Cyber Security

Front 1

Hacker

Back 1

a person who uses digital devises to gain unauthorised access to digital systems or devices for malicious intent

HIGH RISK

Front 2

Script Kiddie

Back 2

person who uses existing computer scripts ad codes to hack into digital devices,computer systems

– lacking the expertise to write their own

- without authorisation

- can be malicious

Front 3

Hobbyiest hackers

Back 3

are computer hobbiest who like to push the boundaries of software andhardware. More just playful exploration hacking of programming.

Front 4

Disgruntled Employee

Back 4

employees with a grudge or have a problem with the employment or conditions and cause damage to computer systems or data with malicious intent

Front 5

Security Softie

Back 5

limited knowledge of security – allows family to use work computer at Home

Front 6

Gadget Geek

Back 6

people that come to work with many devices and able to connect into companycomputer systems

Front 7

The Squatter

Back 7

those who use the company computer systems to store data or play games on

Front 8

The Saboteur

Back 8

small group who able to maliciously able to hack into the areas os the IT system towhich they shouldn’t have access or infect the network purposely from within.

Front 9

Insider aiding others

Back 9

employees with the security clearance to pass knowledge or able to approve access tot a secure facility

Front 10

Hacktivist

Back 10

is the subversive use of computers and computer networks to promote a political agenda. Withroots in hacker culture and hacker ethics its ends are often related to the free speech, human rights, orfreedom of information movements.

Front 11

Industrial Espionage

Back 11

conducted for commercial purposes instead of purely national security

Front 12

Economic espionage

Back 12

is conducted and orchestrated by governments and its international in scope

Front 13

Industrial and corporate

espionage

Back 13

is more often national and occurs between companies or corporations

Front 14

Foreign Espionage

Back 14

Most governments rely on a range of information being gathered to guide their decisions. This is not the same as espionage.Espionage is the process of obtaining information that is not normally publicly available, using human sources (agents) or technical means (like hacking into computer systems). lt may also involve seeking to influence decision-makers and opinion-formers to benefit the interests of a foreign power.

Front 15

Terrorist - using computers on the internet

Back 15

is the act of Internet terrorism in terrorist activities, including acts of deliberate, large-scaledisruption of computer networks, especially of personal computers attached to the Internet, by the meansof tools such as computer viruses

- can use the internet to recruit unaware or vulnerable people into their way of thinking

Front 16

State sponsored attack

Back 16

one nation targeting another via the internet able to gain access into the computersystems of a governments, electrical power grid, water treatment plants or eve nuclear systems i.e, stuxnetmalware highly advanced and specifically targeting the centrifuges used in the enrichment of uranium.

-Ideally to disrupt the access of countries on the web or to organisation in another country.

Front 17

White hats

Back 17

Computer security specialist who ethically (with permission from the head of thecompany/organisation) uses skills and computer programs and techniques to find vulnerabilities incomputer systems and networks so that companies can apply patches and fixes to programs,computer systems and networks. To stop threats and vulnerabilities from being applied anddisrupting business. o Like black hats can use the same techniques but with the intent not to be malicious.o Also known as an ethical hacker.

Front 18

Black Hat

Back 18

attempts to break into the computer programs/systems/networks eithersteal data, do malicious harm to the data, apply techniques to the systems so that the businesscannot gain access or hold the data to ransom (ransomware)

Front 19

Grey hat

Back 19

• Sometimes break the law but without criminal intent
• So called rogue security researchers who publicly share discovered vulnerabilities without notifyingor receiving prior permission from the targets.
• Also vandals who deface websites

Front 20

Malware

https://www.avast.com/c-malware

Back 20

- Shortfor malicious software

- Annoying of harmful type of software intended to secretly access a device without the user's knowledge i.e.

• Pop Ups
• Spam
• Frequent Crashes
• Slow Computer

Front 21

Spyware

https://www.microsoft.com/en-us/safety/pc-security/spyware-whatis.aspx

Back 21

softwarethat allow a hacker to covertly obtain information form another computersystem, and transmitting it covertly or can cause your computer to slow down orcrash – very much similar to adware

---------advertising

--------Collecting personal info

--------target comp config change

--------web browser config changes

Front 22

prevention of spyware

Back 22

understand what you are signing up for and make sure you check oruncheck boxes to stop or not allow spyware or changes made to your computersystem

Anti-virus software can come with a spyware/adware removal orprevention facility

Front 23

Adware

Back 23

softwarethat automatically displays advertising or banners or pop-upsalsocollects marketing data without the users knowledgebynot gaining the users permission isconsidered maliciousRedirectsusers to certain marketing or advertising websites.

