Defense in Depth (Chapter 1)

A security strategy that relies on multiple layers of security that require attackers to defeat multiple controls to access any protected resource.

A control that detects when an action has occurred. Detective controls include smoke detectors, log monitors, and system audits.

Detective Control (Chapter 1)

A control that detects when an action has occurred. Detective controls include smoke detectors, log monitors, and system audits.

An agreement between the software producer and the end user. The EULA addresses issues regarding approved use and liability. Also called a Software License Agreement.

End-User License Agreement (EULA) (Chapter 1)

An agreement between the software producer and the end user. The EULA addresses issues regarding approved use and liability. Also called a Software License Agreement.

The assurance that information can be modified only by authorized users.

A hacker who is, or claims to be, motivated by political or social justice concerns and uses hacking skills to reinforce his or her chosen position.

Hacktivist (Chapter 1)

A hacker who is, or claims to be, motivated by political or social justice concerns and uses hacking skills to reinforce his or her chosen position.

Integrity (Chapter 1)

The assurance that information can be modified only by authorized users.

A security strategy that relies on multiple layers of security that require attackers to defeat multiple controls to access any protected resource.

Logical Control (Chapter 1)

An alternate term for technical control.

A security strategy that relies on multiple layers of security that require attackers to defeat multiple controls to access any protected resource.

Malicious Software (Chapter 1)

Software that is designed to infiltrate a target computer and make it do something the attacker has instructed it to do.

A device that limits access or otherwise protects a resource, such as a fence, door, lock, or fire extinguisher.

Physical Control (Chapter 1)

A device that limits access or otherwise protects a resource, such as a fence, door, lock, or fire extinguisher.

A control that stops an action before it occurs. Preventive controls include locked doors, firewall rules, and user passwords.

Preventive Control (Chapter 1)

A control that stops an action before it occurs. Preventive controls include locked doors, firewall rules, and user passwords.

A control that detects when an action has occurred. Detective controls include smoke detectors, log monitors, and system audits.

A type of malware that attempts to generate funds directly from a computer user by attacking the computer’s files and limiting the user’s ability to access data until some money is paid.

Ransomware (Chapter 1)

A type of malware that attempts to generate funds directly from a computer user by attacking the computer’s files and limiting the user’s ability to access data until some money is paid.

A control that stops an action before it occurs. Preventive controls include locked doors, firewall rules, and user passwords.

Software that is designed to infiltrate a target computer and make it do something the attacker has instructed it to do.

A device that limits access or otherwise protects a resource, such as a fence, door, lock, or fire extinguisher.

An alternate term for technical control.

A mechanism used to protect information and related assets.

The assurance that information can be modified only by authorized users.

Security Control (Chapter 1)

A mechanism used to protect information and related assets.

A control that stops an action before it occurs. Preventive controls include locked doors, firewall rules, and user passwords.

A device or process that limits access to a resource. Examples include user authentication, antivirus software, and firewalls.

A device that limits access or otherwise protects a resource, such as a fence, door, lock, or fire extinguisher.

Technical Control (Chapter 1)

A device or process that limits access to a resource. Examples include user authentication, antivirus software, and firewalls.

A control that stops an action before it occurs. Preventive controls include locked doors, firewall rules, and user passwords.

Any action that could lead to damage or loss.

Any user (person or program) that does not possess permission to access a resource.

Any weakness that could allow a threat to be realized.

The assurance that information can be modified only by authorized users.

Unauthorized User (Chapter 1)

Any user (person or program) that does not possess permission to access a resource.

A hacker who is, or claims to be, motivated by political or social justice concerns and uses hacking skills to reinforce his or her chosen position.

Vulnerability (Chapter 1)

Any weakness that could allow a threat to be realized.

A mechanism used to protect information and related assets.

Any action that could lead to damage or loss.

A standalone malicious software program that actively transmits itself, generally over networks, to infect other computers.

A type of malware that attempts to generate funds directly from a computer user by attacking the computer’s files and limiting the user’s ability to access data until some money is paid.

Software that is designed to infiltrate a target computer and make it do something the attacker has instructed it to do.

A hacker who is, or claims to be, motivated by political or social justice concerns and uses hacking skills to reinforce his or her chosen position.

Access Control (Chapter 2)

The process of providing and denying access to objects.

Any mechanism or action that prevents, detects, or addresses an attack.

The list of access permissions for an object.

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. Also called supervisor mode.

Access Control List (ACLs) (Chapter 2)

The list of access permissions for an object.

The process of providing and denying access to objects.

A shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation.

The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack.

Active Directory (AD) (Chapter 2)

A shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation.

The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack.

The list of access permissions for an object

The process of providing and denying access to objects.

Attack Surface (Chapter 2)

The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack.

The list of access permissions for an object.

The process of proving that provided identity credentials are valid and correct.

The process of providing and denying access to objects.

