Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
99 Cards in this Set
- Front
- Back
List security measures in layers?
|
Physically secure hardware, firewall, installing intrusion dectrion software, using securle electronic transaction protocols, protecting against viruses and worms,enableing privacy protection software
|
|
Define Firewall?
|
a software or hardware used to control information that's sent and received from outside the network.Firewall resides on the networks gateway,which is the connection point between the internal network and outside communication.
|
|
List characteristics of hardware firewall?
|
*stands between the lan & internet,
|
|
List characteristics of software firewall?
|
*can be configured to block only incoming network traffic
*allowing incoming network connections based upon software or services running on a users computer & the ability to block network connections based on its source |
|
What is the main purpose of a proxy server?
|
to provide web access for computers that are located behind a corporate firewall
|
|
When proxy server acts as a firewall, what can it do?
|
*filter incoming traffic from outside computers,
*filter traffic thats leaving the network. |
|
What occurs when a firewall filter ports?
|
It prevents software on the outside from using certain ports on the network.
|
|
What is it called when a router also acts as a firewall?
|
screening router, and screening routers can use a technique call stateful inspection
|
|
What does the router do when it acts as a firewall?
|
It keeps tracks of all TCP sessions currently made & allow only those packets to pass that have been requested inside the network for these open sessions.
|
|
What can you do with Windows security center?
|
manage windows firewall, automaic updates, and any antivirus software you have installed
|
|
define DMZ (demilitarized zone)
|
an area thats between the private network & the internet, but isn't a direct part of either network. also sometimes called perimeter network.
|
|
List characteristics of DMZ?
|
In DmZ the rest of the network is protected while still allowing internet users to acces the web servers that vulnerable to attack.
|
|
List the several ways you can set up DMZ?
|
*Screen host *Bastion host, *Three-homed firewall, Back-to-back, firewall, dead zone
|
|
What is screened host?
|
when you use a router to filter all traffic to the private intranet but also allow full access to the computer in the DMZ., router responsible for protecting private network., ip address is allowed full internet access, but other computers are protected behind the firewall provided by the router
|
|
What is Bastion host?
|
are computers that stand outside the protected network and exposed to an attack by using two network cards, one for DMZ, & one for the intranet
|
|
What are bastion host also known as?
|
dual-home hosts or dual homed firewalls
|
|
(types of DMZ)What is Three homed firewall?
|
used when there are several computers, like web server, dns server, ftp server , need 3 NIC, one for intranet, one, dmz, one for the internet, need firewall software. Traffic never allowed to flow directly from internet to intranet w/out filtering from DMZ
|
|
What is Back to Back firewall?
|
provides best protection, the dmz is located between 2 hardware firewalls. each firewall has 2 NIC ,DMZ has 2 nIC
|
|
What is the dead zone?
|
The most secure of all the DMZ types, dead zone is a network between two routers that uses another network protocl other than TCP/IP, this network between the 2 routers is a dead zone
|
|
What is intrusion detection software?
|
provides alarms that go off when suspicous activity is spotted. also keeps logs of suspicous activitis.
|
|
What are two electronic transaction protocols?
|
SSL (secure sockets layer) & SET ( Secure Electronic Transactions)
|
|
What is SET (Secure Electronics Transactions)
|
a protocol that is designed to offer a secure medium for credit card transactions., uses digital signatures,protects info. protects all parties, offers additional protection where merchants can't even see your credit card #.
|
|
What should you install to stop viruses & worms?
|
antivirus software
|
|
What is real-time antivirus scanner?
|
software designed to scan every file accessed on a computer so it can catch viruses & worms before the infect computer.
|
|
What is inoculaton?
|
the process of calculating and recording checksums to protect againt viruses & worms?
|
|
what is virus definition?
|
updates to software that provide user with new viruses and worms that are discoverd.
|
|
What should you do to protect your privacy?
|
eliminate spam, stop pop up ads, remove spyware, control cookies
|
|
Define security zone/
|
a GROUP OF WEBSITES THAT CAN BE SEPARATED IN ORDER TO MANAGE SECURITY?
|
|
Security setting under custom level:Define ACTIVEx CONTROLS?, scripting?, miscellaneous, user authentication
|
ActiveXcontrols: approves downloads, runs scripts, use to enable/diable script support
scripting: allows scripting, user authentication: specifies the method needed to log onto a web site, miscellaneious: permist or restricts a wide range of actions. |
|
What is 802.x standard?
|
a portt based authentication framwork for access to ethernet networks. also applies 802.11 WLANS.