Front 24

Phishing

Back 24

* fraudulent email disguised as a legitimate

* often purporting to be from a trusted source

* The message is meant to trick the recipient into sharing personal orfinancial information or clicking on a link that installs malware

Front 25

Spear phishing

Back 25

Spear phishing is like phishing, but tailored for a specific individualor organization

disguised as legitimate communication ideally tricking user into opening malware, spamware, ransomeware or just gaining information of the target

Front 26

Viruses

Back 26

• malicious code or program
• written to alter the way a computer operates
• infected and destroy or damage .exe files and document
• spread through p2p file sharing

Front 27

Trojan horses

Back 27

* often disguised as legitimate software

but really malicious coding to harm a commuter system or network

Front 28

Exploit

Back 28

Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your

computer

Front 29

Rootkit

Back 29

• Rootkitsare designed to conceal certain objects or activities in your system
• and take administration level command of a computer system
• Often their main purpose is to prevent malicious programs being detected

• in order to extend the period in which programs can run on an infected computer

Front 30

Worms

Back 30

Wormsdon’t need a host program and directly attacking the host memory

or network vulnerabilities and application vulnerabilities

Self-replicatingand propagate

spread by email, p2p file sharing, FTP, network packets

Front 31

Rootkit 2

Back 31

allow viruses and malware to “hide in plainsight” by disguising as necessary files that your antivirus software willoverlook

simply used to hide malware, bots and worms

an attacker must first gain access to the root accountby using an exploit or obtaining the password by cracking it or socialengineering

Front 32

Ransomware

Back 32

• malicious software designed to block access to a computer system until asum of money is paid
• types Locky and crypto-locker

encrypts target data

• through weblinks, internal files and internal systems

Front 33

OSI stack numbers and layers and protocols

Back 33

7 Application ****** Http, FTP, SMTP

6 Presentation***** JPEG, GIF, MPEG

5 Session (or Port)** AppleTalk, WinSOCK

4 Transport******** TCP, UDP, SPX

3 Network********* IP, ICMP, IPX

2 Data Link******** Ethernet, ATM

1 Physical********* Ethernet and token ring

Front 34

OSI way to remember 7 layers neumonic

Back 34

People do not throw Sausage Pizza Away

Front 35

Application Layer

Back 35

Layer 7 - Http, FTP, SMTP, pop3

serves as the window for users and application processes

• End User Layer

• programs that open and send emails or print or file access or resource sharing - network management
  

Front 36

Presentation Layer

Back 36

• Layer 6 - JPEG, GIF, MPEG

• formats the data to be presented to the application layer
• encrypts and decrypts
  

Front 37

Session Layer

Back 37

• Layer 5 - AppleTalk, WinSOCK

• manages the setting up and taking down of the association between two communicating end points

• establish and maintain a connection/session and terminates session once comms are complete
  

Front 38

Transport Layer

Back 38

Layer 4 - TCP, UDP, SPX

open system interconnection

• responsible for end-to-end communication over a network

• provides logical communication between application processes running on different hosts within a layered architecture of protocols and other network components
• transfers and packaging data in the correct way i.e. 1500 and then reasseblance
  

Front 39

Network Layer

Back 39

Layer 3 - IP, ICMP, IPX --- routers

provides data routing paths for network communication

Data is transferred in the form of packets via logical network paths in an ordered format controlled by the network layer

Front 40

Data-Link Layer

Back 40

• Layer 2 - Ethernet, ATM - Switches and Bridges
• transfers data between adjacent network nodes in a wide area network (WAN) or between nodes on the same local area network (LAN) segment
• IPV4 and 6 NAT, IPsec mobileIP
• prots - RIP, OSPF, IGRP
  

Front 41

Physical Layer

Back 41

Layer 1 - Ethernet and Token ring -- Hubs and Repeaters

deals with bit-level transmission between different devices and supports electrical or mechanical interfaces connecting to the physical medium for synchronized communication

Front 42

IP Address Spoofing

Back 42

• masquerades as a host on the same network
• replaces src IP Addr with Fake addr
• Most types of spoofing have a common theme: a nefarious user transmits packets with an IP address, indicating that the packets are originating from another trusted machine

