Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
82 Cards in this Set
- Front
- Back
CIA Triad is three parts
|
Confidentiality integrity and availability
|
|
the four A's Of Security are
|
Authorization access control role based access control and rule based access control
|
|
what is the only true streaming encryption
|
RC4
|
|
What is Diffle Hellman used for
|
Key exchage in presence of advisary
|
|
name 3 hashing algorythims
|
MDS SHA RipeMD
|
|
Why do we use hashing
|
It protect integrity
|
|
Why do we use symetric encryption
|
it is faster
|
|
why do we use asymetric encryption
|
key distribution
|
|
What is a denial of service attack
|
attack where you block users Ip address so they cannot access services
|
|
what is a man in the middle attack
|
attacker inserts himself in between two points talks on behalf of each enduser and then steals info sent to each user
|
|
what is a drive by download attack
|
attacker gives you something to download and you download it which allows them in
|
|
what is clickjacking
|
one click installs a lot of data on machine
|
|
what is a distributed denial of serve attack
|
attack where each computer is under attackers control and he attacks you with them causing you to block more IP addresses till you cannot reach any outside services
|
|
how do you repair DOS attacks
|
block Ip address and apply patches
|
|
what is session hijacking
|
wait till session is set up and then take session over by lloking at ip address knocking you offline
|
|
what is a eavesdropping attack
|
attack at a open wifi location where user installs software on secure machine and then software opens for him inside secure hub at facility. Like trojan horse
|
|
what is password stealing
|
asking users to reset password then stealing it
|
|
what is block sypher
|
chunks of data stored and broken up and re put together after decryption on the other side a example is email
|
|
what is the goal of encryption
|
cofidentiality integrity nonrepudiation authorization and access
|
|
what is a brute force attack
|
key space is so small all of the possible codes can be ran before time expires
|
|
what is ASC II
|
digit that represents each key on keyboard and converts it to increption
|
|
a user connects to a wifi at a hotel with the name of the hotel. What type of attack could he be vulnerable towards
|
Rogue Access Point
|
|
New admin did not lock down the wifi what attack could this cause
|
wardriving
|
|
A user has slow wifi connection when working at home at the office the wifi is much better what type of attack could she be experiencing
|
Interference
|
|
A signal overshaddows our wifi signal with the same name and is used to eavesdrop on wireless communication
|
Evil Twins
|
|
intercepting a blue tooth signal is what type of attack
|
blue jacking
|
|
What are the blue tooth range used
|
1 meter 10 meter 100meter
|
|
capturing signal of bluetooth and using it to access passwords is what type of attack
|
bluesnarfing
|
|
generally looking for wifi access points is known as what
|
wardriving
|
|
describing where a network physically is is known as what
|
warchalking
|
|
attacks star of encryption to crack WEP
|
Initial vector attack
|
|
Turn off the ethernet filter so you can see everyones traffic
|
packet sniffing
|
|
this type of attackrequires user interaction click on a link to excute a script if not this will not work
|
virus
|
|
uses a open port like 80 to deliver vulnerable program code
|
worm
|
|
does one thing we want but in the background downloads software to allow key loggers to hijack user name and password to attacker
|
trojan
|
|
wait for a certain time to excute attack a example is when a free trail is over
|
logic bomb
|
|
email born attack to convince you to buy products
|
spam
|
|
monitor your activity and report it back to outside resources
|
spyware
|
|
command and control software that take over root software and hide or subvert your control
|
rootkits
|
|
software you install for free but has advertisments
|
adware
|
|
several machines with rootkits installed
|
botnets
|
|
single machine with rootkits installed
|
zombie
|
|
keeps trying to guess password until its right
|
guessing
|
|
limit number of password attempts
|
the best way to deal with guessing attacks
|
|
test that causes squiggly letters to tell humans from computures
|
capctua
|
|
capturing password by using man in the middle attack or blue snarfing
|
stealing
|
|
using social media to narrow down what your password might contain then using every synonym of key words to get your password
|
dictionary attack
|
|
going through every combo to get password
|
brute force attack
|
|
sorting by hash value to speed up search to discover hash has every number from 1-9 and tries to figure out every hash
|
rainbow tables
|
|
combining brute force and dictionary attack
|
hybrid password attack
|
|
using math to attack hashing algorhythm
|
birth day attack
|
|
trojan that bypass secuirty controls of system
|
back door attack
|
|
attacker uses vulnerabilities in web based applications weakness to gain access to the comany server because it is from a trusted site
|
cross site scripting xss
|
|
using SQl LDAP injection or XMl injection to attack
|
command injection
|
|
zero day exploit
|
attack no one has ever seen and therfore cannot defend against
|
|
layer 3 device that segregates subnets does not pass layer two traffic makes decisons based on Ip address
|
router
|
|
makes decisons based on layer 2 address based on mac address
|
switch
|
|
acts on behalf of something else
|
proxy server
|
|
filtering device that enable filtering rule based and can be on any layer and makes decisons on the port
|
firewall
|
|
balances workload to keep from one computer getting overwhelmed
|
load balancer
|
|
capturing packets and transmits all data across this port
|
sniffers
|
|
segregate all network based on layers starting with layer 2 then 3 proxy server and fiewall load balncer
|
segregate network traffic
|
|
rejecting email on incoming transmission
|
blacklisting
|
|
using iron port to rate IP addresses and content so they can be deemed reputable
|
reputation filtering
|
|
getting info and analyzing it from the spam filters
|
protocal analyizers
|
|
what is the difference between host based and network based firewalls
|
network based only looks at the packet and host based looks at the application
|
|
what device uses actively scan and alert and block any activity that is suspicious
|
NIPS network intrusion prevention systems
|
|
which technology is only used for monitoring and capturing data communications on network
|
Intrusion detection system
|
|
what is remote service
|
work from anywhere cvia authenticated device
|
|
What is NAC
|
Network Access Control looks at network by device unifies endpoint security technology user or system suthentication and network security
|
|
DMZ is what
|
DMZ place in middle where shared service is placed
|
|
what are shared services
|
webserver mail server DNS server
|
|
What are the 3 filter zones
|
untrusted internet semi trusted zone perfectly trusted zone
|
|
What is VLAn
|
layer 2 tool helps segregate machines with implemention switches
|
|
What is Sub Net
|
layer 2 traffic gets separtated from layer three according to subnet mask and IP address grouping
|
|
what is Nat
|
Ip address to internal due to RFC 1918 maps internal to external Ip address
|
|
Port Address Translation
|
map internal private email to external IP address at port level
|
|
how many host does a class c Ip address host
|
25
|
|
What is a class c Ip address
|
192.168.1
|
|
what is a class b Ip address
|
172.16-172.31.255 holds 65000 IP addresses
|
|
What is a class A IP address
|
10.0.0 16 million addresses
|
|
what is the key request for comment document for NAT
|
1918
|