Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
82 Cards in this Set
- Front
- Back
|
AES |
Advanced Encryption Standard 128 Bits |
|
|
ADS |
Alternate Data Streams Added to NTFS (Windows File System) in order to improve interoperability with Apple's HFS - and Resource Forks |
|
|
Hooking |
API Hooking, Can use to intercept calls to the APIs that access OS data structures storing data about files in directories, running processes, and network connections |
|
|
Honeypot |
Closely monitored network decoys serving several purposes |
|
|
Purpose of Honeypot |
-Distract aversaries from more valuable machines on a a network -Provide early warning about new attack and exploitation trends -Allow indepth examination of adversaries during and after exploitation of the honeypot |
|
|
Obfuscation |
The concept of concealing the meaning of communication by making it more confusing and harder to interpret |
|
|
BIOS |
Basic Input Output System Manages data flow between the computer's operating system and attached devices |
|
|
Slack Space |
At the end of files, in unused space between the end of the actual file and the end of the dined data unit(cluster) |
|
|
Unallocated Space |
Unassigned space on a hard drive that the operating system can assign to a program |
|
|
Stateless Layer Firewall |
Watches network traffic, and restricts or blocks packets based on source and destination addresses or other static values Fast, and perform better under heavy traffic |
|
|
Stateful Layer Firewall |
Watches traffic streams from end to end Better at identifying and forged communications |
|
|
Application Layer Firewall |
A form of firewall that controls input, output, and/or access from, to, or by an application or service |
|
|
Process Stack |
Contains a list of all threads currently running in the process space |
|
|
Stuxnet |
Attacked Iran's Nuclear Program Recorded data operations and caused damage to centrifuges |
|
|
Zeus |
Banking worm that was designed to steal from your banking account Middle type browser attack to make action for you |
|
|
Mariposa |
Botnet involved in DOS and cyber spamming attacks Million zombie computers |
|
|
Storm |
Trojan horse that affects Microsoft OS's Infected things by email message, made zombie network |
|
|
Bot net |
A number of internet computers that have been set up to forward transmissions |
|
|
Phishing |
Usually provides a link to a bogus website through emails in order to gain control of computer |
|
|
Spoofing |
Counterfeits of webpages, emails, or other virtual documents to trick business owner into taking ill-advised actions |
|
|
Command & Control |
The influence an attacker has over a compromised computer system they control |
|
|
Stealth Mode |
Firewall setting, hides ports on your computer from the internet |
|
|
Promiscuous Mode |
Allows a network adapter to pick up all packets even though it's not addressed to the IP |
|
|
Polymorphic |
A virus that includes a scrambled virus body and decryption routine that first gains control of the coputer, then decrypts the virus body |
|
|
Hash Tables |
Passwords that have been hashed, so you can match the hashed file to previously hashed files to figure out the passwords
|
|
|
Hashing |
the transformation of a string of characters into a usually shorter fixed-length value |
|
|
Rainbow Table |
Precomputed, for reversing cryptographic hash functions |
|
|
MBR |
Master Boot Record Loader for the operating system, and a layout of the partition of the drive |
|
|
SEO |
Search Engine Optimization,
using metadata to push results on search engines through keywords and other methods |
|
|
WEP |
Wired Equivalent Privacy Security algorithm for IEEE 802.11 wireless networks. Intention was to provide data confidentiality comparable to that of a traditional wired network |
|
|
WPA |
Wi-Fi Protected Access Intermediate measure to take the pace of WEP pending availability of the full IEEE 802.11i standard |
|
|
WPA2 |
Wi-Fi Protected Access 2 requires testing and certification by the Wi-Fi |
|
|
SQL Injection |
A code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution |
|
|
Cross-Site Scripting |
Uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely |
|
|
Host-Based IDS |
Installed in a host and they can monitor traffics that are originating and coming to that particular hosts only |
|
|
IDS |
Intrusion Detection System |
|
|
Signature-Based IDS |
Monitors packets on the network and compares them against a database of signatures or attributes from known malicious threats |
|
|
Anomaly-Based IDS |
Detects computer intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous |
|
|
Network-Based IDS |
Strategically positioned in a network to detect any attack on the hosts of that network, by capturing all data passing through. |
|
|
Metasploit Framework |
A tool for developing and executing exploit code against a remote target machine |
|
|
Port 21 |
ftp (file transfer protocol) |
|
|
Port 22 |
ssh (secure shell) |
|
|
Port 23 |
telnet (remote login) |
|
|
Port 25 |
smtp (simple mail transport protocol)
|
|
|
Port 53 |
dns (domain name service) |
|
|
Port 80 |
http (hypertext transfer protocol - webpages) |
|
|
Port 110 |
pop3 (post office protocol) |
|
|
Port 135 |
netbios (network basic input output system) |
|
|
Port 139 |
netbios (network basic input output system) |
|
|
Port 445 |
netbios (network basic input output system) |
|
|
Port 443 |
https (encrypted webpages, s = secure) |
|
|
Dual Homed Host |
Type of firewall that uses two or more network interfaces, one connection internal, one connection to the internet |
|
|
NAT |
Network Address Translation |
|
|
IP/UDP vs TCP |
Connectionless vs Connection-Oriented |
|
|
TCP/IP Network Model |
Layer 4: Application Layer 3: Transport Layer 2: Network Layer 1: Link |
|
|
Application Layer |
Handles the details of the particular application |
|
|
Transport Layer |
Provides a reliable flow of data between two hosts |
|
|
Network Layer |
Handles the movement of packets |
|
|
Link Layer |
Includes device driver and network interface card (MAC) |
|
|
Routers |
Move packets between networks |
|
|
Switches |
Move packets within networks |
|
|
TCP |
Transport Control Protocol Three Way Handshaking |
|
|
UDP |
User Datagram Protocol |
|
|
IP |
Internet Protocol |
|
|
IPv4 Addresses |
32 bits long 000 000 000 000 to 255 255 255 255 |
|
|
Port Numbers |
16 bits long 0 to 65,535 |
|
|
MAC Addresses |
48 bits long in hexadecimal |
|
|
Encapsulation |
Data over Data, Think of a Onion of data |
|
|
Ping Sweeps |
Identify computers are visible |
|
|
Port Scans |
Identify any programs listening for connections |
|
|
Traceroutes |
Identify the route across an IP network |
|
|
OS fingerprinting |
Identifies what operation system is running |
|
|
TTL |
Time to Live |
|
|
Possible States of a Port |
Open Closed Filtered |
|
|
SYN |
Synchronize |
|
|
ACK |
Acknowledge |
|
|
All Important Flags |
SYN ACK Reset Urgent Pointer FIN Push |
|
|
Attack Points |
Human Access Physical Access LAN Access Remote Access Wireless Access |
|
|
Link Farm |
A group of sites and webpages hyperlinked to each other to increase page rank |
|
|
Keyword/Content Stuffing |
Hackers add many extra pages to compromised websites that contain keywords to topics |
|
|
Cloacking |
Webserver hosting SEO Poisoned misleading pages |
|
|
SEO Poisoning |
Redirect to a malicious page or fake alert messages |