Front 43

TCP Sequence Number Prediction Attack

Back 43

hacker predict the sequence of the packet and apply a packet that the destination is expecting

enabling the hacker to gain access to the session and takeover

i.e. a bank session and transfer monies to hacker

Front 44

SYN Attacks

Back 44

• typeof denial-of-service (DoS) attack in which an attacker utilizes the communication protocol of the Internet, TCP/IP, to bombard a target system with SYN requests
• in an attempt to overwhelm connectionqueues and force a system to become unresponsive to legitimate requests
  

Front 45

How SYN attacks work

Back 45

• An attacker would send an initial request (a SYN) asking for acknowledgment from the receiving server (an ACK).
• The receiving server would place this in a queue with identifying information, using a small amount of memory and resources todo so. The server would expect a quick return from its acknowledgment but theattacker would not do so - or simply not respond.
• The server would wait for apre-defined timeout period to discard the connection request
  

Front 46

Confidentiality

Back 46

• measures taken to keep data/information restricted to the people or systems required to know the data information
• data categorised to for people to have read or write access according to level of security

Front 47

Confidentiality safeguard

Back 47

• staff training
• secured passwords
• document and email categorisation
• social engineering

Front 48

Integrity

Back 48

• maintaining data consistency
• accuracy
• trustworthiness
• over the data lifecycle
• Assurance of the data has not been modified

Front 49

AVAILABILITY

Back 49

• making sure that the authorised users have access the Data
• manufacture and application security upgrades are carried
• bandwidth enough to stop bottleneck
• prevention of DoS attacks and others to be defended against.

Front 50

OSI Upper layers

Back 50

• application
• presentation
• session

Front 51

What is a Bridge?

Back 51

• worx at layer 1
• is a device that connects two local-area networks (LANs),
• or two segments of the same LAN.
• bridges are protocol -independent.
• do not analyse packets just a forwarding of packets device.
  

Front 52

What is Router?

Back 52

• device that maintains a table of networks
• programmable to send packets in specific

directions

• layer 3 device
• located at a boundary of a segment or gateways to internet

Front 53

AUTHENTICITY

Back 53

• by the user applying user id and password proves who they say they are
• biometrics
• 
  

Front 54

NON-REPUDIATION

Back 54

• a way of proving that the send of a msg/txt/email created it and sent it
• mostly proven by digital signature
  

Front 55

DIGITAL SIGNATURE

Back 55

a digital code (generated and authenticated by public key encryption) which is attached to an electronically transmitted document to verify its contents and the sender's identity.

gives Authenticity

and Non- repudiation

requires PKI

Front 56

SYMMETRIC KEYS

Back 56

• The same keys do the same private key or shared key, session
• Plaintext to cipher text – cipher text toplaintext
• Ways to hide information
• Neumonic – “Ay! Des 3 guys(3DES) had an idea tocast out their rod 2fish for BLOWFISH but instead they rec’d Serpents in theRain (Rijndael) and PGP(pretty good privacy) and OTP (one time pads orpasswords)

AES / DES / 3DES / IDEA / CAST / 2FISH /BLOWFISH / SERPENTS / RIJNDAEL

Front 57

ASYMMETRIC KEYS

(key = Crypto variable)

Back 57

discreet logarithms

Front 58

technical controls

Back 58

user id and passwords to logon to systems

separation of admin roles and user roles

antivirus at endpoints

Front 59

physical controls

Back 59

• locks
• walls
• lighting
• cameras
• access cards
• not having live ports in the reception area

Front 60

separation of duties

Back 60

two people do the same job and make sure the that they both are doing the correct procedures to policies and systems for example in updating data.

Front 61

Media reuse

Back 61

when getting rid of hardware delete hard drives securely

• destroy the drive

Front 62

Eve's dropping threat

Back 62

technical control by having a packet analyser on the network which can see any packets in plain text.

