category 1
Validates security controls NOT through a third party.
Certification
Used for authentication in Windows.
Kerberos
Involves a third party testing service and compiles results that may be trusted by many organizations.
Verification
Act of managemeny formally acception an evaluation system.
Accreditation
Scans outbound traffic for potential security issues.
Egree Filtering
Runs within the virtualization platform and serves as the moderator between virtual resources and physical resources.
Hypervisor
Sets up access controls that change dynamically based on users' previous actions.
Brewer-Nash
Protects data integrity and reviews transactions within an application.
Clark-Wilson
Most common VPN protocols.
PPTP, L2F, L2TP. IPsec
Focuses on protecting integrity and reviewing change by subjects.
Biba Model
Proves someone has authenticated services in Kerberos.
Ticket Granting Tickets (TGT)
Summarize large amounts of data.
Aggregate Functions
Evaluates based on information available.
Inference
Uses two disks containing identical information.
RAID Level 1
Removes data from a system or device and is more extensive.
Sanitation
Strong symmetric cipher that is appropiate for use with data at rest.
AES
Separates the control plane from the data plane, so network devices do not have to run complext logic.
Software Defined Networking (SDN)
Allows developers to test code in a virtual environment isolated from production.
Sandboxing
The platform is often server based and the servers are maintained and managed by the vendor, but the customer has control over and responsibility for applications that may run on the server and other devices.
Platform as as Service (PaaS)
Typically used for data at rest.
Symmetric Encryption (Ex: AES)
Port 21
FTP
Port 23
Telnet
Port 22
SSH
Port 25
SMTP
Port 110
POP3