).
93. Spiral Model- The most flexible of the SDLC models, the spiral model is similar to the
iterative model in its emphasis on repetition. The spiral model goes through the planning,
design, build and test phases over and over, with gradual improvements at each pass
(Stackify, 2017).
94. V-Model- An extension of the waterfall model, this SDLC methodology tests at each
stage of development. As with the waterfall, this process can run into roadblocks
(Stackify, 2017).
95. Big Bang Model- This high-risk SDLC model throws most of its resources at the
development and works best for small projects. It lacks the thorough requirements
definition stage of other methods (Stackify, 2017).
96. Secure Coding Standards- Are rules and guidelines used to prevent security
vulnerabilities. Used effectively, secure coding standards prevent, detect and eliminate
errors that could compromise software security.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
12
97. Session Management- Attack occurs when an attacker breaks into the web
application’s session management mechanism to bypass the authentication controls and
spoof the valid user (Quizlet, 2017).
98. Layered Security- A defense that uses multiple types of security devices to protect a
network. Also called Defense in Depth.
99. OSI Model- defines a networking framework to implement protocols in layers, with
control passed from one layer to the next. It is primarily used today as a teaching tool. It
conceptually divides computer network architecture into 7 layers in a logical progression.
The lower layers deal with electrical signals, chunks of binary data, and routing of these
data across networks. Higher levels cover network requests and responses,
representation of data, and network protocols as seen from a user's point of view
(Mitchell, 2019).
100. Network Tap- A network tap is an external monitoring device that mirrors the traffic that
passes between two network nodes. A tap (test access point) is a hardware device
inserted at a specific point in the network to monitor data (McGillicuddy, 2013).
101. Web Proxies- This is one method for hiding your IP address from the websites you
visit. Web/online proxies are a bit like search engines, and so are really easy to access.
When you use an online proxy, the websites you visit are unable to see your real
location because the proxy makes it look like you're accessing the page from
somewhere else. Web proxies act as shields between you and the website you're
visiting. When you're viewing a web page through a web proxy, the website sees that a
specific IP address is accessing its server, but the address isn't yours because all of the
web traffic between your computer and the webserver is first passed through the proxy
server (Fisher, 2019).
102. Virtual Private Network (VPN) – It enables authorized users to use unsecured public
networks as if it were a secure private network.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
13
103. Intrusion Detection System- is a system that monitors network traffic for suspicious
activity and issues alert when such activity is discovered. While anomaly detection and
reporting is the primary function, some intrusion detection systems are capable of
taking actions when a malicious activity or anomalous traffic is detected, including
blocking traffic sent from suspicious IP addresses (Rosencrance, 2018).
104. Network Intrusion Detection System (NIDS) - It is a system that attempts to detect
hacking activities, denial of service attacks or port scans on a computer network or a
computer itself. The NIDS monitors network traffic and helps to detect these malicious
activities by identifying suspicious patterns in the incoming packets (Computer Hope,
2017).
105. Intrusion Prevention System (IPS) - Is a form of network security that works to detect
and prevent identified threats. Intrusion prevention systems continuously monitor your
network, looking for possible malicious incidents and capturing information about them.
The IPS reports these events to system administrators and takes preventative action,
such as closing access points and configuring firewalls to prevent future attacks. IPS
solutions can also be used to identify issues with corporate security policies, deterring
employees and network guests from violating the rules these policies contain
(Forcepoint, 2019).
106. Network Address Translation (NAT) - Allows addresses to be used on the public
internet. Replacing the private IP address with a public address.
107. Port Address Translation (PAT) - Outgoing packets are given the same IP address
but different TCP port numbers.
108. Network Access Control- Examines the current state of the system or device before
allowing the network connection. The device must meet a set of criteria. If not met, NAC
allows the connection to a “quarantine” network until deficiencies corrected (Miller,
2014).
109. Demilitarized Zone (DMZ) - It is a physical or logical subnetwork that contains and
exposes an organization's external-facing services to an untrusted network, usually a
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
14
larger network such as the Internet (Hillen, 2018).
111. Virtual LANS- A virtual LAN (local area network) is a logical subnetwork that groups a
collection of devices from different physical LANs. Large business computer
networks often set up VLANs to re-partition a network for improved traffic management.