Front 63

Kerberos

Back 63

• uses zero knowledge proof
• 
  

Front 64

Attacks on PRIVACY

Back 64

• social engineering (approach authoritatively user logged on)
• media re-use (destroy hard drives
• eves dropping ( packet analyser on network)

Front 65

accidental modification

Back 65

integrity
HASH or msg digest

detect accidental modification not malicious

integrity checking

produce digital representation of a file

Front 66

intentional modification

Back 66

integrity and authenticity
MAC - msg authentication code

digital signatures -

Front 67

PLAINTEXT

Back 67

unencrypted text

Front 68

Initialization vector (IV)

Back 68

initiates randomness

adds complexity

based on variables (ie sudo random date and time and added)

Front 69

algorithm (cypher)

Back 69

math processes

symmetric algorithms (session keys for a time period) block or stream

or

Asymmetric algorithms

(discrete or factorisation)

Front 70

key in cryptography

Back 70

how to use the math

known as "crypto variable"

prefer a long key for better protection

random key

i.e. 56 bit key 2 to the 56 power possibilities of different keys

Front 71

NONCES

Back 71

uniqueness to a packet

sequence number to packets without being sequential

Front 72

symmetric cypher

Back 72

• block - slower but more secure (KEY)
• 3des and AES pref AES
• block goes thru math function and substitution
• cipher - confusion and diffusion (algorithm)
• confusion - complex math and substitution
• diffusion - permutation(rounds) i.e. 3des 16 x 3 rounds
• block ciphers faster
• not scalable and ONLY INTEGRITY
  

Front 73

AES

Back 73

256 bit key - but requires more process power

128 bit key

92 bit key

block cipher

efficient

Front 74

CRL

Back 74

certificate revocation list

Front 75

3DES

Back 75

• comes from DES
• 3DES = Triple Data Encryption Algorithm x 3
• 168, 112 or 56 bits
• three times each data block
• processor intensive
• Symmetric
• block cipher
  

Front 76

AES

Back 76

• advanced encryption standard
• AES-128, AES-192 and AES-256
• most common algorithm
• Symmetric
• block cipher
• WPA2 uses AES
  

Front 77

STREAM CIPHER

Back 77

• symmetric cipher
• encrypts bit by bit
• xor, transposition, substituition
• RC-4
  

Front 78

transposition

Back 78

in stream cipher, moving the characters to right or left

scrambling then to make them non coherent

Front 79

substitution

Back 79

stream cipher method

replacing one character with another

Front 80

XOR

Back 80

• STREAM CIPHER
• exclusive OR
• bit by bit cypher txt
• two bits the same 0 and 0 = 0 = true
• if two bits diff 0 and 1 = 1 = false
• RC-4 stream cipher

Front 81

public / private key cryptography

Back 81

• both keys mathematically related
• encrypt with pub key decrypt with private key
• key exchange takes place at application layer
• within network public keys available
• receivers private key decrypts msg and gives sender privacy
• Scalable - because every user gets a key
  

Front 82

Hash / msg digest

Back 82

• algorithms that produce the algorithm
  MD5 = 128 bit
• SHA1 = 160 bit
• SHA256
• one way math
• digital signature
• authenticity and confidentiality
• faster than Asymmetric and Symmetric algos

Front 83

digital signature

Back 83

• is a hash encrypted with the senders private key
• can only be authenticated by the senders public key
• checksum
• Integrity and authentication = Non-repudiation

Front 84

PKI

Back 84

public key infrastructure

ie VeriSign

authority trusted to assign certificates to trusted authority servers ie bank of america

Front 85

OCSP

Back 85

online certificate status protocol

- streamline the ability to see if a certificate has been revoked

i.e. drivers license and policeman should check to see if license has been revoked

Front 86

HTTPS

Back 86

hyper text transport protocol secure

Front 87

HASH MAC

Back 87

• one way hashing mechanism
  
• message + pre agreed symmetric Key
• + a hashing algorithm = MAC
• gives assurance of the origin of msg
• one way math
• used to store pw's - personal identity
  

Front 88

hash collision

Back 88

two diff pieces of txt produce the same hash

Front 89

what do digital signatures use?

Back 89

• hash one way math
• Hash - MD5
• Hash - SHA-1
• Hash - SHA -256

Asymmetric - RSA encrypted with senders

private key

Front 90

protecting data at rest

Back 90

• full disk encryption - TPM (trusted platform module) used BITLOCKER and PGP
• File encryption
• Code Signing - distributed code - such as java, activeX, java Script

needs to digital sign i.e. VeriSign from a trusted source

Front 91

Physical MAC card

Back 91

• Layer 1

• Media Access Control
• the physical address of the interface card on a device - implemented by the manufacturer
  

Front 92

Router

Back 92

• layer 3
• has the ability to route packages over to other network
• require secure router config i.e. passwords

