Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

17 Cards in this Set

  • Front
  • Back
Network Authorization
-defines what a subject can do in a network
What does Access Conrol do?
-guarantees confidentialty and integrity
-based on accounting, authorizing, authentication
What are the network authentication guidelines
-strong authentication for access from external and untrusted networks (Inernet, PSTN) and access to network devices
-use user friendly authentication
What is the principle of least privelege
-each subjct has only the necessary priveleges to perform a task
What are the common risk associated with Ecommerce modules?
-compromise of exposed hosts and applications
-compromise of other hosts from compromised hosts
-DoS directed at exposed hosts
What are common risks associted with Remote Access and VPN
-client and remote site identity spoofing
-data trasmission confidentiality and integrity
-compromise of client or remot site
Common risks in WAN module?
-data transmission confidentialty and integrity
-service provider WAN misconfiguration
What are the common risks asscoated with the Server Farm?
-network mapping attempts
-compromise of exposed hosts
-DoS directed at hosts and links
-Introduction to malicious code into trusted networks
What 3 key services does network security provide the networks and their users?
-data integrity
-data confidentitalty
-data and system availablity
What are integrity violations?
-when attacker comes in and tries ot change the data without detection
What are confidentialiaty threats?
-attacker can read data taht he shouldnt read
What is priveledge escalation
-when attacks are done through first getting into other applications
What are integrity violations and confidentialty breaches caused by?
-failure of network access control
-failure of operating system control
-failure of application access control
-failure to protect data in transit over the network
What is an example of an availabilty threat and what are they caused by?
-caused by failure to handle exceptional conditions
-failure to handle vast quantities of data
Ahat are the 3 Network attacks?
-reconnaissance- networking mapping, network wide probing
-traffic attacks- reading and changing of data
-DoS- compromising availabilty
what are network target attacks stopped by?
-VPNs, firewalls

-perimeter defenses
What do network security policies document?
-level of risk a network is exposed to and how that risk will be managed
-continous process of revisions
-broken down in separate areas of applicability