Several kinds of physical networks support virtual LANs, including Ethernet and Wi-Fi
(Mitchell, 2019).
112. Remote Access- In computer networking, remote access technology allows someone
to log in to a system as an authorized user without being physically present at its
keyboard. Remote access is commonly used on corporate computer networks but can
also be used on home networks. The most sophisticated form of remote access
enables users on one computer to see and interact with the actual desktop user
interface of another computer. Setting up remote desktop support involves configuring
software on both the host (the local computer controlling the connection) and the client
(the remote computer being accessed). When connected, this software opens a window
on the host computer containing a view of the client's desktop (Mitchell, 2019).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
15
segregated, VRF also increases network security and can eliminate the need for
encryption and authentication. Internet service providers (ISPs) often take advantage of
VRF to create separate virtual private networks (VPNs) for customers; thus the
technology is also referred to as VPN routing and forwarding (Rouse, 2019).
116. Unified Communications Systems- An industry term that describes all forms of
business communication, audio, video, multimedia data, text, and messaging.
117. Information Security Audit- Is a systematic, measurable security audit of how the
organization’s security policy is employed (IntiGrow, 2019).
118. Clipping Levels- A baseline once exceeded signals an action such as an alarm on an
IDS. The goal of using clipping levels, auditing, and monitoring is to discover problems
before major damage occurs and, at times, to be alerted if a possible attack is
underway within the network (Quizlet, 2012).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
16
to qualify performance (Zhu, 2017).
121. Metrics and Analysis (MA) - Is a sophisticated practice in security management that
takes advantage of data to produce usable, objective information and insights that
guide decisions (SecurityInfoWatch, 2012).
123. Data Visualization- Is a general term that describes any effort to help people
understand the significance of data by placing it in a visual context. Patterns, trends,
and correlations that might go undetected in text-based data can be exposed and
recognized easier with data visualization software (Kaczrowski, 2016).
124. Packet Dump- Is a computer networking term for intercepting a data packet that is
crossing or moving over a specific computer network (Answersdrive, 2019).
125. Trust Transitivity- Determines whether a trust can be extended outside to domains
between which the trust was formed (Forsenergy, 2016).
127. One-Way Trust- Is a unidirectional authentication path created between two domains
(trust flows in one direction, and access flows in the other).
128. Transitive Trust- Is a two-way relationship automatically created between parent and
child domains in a Microsoft Active Directory forest (Rubenstein, 2012).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
17
129. Authorization- Is a security mechanism to determine access levels or user/client
privileges related to system resources including files, services, computer programs,
data and application features (Techopedia Inc., 2019).
130. Proofing- Providing the identity of a subject to a system, usually in the form of a user
ID.
131. Mandatory Access Control (MAC)- Mandatory access control (MAC) is a security
strategy that restricts the ability individual resource owners have to grant or deny
access to resource objects in a file system (Shea, 2013).
132. Non- Discretionary Access Control (NDAC) - is when the overall system
administrator (or a single management body) within an organization tightly controls
access to all resources for everybody on a network (Answers, 2019).
133. Discretionary Access Control (DAC) - It is a type of security access control that
grants or restricts object access via an access policy determined by an object's owner
group and/or subjects (Techopedia Inc., 2019).
135. Rule-Based Access Control- It is based on rules to deny or allow access to resources.
If the rule is matched we will be denied or allowed access. The best example of usage
is on the routers and their access control lists (Cicnavi, 2015).
136. Access Control Model- Standards that provide a predefined framework for hardware
or software developers.
137. Access Control Groups- This is groupings of access privileges for objects (catalogs,
hierarchies, collaboration areas, and import jobs) that are treated at the same level in
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
18
the Collaboration Server system (IBM Inc., 2015).
138. Attribute-based Access Control (ABAC) - Can control access based on three
different types: user attributes, attributes associated with the application or system to be
accessed, and current environmental conditions.
139. Incident Response Policy- Used to describe the process by which an organization
handles a data breach or cyberattack, including the way the organization attempts to
manage the consequences of the attack or breach (the “incident”). Ultimately, the goal
is to effectively manage the incident so that the damage is limited and recovery time
and costs, as well as collateral damage such as brand reputation, are kept at a
minimum (Lord, 2018).