Front 93

Switches and Hubs

Back 93

• Layer 2 - data link level
  
• connect to multiple devices on the same subnet
  
• sends broad cast to every device on a network
• does not have the ability to traverse networks
• maps ports and mac addresses
  

Front 94

FRAMES

Back 94

• Layer 2
• segments of data
  
• protocol delivery unit
  

Front 95

Packets

Back 95

• Layer 3
• networking level
• segments of data
  

Front 96

TCP - general

Back 96

• layer 4
• transport control protocol
• makes sure there is some form of negotiation and receipt or ACK-knowledgement that packet was received
• connection oriented protocol
  

Front 97

UDP

Back 97

mostly for streaming

sends with not comms back from other end

Front 98

IP Addresses

Back 98

• layer 3
  

• mapped to physical MAC address
  

Front 99

multi-layer switches

Back 99

devices that can work at layer 2 or 3

can work as a switch or a router

Front 100

HUB

Back 100

dumb switch

does not map ports or mac addr's

sends packages incoming to all outgoing ports

Front 101

encryption devices

Back 101

• layer 6
• presentation layer because formatting the data
  

Front 102

cable

Back 102

layer 1

a physical device

Front 103

NIC

Back 103

layer 1

physical device

manufacturer applies MAC address

Front 104

BRIDGE

Back 104

layer 2 device

one to another point connectivity

Front 105

IP Address

Back 105

a logical address mapped to a physical address on a interface card 'MAC'

Front 106

firewalls

Back 106

• hardware or software devices
• filter/limits traffic incoming and outgoing
• controls network and host access in and out
• managed by rules which block or allow
  

Front 107

application firewalls

Back 107

network traffic to applications allowed to access application on host web servers

Front 108

stateful firewall

Back 108

• maintains a state table

• incoming / outgoing traffic control to constant sessions

if traffic implemented from in or out, but has no previous connection established the block

• rule based management
  
• allow or deny rules
  

Front 109

DMZ

Back 109

• De-militarised zone you would apply to a web server
• safe portion of network that external users can access but by having a stateful firewall cannot access the internal network
  

Front 110

secure router configuration

Back 110

• requires configuration of passwords
• routing tables
• automatically/dynamically configuration
• malicious access can breach confidentiality
  

Front 111

Security on switches

Back 111

switches learn MAC addresses after 1st time traffic on a port

also able to apply v-lan managment

Front 112

Load Balancers

Back 112

can be used as load balancers to stop servers from being over whelmed with traffic

Front 113

Proxies

Back 113

middle man function

keeps private addresses private by applying one public address to internet

Front 114

caching

Back 114

proxies cache the addresses from internal

Front 115

reverse proxies???

Back 115

in a network to protect against malicious traffic

Front 116

network address translation (NAT)

Back 116

proxy would convert private addresses into

public addresses

firewalls can also do this

Front 117

virtual private network (VPN) concentrators

Back 117

• provides virtual tunnel to external users to a company i.e. home workers
• tunnel would be encrypted
• memory intensive
  

Front 118

secure router management

Back 118

• securing routers with passwords
  
• to maintain the integrity of the routing tables
• has to be done before deploying
  

Front 119

ACL's

Back 119

Access control list

dictate or limit users access to a system

Front 120

Port security

Back 120

logical security - by disabling ports on the system

physical access to ports are locked down by locking the cabinet

Front 121

802.1x

Back 121

• PORT based authentication standard
• so that rogue devices do not connect to system
• applied on switches
• anyone connected must authenticate
  

Front 122

Flood guards

Back 122

protection from ;

• ping flood
• syn flood
• all types of flood
• so that servers are not overwhelmed trying process Denial of service attack
  

Front 123

spanning tree protocol

Back 123

triggered to prevent loops

Front 124

implicit deny

Back 124

all traffic, unless explicit allowed should be

denied

Front 125

log analysis

Back 125

event log

incident logs

successful logs

denied logs

should be secured on NTFS based for integrity

Front 126

SIEM

Back 126

• Security Incident event managers
• for log analysis and correlation
• bring to one interface all logs that are high
  

priority

Front 127

Next gen FW

Back 127

PRO: all in one solution to manage

IDS / IPS

CON: can be a single point of failure

Front 128

VOIP

Back 128

Voice over internet protocol

encrypted voice transmission

Front 129

WAR Dialing

Back 129

attackers tapping on tel numbers to try an identify modems

Front 130

BASELINE

Back 130

• baselines of servers
  
• user pc with a baseline logs on after a long time or remotely
• the Health chk server would scan and apply updates via a remediation server