* uses physcial characteristics * required 3 roles in the authentication process- a device requesting access, a authenicator, a authentication server. * allows scalability in wireless LAN, * allows multiple authentication algorithms & is an open standard. |
|
Define 802.11 standard?
|
a technology that operates in 2.4 thru 2.5 ghz band. , defined in the data link layer. Can configure 2 way , ad-hoc & infrastructure.
|
|
What should you do to protect your privacy?
|
eliminate spam, stop pop up ads, remove spyware, control cookies
|
|
Define security zone/
|
a GROUP OF WEBSITES THAT CAN BE SEPARATED IN ORDER TO MANAGE SECURITY?
|
|
Security setting under custom level:Define ACTIVEx CONTROLS?, scripting?, miscellaneous, user authentication
|
ActiveXcontrols: approves downloads, runs scripts, use to enable/diable script support
scripting: allows scripting, user authentication: specifies the method needed to log onto a web site, miscellaneious: permist or restricts a wide range of actions. |
|
What is 802.x standard?
|
a portt based authentication framwork for access to ethernet networks. also applies 802.11 WLANS.
* uses physcial characteristics * required 3 roles in the authentication process- a device requesting access, a authenicator, a authentication server. * allows scalability in wireless LAN, * allows multiple authentication algorithms & is an open standard. |
|
Define 802.11 standard?
|
a technology that operates in 2.4 thru 2.5 ghz band. , defined in the data link layer. Can configure 2 way , ad-hoc & infrastructure.
|
|
As it relates to the 802.11 standard. How is as Ad-hoc network configured?
|
computers are brought together to form a network on the fly.
|
|
How does 802.11 standard define an access point?
|
as a device that functions as a transparent bridge between the wireless clients & existing wired network., also contains 802.1D bridging software to act as a bridge between wirelesss and wired datalink layers.
|
|
list characteristics of 802.11g
|
upt o 54 mbps w/ real thruput at 12mbps.
frequency @ 2.4ghz uses DSSS or OFDM |
|
What are WLAN security options?
|
WEP, WPA ( better)
|
|
In WLAN ,, how can you protect yourself?
|
Enable WEP, Chaning access point in default administration passwords, chaning defaul service set identifyer (SSIDs), separating wireless network from wired network, putting the wireless network in an internet access only zone or DMZ, disabling DHCP, enabling MAC address filtering, Dsiabling broadcast SSID
|
|
802.11a
|
uses OFDM modulation technique for transmitting large amounts of digital data . frequency- 5 ghz, supports 8 overlapping channels
|
|
802.11b
|
uses DSSS , frequency 2.4 ghz, supports 3 non-overlapping channels.
|
|
802.11f
|
allow users to mainatin a connection while roaming
|
|
802.11g
|
use DSSS or OFDM, frequency - 2.4ghz
|
|
802.11i
|
based on AES. , has RSN feature
|
|
What can you configure WEP to do?
|
Data Encryptin, network authentication, proved teh key automatically. WEP 128 bit
|
|
What do WPA use to change the temporal key every 10,000 packets , which insures greater security than WEP?
|
use TKIP ( Temporak Key Integrit Protocol)
|
|
What are two populqr wireless internet access applications
|
Fixed pint wireless (local loo) and mobile wireless
|
|
True or Fals? ATM can be used with LANS & WANS.
|
True
|
|
Define network noise?
|
al electrical signal on the network cable that isn't part of the senders original signal.
|
|
What is a crosstalk?
|
When data signal travels down a conductor, it creates an electric field , which interfers w/ any wires close by
|
|
List the different types of crosswalk?
|
NEXT, FEST, ELFEXT, Pair to Pair crosstalk
|
|
What is a network analyzer?
|
sometimes called protocol analyser, this is a portable device that you set up to monitor and diagnose problems.can help diagnose hardware & software
|
|
If a user can't access the network, what do you verify is installed correctly?
|
Clent for Microsoft Networks, o r Client for Netware networks & file and printer sharing is installed
|
|
Define Ping?
|
is simple program that allows one computer to send a test packet to another computer and then receive a reply
|
|
define crosstalk?
|
When a data signal travels down a conductor, it creates an electric field, which interfers with any wires close by.
|
|
List the different types of crosstalk?
|
Near End Crosstalk (NEXT), Far End Crosstalk (FEXT), Equal Level Far End Crosstal (ELFEXT), Pair to Pair CrosstalK
|
|
Define network nois?