140. Incident Response Planning- Includes identification of, classification of, and response
to an incident.
141. Incident Response Plan- is a systematic and documented method of approaching and
managing situations resulting from IT security incidents or breaches. It is used in
enterprise IT environments and facilities to identify, respond, limit and counteract
security incidents as they occur (Techopedia Inc., 2019).
142. Incident Reaction- Consists of actions that guide the organization to stop the incident,
mitigate its impact, and provide information for recovery.
143. Incident Recovery Plan- is a structured methodology for handling security incidents,
breaches, and cyber threats. A well-defined incident response plan allows you to
effectively identify, minimize the damage, and reduce the cost of a cyber-attack while
finding and fixing the cause to prevent future attacks (Voigt, 2018).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
19
145. Digital Forensics- Is the process of uncovering and interpreting electronic data. The
goal of the process is to preserve any evidence in its most original form while
performing a structured investigation by collecting, identifying and validating the digital
information for the purpose of reconstructing past events (Quizlet, 2018).
146. Evidence Life Cycle/ Digital Forensics Life Cycle- The volume, complexity and
delicate nature of relevant electronic evidence require strict protocols, expensive
hardware and software tools, and experience to achieve optimal results. Properly
managed, a computer forensic expert will focus on the relevant electronic discovery
targets, lower the eventual cost of litigation and increase the probability of a favorable
outcome (Valiant Technologies Pvt Ltd, 2018).
147. Chain of Custody- Refers to a forensic principle whereby each movement or transfer
of data must be recorded and logged appropriately.
148. Forensic Investigation- This is the gathering and analysis of all crime-related physical
evidence in order to come to a conclusion about a suspect. Investigators will look at
blood, fluid, or fingerprints, residue, hard drives, computers, or other technology to
establish how a crime took place. There are a number of different types of forensics
(OMICS International, 2019).
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
20
References:
Answersdrive. (2019, October 2). What is the meaning of the packet sniffer? Retrieved from
https://answersdrive.com/what-is-the-meaning-of-packet-sniffer-6438771.
Chris, L. (2016). MTA 98-367 - Module 5 Protecting the Server and Client. Retrieved from
https://quizlet.com/166416433/mta-98-367-module-5-protecting-the-server-and-client-flash-
cards/.
Cicnavi. (2015, December 3). Overview of Four Main Access Control Models. Retrieved from
https://www.utilizewindows.com/overview-of-four-main-access-control-models/.
Cisco Inc. (2017, August 10). Risk Rating and Threat Rating: Simplify IPS Policy Management.
Retrieved from https://www.cisco.com/c/en/us/products/collateral/security/ips-4200-series-
sensors/prod_white_paper0900aecd806e7299.html
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
21
Clark, C. (2016, April 11). What is honeypot (computing)? - Definition from WhatIs.com.
Retrieved from https://searchsecurity.techtarget.com/definition/honey-pot
Computer Hope. (2017, December 29). What is a NIDS (Network Intrusion Detection System)?
Retrieved from https://www.computerhope.com/jargon/n/nids.htm.
Ferguson, K. (2007, March 21). What is a Subnet and How Does It Work? - Definition from
WhatIs.com. Retrieved from https://searchnetworking.techtarget.com/definition/subnet.
Fisher, T. (2019, August 12). How a Web Proxy Can Keep You Anonymous Online. Retrieved
from https://www.lifewire.com/what-is-web-proxy-3481607.
Forcepoint.com. (2019, June 14). What is the CIA Triad? Retrieved from
https://www.forcepoint.com/cyber-edu/cia-triad
Forcepoint. (2019, August 14). What is an Intrusion Prevention System (IPS)? Retrieved from
https://www.forcepoint.com/cyber-edu/intrusion-prevention-system-ips.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
22
Granneman, J. (2019, May). Top 7 IT security frameworks and standards explained. Retrieved
from https://searchsecurity.techtarget.com/tip/IT-security-frameworks-and-standards-Choosing-
the-right-one.
Guidera, L. (2016, October). CASP Chapter 11 Vocabulary. Retrieved from
https://quizlet.com/163220110/casp-chapter-11-vocabulary-flash-cards/
Haughn, M. (2015, January). What is the software attack surface? - Definition from WhatIs.com.