Front 131

NAC

Back 131

• Network access control
• guarantees access control for devices to the network
  
• health svr chks and updates using renediation svr
  

Front 132

Virtualization Pros

Back 132

• many user machines on one server
• saves on virtual applications
• electricity
• maximize the hardware
• ability to test s/w on virtual machines
  

Front 133

Virtualization Security concerns

Back 133

• all protections applied to host machine should be applied to virtual machines
• attacks an be applied o host machine via the virtual machines
• disable the use of bios
  
• known as defense in depth
  

Front 134

Layered security logical

Back 134

defense in depth

multiple layers of defense via different types of technologies

Front 135

physical layers of defense in depth

Back 135

combination locks to doors

bio-metric locks

cameras

lighting

guards

fencing

all the above o protect physical access to technology systems within a building

Front 136

TCP define

Back 136

• connection oriented
• proper sequencing - frm one station to another
  
• sliding window - tracks packets sent and rec'd
  
• Guaranteed delivery - chks to see if other end rec'd packet
  

Front 137

IP protocol

Back 137

logical addressing - devices packets are coming frm and where going to

IPv4 and IPv6

Front 138

IPv4

Back 138

32 bit address

expressed in decimals

4 octets

each octet is 8 bits long

Front 139

Classes of IPv4

Back 139

• class A - 1-126
  
• class B - 128 - 191
• class C - 192 - 223
• based on first octet of IP address i.e. 192.168.1.1 = 192 = class A
  

Front 140

private IPv4 addressing

Back 140

only used within organization

class A - 10.0.0.0 - 10.255.255.255

class B - 192.16.0.0 - 192.16.255.255

class C - 192.168.0.0 - 192.168.255.255

Front 141

manual IP addressing

Back 141

Static

Front 142

Dynamic IP addressing

Back 142

• DHCP - dynamic host config protocol
• server that assigns IP addressing automatically
• DHCP leases out IP addresses from a scope
• DHCP reservation specific IP addr to printers or servers
  

Front 143

APIPA

Back 143

automatic private IP addressing

169.254.0.1 - 169.254.255.255

Front 144

IPv6

Back 144

128 bit address

hexodecimal

8 quartets

punctuated by colon signs

ie 2001:odb8:85a3:0000:0000:8a2e:3713:7334

Front 145

secure protocol recognition

Back 145

S at beginning = secure = SSH

S at end = secure = SSL

Front 146

SSH

Back 146

port 22

secure shell

shells msgs - creates secure tunnel to transport msgs

Front 147

SSL port, layer ?

Back 147

• Port 443 HTTPS
  
• Secure Socket Layer
• end to end security frm srvrs and browsers
• digitally binds crypto key to organisation
• ops at layer3

Front 148

FTP

Back 148

• Port 21
  
• file transfer protocol
• plain txt
  
• unsecure
  

Front 149

SFTP

Back 149

Port 22

Secure file transfer protocol

Front 150

SCP

Back 150

• port - 22
  
• secure COPY protocol
• used for networks
  

Front 151

HTTP

Back 151

• Port - 80
  
• Hyper text transfer protocol
  

Front 152

HTTPS

Back 152

• Port - 443
  
• secure hypertext transfer protocol
• activated by SSL and padlock on browser
  

Front 153

TFTP

Back 153

• Port 69
• trivial file transfer protocol
  

Front 154

RDP

Back 154

• Port 3389
  
• Remote Desktop protocol form MS
• conns to other machines over network
  

Front 155

Telnet

Back 155

port 23

connects to other computers over the network

Front 156

SNMP

Back 156

port - 160

port - 161

port - 162

gathering config parameters across the network

Front 157

SMTP

Back 157

port 25

allows emails from one exchange svr to another exchange server

Front 158

DNS

Back 158

Port 53

Domain naming server - name resolution

browser query area for URL's

Front 159

POP3

Back 159

port - 110

post office protocol v3

only email retrieval protocol

Front 160

IMAP

Back 160

port 143

internet msg access protocol

creates folders in email

and search facility for emails

Front 161

ICMP

Back 161

port -

internet msg control protocol

used to ping ip addresses on the network

lets you the state of the machine or its details

Front 162

PING floods

Back 162

used to flood ping messages on a network

uses ICMP

some networks block ICMP to avoid ping attacks

Front 163

IPsec

Back 163

Internet Protocol Security

between routers, fw's and each other

uses Auth Headr (AH) and Encop Security Payloads (ESP)

Internet Key Exchange (IKE)

VPN - by encaps'ing orig IP headr in tunnleing

Front 164

AH port and which attacks

Back 164

Authentication Header

port 51

Integrity

protection against Spoofing and replay attack

mostly obsolete

Front 165

ESP which port, layer and encryption?