Authentication (Chapter 2)

The process of proving that provided identity credentials are valid and correct.

The process of granting and/or denying access to resources based on the authenticated user.

The process of providing and denying access to objects.

A mechanism used to protect information and related assets.

Authorization (Chapter 2)

The process of granting and/or denying access to resources based on the authenticated user.

The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack.

The process of proving that provided identity credentials are valid and correct.

Classification (Chapter 2)

A level of sensitivity assigned to an object by its owner. An example object could be assigned as top secret, secret, confidential, restricted, or unclassified.

The list of access permissions for an object.

A shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation.

The process of proving that provided identity credentials are valid and correct.

Clearance (Chapter 2)

A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. Clearance levels include top secret, secret, and confidential.

The process of proving that provided identity credentials are valid and correct.

The process of granting and/or denying access to resources based on the authenticated user.

A level of sensitivity assigned to an object by its owner. An example object could be assigned as top secret, secret, confidential, restricted, or unclassified.

Any mechanism or action that prevents, detects, or addresses an attack.

A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. Clearance levels include top secret, secret, and confidential.

The process of granting and/or denying access to resources based on the authenticated user.

The process of proving that provided identity credentials are valid and correct.

Discretionary Access Control (DAC) (Chapter 2)

An access control method based on an object’s owner and permissions granted by the owner.

A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. Clearance levels include top secret, secret, and confidential.

Any mechanism or action that prevents, detects, or addresses an attack.

The process of granting and/or denying access to resources based on the authenticated user.

To take advantage of a specific vulnerability.

The process of granting and/or denying access to resources based on the authenticated user.

Any mechanism or action that prevents, detects, or addresses an attack.

The process of proving that provided identity credentials are valid and correct.

Hardware Abstraction Layer (HAL) (Chapter 2)

Software layer in the operating system kernel that provides the actual access to physical hardware.

An access control method based on an object’s owner and permissions granted by the owner.

A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. Clearance levels include top secret, secret, and confidential.

The process of granting and/or denying access to resources based on the authenticated user.

Identification (Chapter 2)

Providing credentials that claim a specific identity, such as a user name.

To take advantage of a specific vulnerability.

Any mechanism or action that prevents, detects, or addresses an attack.

The process of granting and/or denying access to resources based on the authenticated user.

The core part of an operating system that provides the essential services of the operating system.

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. Also called supervisor mode.

Software layer in the operating system kernel that provides the actual access to physical hardware.

A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. Clearance levels include top secret, secret, and confidential.

Kernel Mode (Chapter 2)

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. Also called supervisor mode.

The core part of an operating system that provides the essential services of the operating system.

An access control method based on an object’s owner and permissions granted by the owner.

Any mechanism or action that prevents, detects, or addresses an attack.

Mandatory Access Control (MAC) (Chapter 2)

An access control method based on the subject’s clearance and the object’s classification. MAC implementations often also require demonstration of a subject’s “need to know” to receive access.

An access control method based on an object’s owner and permissions granted by the owner.

A level of sensitivity assigned to an object by its owner. An example object could be assigned as top secret, secret, confidential, restricted, or unclassified.

A shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation.

Microkernel (Chapter 2)

The portion of an operating system’s kernel that resides exclusively in memory.

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. Also called supervisor mode.

The core part of an operating system that provides the essential services of the operating system.

An access control method based on an object’s owner and permissions granted by the owner.

Multifactor Authentication (Chapter 2)

An authentication process that requires multiple types of authentication credentials.

The process of granting and/or denying access to resources based on the authenticated user.

The process of proving that provided identity credentials are valid and correct.

The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack.

A resource to which access is controlled.

An authentication process that requires multiple types of authentication credentials.

This defines what a user can do to a specific object, such as read or delete the object.

User rights define tasks that a user is permitted to carry out, such as take ownership of objects or shut down the computer.

Permission (Chapter 2)

This defines what a user can do to a specific object, such as read or delete the object.

The portion of an operating system’s kernel that resides exclusively in memory.

A resource to which access is controlled.

User rights define tasks that a user is permitted to carry out, such as take ownership of objects or shut down the computer.

This defines what a user can do to a specific object, such as read or delete the object.

A resource to which access is controlled.

The portion of an operating system’s kernel that resides exclusively in memory.

Role-Based Access Control (RBAC) (Chapter 2)

An access control method based on permissions defined by a role, (e.g., manager, authorized user, or guest), as opposed to an individual user, e.g., Michael Solomon.

User rights define tasks that a user is permitted to carry out, such as take ownership of objects or shut down the computer.

An authentication process that requires multiple types of authentication credentials.

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. Also called supervisor mode.

Security Identifier (SID) (Chapter 2)

A unique identifier for each user and group in a Windows environment.

User rights define tasks that a user is permitted to carry out, such as take ownership of objects or shut down the computer.

An access control method based on permissions defined by a role, (e.g., manager, authorized user, or guest), as opposed to an individual user, e.g., Michael Solomon.