Retrieved from https://whatis.techtarget.com/definition/software-attack-surface.
ITSRM (2010, June 10). Mandatory Security Baselines. Retrieved from https://security.
.cern.ch/security/rules/en/baselines.shtml.
IBM Inc. (2015, August 15). Defining Access Control Groups. Retrieved from
https://www.ibm.com/support/knowledgecenter/SSWSR9_10.1.0/com.ibm.pim.dev.doc/pim_con
_arc_definingacgs.html.
Ivanova, S. (2016, November 29). Why Shared Storage is Critical and How Can it Benefit the
Datacenter? Retrieved from https://storpool.com/blog/shared-storage-is-critical-how-can-it-
benefit-datacenter.
Jorhma. (2019). TCPIP numeric value as an identifier to applications and services on systems
Each. Retrieved from https://www.coursehero.com/file/p1ld5mq/TCPIP-numeric-value-as-
identifier-to-applications-and-services-on-systems-Each/
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
23
Jorhma. (2019). Penetration testing Designed to exploit system weaknesses Relies on testers.
Retrieved from https://www.coursehero.com/file/p5tsek40/Penetration-testing-Designed-to-
exploit-system-weaknesses-Relies-on-testers/
Matthew. (2017, July 19). What is SecDevOps and why should you care? Retrieved from
https://blog.sqreen.com/secdevops/.
Mcelwee, J. (2017). Chapter 3 - Host, Application and Data Security. Retrieved from
https://quizlet.com/230958403/chapter-3-host-application-and-data-security-flash-cards/.
McGillicuddy, S. (2013, May). What is a network tap? - Definition from WhatIs.com. Retrieved
from https://searchnetworking.techtarget.com/definition/Network-tap.
Mitchell, B. (2019, August 16). The OSI Model Explained in Easy Steps. Retrieved from
https://www.lifewire.com/layers-of-the-osi-model-illustrated-818017.
Mitchell, B. (2019, August 29). What a VLAN Can Do for You and Your Business Computer
Network. Retrieved from https://www.lifewire.com/virtual-local-area-network-817357
Mitchell, B. (2019, October 4). Want to Know About Remote Network Access? Retrieved from
https://www.lifewire.com/remote-access-to-computer-networks-817773.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
24
Mohanty, S. (2018, March 8). 5 Important Software Vulnerabilities - DZone Security. Retrieved
from https://dzone.com/articles/5-important-software-vulnerability-and-attacks-tha.
OmniSecu.com. (2019). What are RFCs (Request for Comments)? Retrieved from
http://www.omnisecu.com/basic-networking/what-are-rfc-request-for-comments.php
Rosencrance, L. (2018, January 1). What is the intrusion detection system (IDS)? - Definition
from WhatIs.com. Retrieved from https://searchsecurity.techtarget.com/definition/intrusion-
detection-system.
Rouse, M. (2019). What are virtual routing and forwarding (VRF)? - Definition from WhatIs.com.
Retrieved from https://searchnetworking.techtarget.com/definition/virtual-routing-and-forwarding-
VRF.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
25
Rubenstein, B. (2012, July 1). What is transitive trust? - Definition from WhatIs.com. Retrieved
from https://searchwindowsserver.techtarget.com/definition/transitive-trust.
Quizlet. (2016). CNSS Instruction 4009, Information Assurance Glossary. Retrieved from
https://quizlet.com/138655465/cnss-instruction-4009-information-assurance-glossary-flash-
cards/.
Quizlet. (2017). CAS-002 1.5 Application Vulnerabilities and Security Controls. Retrieved from
https://quizlet.com/213088489/cas-002-15-application-vulnerabilities-and-security-controls-flash-
cards
Quizlet. (2017). E-Discovery, Concordance, Relativity study notes for Technology Practicum.
Retrieved from https://quizlet.com/247340307/e-discovery-concordance-relativity-study-notes-
for-technology-practicum-flash-cards/.
Reddy, S. (2017, November 12). What do you mean by computer threats? Retrieved from
https://www.quora.com/What-do-you-mean-by-computer-threats
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
26
Rouse, M. (2007, May 1). What is honeynet? - Definition from WhatIs.com. Retrieved from
https://searchsecurity.techtarget.com/definition/honeynet
Scarpati, J. (2019). What is a host (in computing)? - Definition from WhatIs.com. Retrieved from
https://searchnetworking.techtarget.com/definition/host.