Back 165

Encapsulating Security Payload

Port 50

Layer 4

uses 3DES

can function with NAT'ing

Front 166

3DES what kind of cipher block or stream?

Back 166

Data Encryption Standard

block ciper

each block algo'd 3 times - DES x 3

each block 64 bits (56+8)

Front 167

AES

Back 167

Advanced Encryption Standard

fixed 128 bit block size

key lengths of 128, 192, 256

Front 168

Hashing

Back 168

• mechanism to mathematically change data

(coffee beans and granules) into HASH

• hash is fixed length 'digest or fingerprint'
• used to scramble passwords or CHAP
• provides INTEGRITY
  
• authenticates users
  

Front 169

Cryptography

Back 169

• the process of changing plain txt to cipher text
• using algorithms
• four goals = CIA-NR
• uses primitives -
  

Front 170

SYMMETRIC KEY IMAGE

Front 171

public key encryption

Back 171

• ONLY public key to encrypt
• ONLY private key can decrypt
• public key can be sent over network without any concerns
  

Front 172

SSL

Back 172

Secure socket layer - crypto protocol

old protocol to TLS

port 443

handshake to establish secure conn

for Authentication between applications and svrs

vulnerability = poodle

Front 173

TLS

Back 173

transport layer security v1.2- crypto protocol

new protocol to SSL

for Authentication

for Authentication between applications and svrs

vulnerability = beast on older versions

Public Key algo = RSA / Diffie Hellman / DSA

Private key crpyto algo's = DES / 3DES / AES / RC4

Front 174

private key which CIA

Back 174

encrypting receivers PUBlic key

only receivers PRIVate key opens msg =
confidentiality and privacy

Front 175

public key which CIA

Back 175

sender PRIVate key encrypts

senders PUblic key decrypts
= AUTHentication

Front 176

Hash of a message which keys and which CIAN

Back 176

HASH is just a one way math function - algo

senders PRIVate key = authenticity

Front 177

non-repudiation achieved by

Back 177

the assumption that a human has used a digital signature on a message to prove that they sent the message.

Front 178

authorisation vs authentication

Back 178

user name and password = AUTHENTICATION

access to a computer/network/files= AUTHORISATION

Front 179

Man in the middle attack

Back 179

a adversary connects at a point in the network to take over a connection between clients and

clients and servers

Front 180

MITM attack

Back 180

adversary eaves drops on the line

captures public key transaction and applies own

gives new pub key to user and relays own pub key to server request

comms now travelling through adversary

Front 181

DOS Countermeasures

Back 181

OS updated

monitor frequent connections attempts to

services

Front 182

syn flood

Back 182

an attacker floods a server with syn packets

svr becomes inundated and not able to deal with other requests

creates unavailability of services and apps within the server

Front 183

types of firewalls

Back 183

packet

application

stateful

all use rule based access control

Front 184

packet firewall

Back 184

applied at layer 3

routers that filter for src / dst / port

bouncer at a night club

cannot block viruses

blocks all or nothing

Front 185

application firewalls

Back 185

layer 7

inspects traffic trying to access applications

accepts and denies traffic to application

can be proxies / kernel proxies

looks for viruses/ inspect deep content

Front 186

State full inspection fw's

Back 186

layer 5

knowledge of ignition of session

block at all levels of a packet src/dst/port/spoofing/syn floods

circuit level monitor

Front 187

VPN

Back 187

virtual private network over internet securely

Front 188

VPN protocols

Back 188

• PPTP - for svr to modem connection
• MPPE - Microsoft - conn frm computer to remote svr
• L2TP - new / uses IPsec / better security

- encaps / ecrypts / authenticates

Front 189

VPN Concepts

Back 189

uses internet to establish secure conn
comms over unsecure network

encrypts traffic

secure remote access

Authenticate

Front 190

VPN endpoints

Back 190

• specified computers
• users
• network gateways
• routers used mostly to encrypt and decrypt traffic