A resource to which access is controlled.

An entity requesting access to an object.

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. Also called kernel mode.

A unique identifier for each user and group in a Windows environment.

This defines what a user can do to a specific object, such as read or delete the object.

Supervisor Mode (Chapter 2)

The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. Also called kernel mode.

Authentication process that requires two separate types of authentication credentials.

User rights define tasks that a user is permitted to carry out, such as take ownership of objects or shut down the computer.

An access control method based on the subject’s clearance and the object’s classification. MAC implementations often also require demonstration of a subject’s “need to know” to receive access.

Two-Factor Authentication (Chapter 2)

Authentication process that requires two separate types of authentication credentials.

An access control method based on permissions defined by a role, (e.g., manager, authorized user, or guest), as opposed to an individual user, e.g., Michael Solomon.

A unique identifier for each user and group in a Windows environment.

An entity requesting access to an object.

Security Strategies in Windows Chapters 1-2 Key Terms

Authored by John Doe

Other

Professional Development

Used 1+ times

Security Strategies in Windows Chapters 1-2 Key Terms

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

55 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Administrative Control (Chapter 1)

Any person or program that attempts to interact with a computer information system in an unauthorized manner.

A management action, written policy, procedure, guideline, regulation, law, or rule of any kind.

Any user (person or program) that possesses permission to access a resource.

The assurance that requested information is available to authorized users upon request.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Attacker (Chapter 1)

Confidentiality, integrity, and availability, which are the goals of information security

Any user (person or program) that possesses permission to access a resource.

The assurance that requested information is available to authorized users upon request.

Any person or program that attempts to interact with a computer information system in an unauthorized manner.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Authorized User (Chapter 1)

Any user (person or program) that possesses permission to access a resource.

The assurance that requested information is available to authorized users upon request.

Confidentiality, integrity, and availability, which are the goals of information security

A collection of computer and network devices connected to one or more networks, generally for the purpose of fulfilling business functions. Also called IT Infrastructure.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Availability (Chapter 1)

A management action, written policy, procedure, guideline, regulation, law, or rule of any kind.

Any person or program that attempts to interact with a computer information system in an unauthorized manner.

The assurance that requested information is available to authorized users upon request.

Any user (person or program) that possesses permission to access a resource.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

C-I-A Triad (Chapter 1)

The assurance that requested information is available to authorized users upon request.

The assurance that information can be accessed and viewed only by authorized users.

Confidentiality, integrity, and availability, which are the goals of information security

A control that repairs the effects of damage from an attack. Corrective controls include virus removal procedures, firewall table updates, and user authorization database updates.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Computer Environment (Chapter 1)

The assurance that information can be accessed and viewed only by authorized users.

A management action, written policy, procedure, guideline, regulation, law, or rule of any kind.

A collection of computer and network devices connected to one or more networks, generally for the purpose of fulfilling business functions. Also called IT Infrastructure.

Any person or program that attempts to interact with a computer information system in an unauthorized manner.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Confidentiality (Chapter 1)

Confidentiality, integrity, and availability, which are the goals of information security

The assurance that information can be accessed and viewed only by authorized users.

Any user (person or program) that possesses permission to access a resource.

A management action, written policy, procedure, guideline, regulation, law, or rule of any kind.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

Latihan 1

Quiz

•

1st Grade - Professio...

50 questions

Rolling Sky Birthday Quiz

Quiz

•

KG - Professional Dev...

53 questions

UQ/L-3/BK-2/Assessment/English

Quiz

•

3rd Grade - Professio...

50 questions

The NBA All-Time quiz (Hard)

Quiz

•

Professional Development

50 questions

II_III Years-Java, Python, and C Quiz

Quiz

•

Professional Development

50 questions

SERTIFIKASI HR CABANG

Quiz

•

Professional Development

56 questions

General knowledge quiz

Quiz

•

Professional Development

55 questions

ETC 603- ELECTRICAL FAULTS

Quiz

•

Professional Development

Popular Resources on Wayground

20 questions

STAAR Review Quiz #3

Quiz

•

8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

6 questions

Marshmallow Farm Quiz

Quiz

•

2nd - 5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

19 questions

Classifying Quadrilaterals

Quiz

•

3rd Grade

12 questions

What makes Nebraska's government unique?

Quiz

•

4th - 5th Grade

Discover more resources for Other

20 questions

Easter trivia

Quiz

•

12th Grade - Professi...

Security Strategies in Windows Chapters 1-2 Key Terms

Administrative Control (Chapter 1)

Attacker (Chapter 1)

Authorized User (Chapter 1)

Availability (Chapter 1)

C-I-A Triad (Chapter 1)

Computer Environment (Chapter 1)

Confidentiality (Chapter 1)

Corrective Control (Chapter 1)

Defense in Depth (Chapter 1)

Detective Control (Chapter 1)

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other