Scudera, B. (2018, June 7). A Cyber Engineering Primer: Vulnerability Management Lifecycle.
Retrieved from https://www.coalfire.com/The-Coalfire-Blog/June-2018/Cyber-Engineering-
Primer-Vulnerability-Mgmt.
SecurityInfoWatch. (2012, May 1). Metrics and Analysis in Security Management. Retrieved
from https://www.securityinfowatch.com/alarms-monitoring/integrated-security-management-
systems-psim/whitepaper/10708291/ppm-2000-inc-metrics-and-analysis-in-security-
management.
Security Innovation Follow. (2017, January 17). Threat Modeling to Reduce Software Security
Risk. Retrieved from https://www.slideshare.net/SecurityInnovation/threat-modeling-to-reduce-
software-security-risk
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
27
Shea, S. (2013, December 1). What is mandatory access control (MAC)? - Definition from
WhatIs.com. Retrieved from https://searchsecurity.techtarget.com/definition/mandatory-access-
control-MAC.
Skillset. (2016). An attack that uses the user's Web browser settings to impersonate the user.
Retrieved from https://www.skillset.com/questions/an-attack-that-uses-the-user-s-web-browser-
settings-to-impersonate-the-user.
Techopedia Inc. (2019). What is Directory Traversal? - Definition from Techopedia. Retrieved
from https://www.techopedia.com/definition/16060/directory-traversal.
Techopedia Inc. (2019). What is Hashing? - Definition from Techopedia. Retrieved from
https://www.techopedia.com/definition/14316/hashing.
Techopedia Inc. (2019). What does Multi-Factor Authentication (MFA) mean? Retrieved from
https://www.techopedia.com/definition/13657/multi-factor-authentication-mfa.
Techopedia Inc. (2019). What is a Virtual Appliance? - Definition from Techopedia. Retrieved
from https://www.techopedia.com/definition/13705/virtual-appliance.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
28
Techopedia Inc. (2019). What is Data Ownership? - Definition from Techopedia. Retrieved from
https://www.techopedia.com/definition/29059/data-ownership.
Techopedia Inc. (2019). What is an SQL Injection? - Definition from Techopedia. Retrieved from
https://www.techopedia.com/definition/4126/sql-injection.
Techopedia Inc. (2019). What is an Incident Response Plan? - Definition from Techopedia.
Retrieved from https://www.techopedia.com/definition/16513/incident-response-plan
Techopedia – IT Dictionary for Computer Terms and Tech Definitions. (2019). Retrieved
September 11, 2019, from Techopedia.com website: https://www.techopedia.com/dictionary
TechTarget. (2004, October 5). What is meant by application hardening? Retrieved from
https://searchdatacenter.techtarget.com/answer/What-is-meant-by-application-hardening.
Tiwari, A. (2018, September 20). Archery - Vulnerability Assessment and Management Tool.
Retrieved from https://medium.com/archerysec/archery-vulnerability-assessment-and-
management-tool-ecbf5e92f717.
Total Uptime. (2019, June 19). Server Hardening for Security and Availability. Retrieved from
https://totaluptime.com/server-hardening-for-security-and-availability/.
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
29
Tripwire Inc. (2018, February 27). What is a SIEM (Security Information and Event
Management)? Retrieved from https://www.tripwire.com/state-of-security/incident-detection/log-
management-siem/what-is-a-siem/.
Voigt, L. (2018, September 29). 6 Incident Response Steps to Take After a Security Event.
Retrieved from https://www.exabeam.com/incident-response/steps/.
Valiant Technologies Pvt Ltd. (2018). Cyber Forensic Lifecycle development. Retrieved from
https://www.valiant-technologies.com/cyber-forensic-lifecycle-development.
Web Finance Inc. (2019). What is surveillance? Definition and Meaning. Retrieved from
http://www.businessdictionary.com/definition/surveillance.html.
Zacharias, D. (2019, June 10). We are what we measure: metrics and software development.
Retrieved from https://www.hexacta.com/2018/03/05/we-are-what-we-measure-metrics-and-
software-development/
Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
30