Front 191

VPN types

Back 191

software

hardware

Front 192

Software VPNs

Back 192

- integrated with fw's

- increase network security

- uses fw's and routers

- can be complex

Front 193

Hardware VPN's

Back 193

unified threat management UTM

uses firewalls, routers, IDPS, AV, e-mail to securely connect

adv - cost, interoperability, easier management

DisAdv- single point of failure

Front 194

VPN COR activities

Back 194

encapsulation

encryption

AUTHentication

Front 195

VPN encapsulation

Back 195

encrypts src and dst information

provides integrity

encrypts data

src and dst ip addr can be reserved

Front 196

IPsec componenets

Back 196

ISAKMP

IKE

Oakley

policy management

driver

Front 197

IPsec VPN componenets

Back 197

AH - authentication heard

ESP - encapsulation security payload

Front 198

Encryption components

Back 198

key

digital certificates

certification authority

Front 199

encryption EXCHANGE METHODS

Back 199

symmetric key

asymmetric key

IKE - internet key exchange

Front 200

3DES explain

Back 200

Data Encryption Standard
uses three keys to encrypt data

mostly used in VPN's

Front 201

AES

Back 201

to replace 3DES

US gov standard

uses Rijndael encryption standard

is a block cipher

applies algo to blocks of data called rounds

10 rounds = 128 / 12 rounds = 192

14 rounds = 256

Front 202

SSL How it works?

Back 202

• client to svr handshake by saying ecrption method, SSL session numbr, and random no.
• svr responds SSL ver numbr, cipher and dital cert
• client generates, and premaster code
• svr gens session key
• svr / client msg that handshake complete
• ssl session begins

Front 203

how is SSL cert acquired

Back 203

a certificate authorisation company CA

verifies web service with padlock on url

CA chks references of the certification requester

VeriSign / RSA / global sign

Front 204

TLS vs SSL

Back 204

TLS newer ver of SSL

uses Hashed message authentication code HMAC

combines hash algo to shared secret key

recombines uses XOR function

Front 205

TLS cryptography (cipher types)

Back 205

PUBkey SYMM - RSA / Diffie Hellman / DSA

PRIVkey - ASYMM - RC4, IDEA, DES, 3DES, AES

HASH algo - MD5, SHA-1 and SHA-256

Front 206

IKE SA explain phase 1

in a vpn tunnel

Back 206

bi-directional comms on which crypto to use between client and srvr

Front 207

IKE SA explain phase 2

in a vpn tunnel

Back 207

IPsec to protect data

Front 208

Wireless Security WEP

Back 208

Wired equivalent privacy

easily hacked

Front 209

WPA

Back 209

WPA layer 2 based port based AUTHentication protocolTKIP -Temporal key integrity protocolprevents packet replaymessage integrity code (MIC)encrypted method256 bit key

Front 210

WPA2

Back 210

• WPA layer 2 based
• port based AUTHentication protocol
• TKIP -Temporal key integrity protocol
• prevents packet replay
• message integrity code (MIC)
• encrypted method
• PLUS mac protocol (ccmp)
• 256 bit key

Front 211

WPA FOUR WAY HAND SHAKE

Front 212

TKIP

Back 212

used in Wireless access

Temporal Key Integrity Protocol

uses changing keys

convenient cost saving

but used some WEP which made it vulnerable

Front 213

WPA with AES

Back 213

Advanced Encryption Standard

Front 214

Wireless frames

Back 214

Layer 2 or Data-Link

based on header field

frame control consists of = src&dst / protocol / data type / chk sequence / MAC addrs

Mngmnt frames

Control frames

Data frames

Front 215

management Frames

Back 215

Beacons

Probes

Associations

Authentication

Front 216

wireless frame BEACON?

Back 216

an access point

shows ssid

Front 217

wireless frame PROBE

Back 217

requests - frm client for range

responses - req followed up by supported data rates

Front 218

wireless frame ASSOCIATION

Back 218

requests - connect / time

response - to accept conn

rejection - not allowed to connect

DisAssociation -

Front 219

wireless frame AUTH Frame

Back 219

Authentication - WEP or WPA or WPA2

DeAuth frame -

Front 220

wireless frame CONTROL

Back 220

Request to snd frame RTS

clear to snd frame CTS

Ack frame ACK

data frame

Power Save Poll PS-Poll

Front 221

MAC frames used for

Back 221

used to find wireless connections and transmit data