|
any electrical signal on the network cable that isn't part of the senders original signal
|
|
What type of cross talk is calculated value of the crosstalk between pairs measured at the far end of the cable?
|
Equal Level Farr End Crosstalk (ELFEXT)
|
|
A network analyzer can detect problems w/ what four pieces of hardware?
|
cabling, jacks, network cards, hubs
|
|
What info do ipconfig report?
|
ip address, subnet mask, default gateway, connedction
|
|
What command use to verify name resolution (DNS)
|
nslookup
|
|
List the 3 groups assigned in Windows XP.
|
Users, Administrators, Power Users.
|
|
Define powerusers?
|
A group used to assign elevated permissions to a select set of individuals
|
|
Define authentication?
|
the process by which your identity is validated against a databas that contains your account
|
|
Define interactive authentication?
|
the process by which a user provides his or her user name & password in the Log on to Windows dialog box.
|
|
What are two types of logons>?
|
Domain & local
|
|
Define domain?
|
The username and password are compared to information stored on a domain controller in its active directory database
|
|
Define local?
|
the username and password is validated by SAM (security Accounts Manager)a database located on the computer rather than by an active directory domain controller. The user must have an account which resides on the computer they are logging on to.
|
|
What is network authentication?
|
is theprocess by whicha network resource or service confirms the identity of a user.
|
|
list the 2 autthentication protocols?
|
Kerberso vers5 (Kerveros v5) & NT LAN manager (NTLM)
|
|
List operating systems that support (Kerberosv5)
|
Windows XP, Windows Server, Windows 20000
|
|
What is primary authentication protocol used in the active directory domain?
|
Kerberos v5
|
|
Define NTLM?
|
is a challenge response protocol that's used with operating systems running windows nT 4.0 or earlier.
|
|
define digital certificates?
|
based on public key cryptogray & trusted registry of identities, a digital certificate is a computer file attesting to the identityof an individual computer. often used on the internet to verify the identity of a secure system.
|
|
What windows operating systems is supported by current version NTFS5
|
Windows NT, Windows 2000, Windows XP versions, Windows Server 2003 versions.
|
|
What command can you use to encrypt & DECRYPT FILES
|
CIPHER, OR BY USING WINDOWS EXPLORER
|
|
Define EFS?
|
allow users and sevices to encrypt data. converts plain text into ciper text
|
|
What are the two security area you can configure in account policies?
|
password & account lockout.
|
|
List some password policies?
|
enforced password history, minimum password age, maximum password age, minimum password length, passwords mustmeet complexity requirement,s store password using reverse encryption for all users in the domain.
|
|
list the purpose of DoS attack?
|
to make a computer resource unavailabe to its intended user.
|
|
What do you set if you do not want users to be locked out?
|
account lockout duration and account lockout threshold policy setting to 0
|
|
List the local policies?
|
audit policy, user rights assignment, security options.
|
|
What do log on rights control?
|
who, and how a user logs on to the computer
|
|
True or Fales?some privileges can overide permissions set on a object.
|
Some privileges can
|
|
What are the 3 built in local accounts used as logon accounts for different services?
|
local system, local service & network service. these services are used by system processes and should never have a user assignment, nor should you change their default settings.
|
|
What do the security options allow you to control?
|
how administrator & guest account names are managed, which user accounts can access the floppy drive and CD-ROM, how installation of drivers is handled, digital signing of data, logon prompts.
|
|
True or Fales?
|
Setting a domain level override those made at the local computer level
|
|
Define audtiting?
|
used tomonitor and track activities
|
|
define audit policy?
|
defines events that are recorded
|
|
What are the 3 local policies?
|
user rights assignment policy, security option, audit policy
|
|
What do audit log for audit policies show?
|
The actio performed, the associated user account,the date & time of the action.
|
|
define phishing?
|
hackers send email or create web sites that imimic a legitimate sit to gather user names & passwords.
|
|
Define Brute force attack
|
when an attacker uses software to try user log on combinations until the password is found
|
|
Define Netstat?
|
displays information about current tcp/ip connections
|
|
Define ARP?
|
manages the ip to ethernet address translation tables used to find the MAC addressof a host on the network when the ip address is known.
|
|
What is the standard mode for parallel connections?
|
IEEE-1284/ECPEPP
|
|
Which wireless security standard uses dynamic encryption & public key authentication?
|
802.1x
|