Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

26 Cards in this Set

  • Front
  • Back
Physical Threats
Theft, Damage, or Destruction to computer equipment
Data Threats
Removal, corruption, denial of access, unauthorized access, or theft or information.
Internal Threats
Employees have access to data, equipment, and the network

* Malicious threats are when an employee intends to cause damage.
* Accidental threats are when the user damages data or equipment unintentionally.
Software code that is deliberately created by an attacker. Viruses may collect senstive information or may alter or destroy information
A self-replicating program that uses the network to duplicate its code to the hosts on the network. At minimum, worms consume bandwidth in a network.
External Threats
Users outside of an organization that do not have authorized access to the network or resources

* Unstructured – Attackers use available resources, such as passwords or scripts, to gain access and run programs designed to vandalize
* Structured – Attackers use code to access operating systems and software
A Trojan is technically a worm. The Trojan does not need to be attached to other software. Instead, a Trojan threat is hidden in software that appears to do one thing, and yet behind the scenes it does another. Trojans are often disguised as useful software. The Trojan program can reproduce like a virus and spread to other computers. Computer data damage and production loss could be significant. A technician may be needed to perform the repairs, and employees may lose or have to replace data. An infected computer could be sending critical data to competitors, while at the same time infecting other computers on the network.
Adware is a software program that displays advertising on your computer. Adware is usually distributed with downloaded software. Most often, adware is displayed in a popup window. Adware popup windows are sometimes difficult to control and will open new windows faster than users can close them.
Grayware or malware is a file or program other then a virus that is potentially harmful. Many grayware attacks are phishing attacks that try to persuade the reader to unknowingly provide attackers with access to personal information. As you fill out an online form, the data is sent to the attacker. Grayware can be removed using spyware and adware removal tools.
Spyware, a type of grayware, is similar to adware. It is distributed without any user intervention or knowledge. Once installed, the spyware monitors activity on the computer. The spyware then sends this information to the organization responsible for launching the spyware.
Denial of Service prevents users from accessing normal services, such as email and a web server.
Ping of Death
A series of repeated, larger than normal pings that crash the receiving computer
Email bomb
A large quantity of bulk e-mail that overwhelms the e-mail server preventing users from accessing it
another form of attack that uses many infected computers, called zombies, to launch an attack. With DDoS, the intent is to obstruct or overwhelm access to the targeted server. Zombie computers located at different geographical locations make it difficult to trace the origin of the attack.
Unsolicited email that can be used to send harmful links or deceptive content
Windows that automatically open and are designed to capture your attention and lead you to advertise sites.
SYN Flood
Randomly opens TCP ports, tying up the network equipment or computer with a large amount of false requests, causing sessions to be denied to others
Gains access to resources on devices by pretending to be a trusted computer
Intercepts or inserts false information in traffic between two hosts
Uses network sniffers to extract usernames and passwords to be used at a later date to gain access
DNS Poisoning
Changes the DNS records on a system to point to false servers where the data is recorded
Security Policy
Define a process for handling network security incidents
Define a process to audit existing network security
Define a general security framework for implementing network security
Define behaviors that are allowed
Define behaviors that are prohibited
Describe what to log and how to store the logs: Event Viewer, system log files, or security log files
Define network access to resources through account permissions
Define authentication technologies to access data: usernames, passwords, biometrics, smart cards
the first generation security standard for wireless. Attackers quickly discovered that WEP encryption was easy to break. The encryption keys used to encode the messages could be detected by monitoring programs. Once the keys were obtained, messages could be easily decoded.
an improved version of WEP. It was created as a temporary solution until the 802.11i (a security layer for wireless systems) was fully implemented. Now that 802.11i has been ratified, WPA2 has been released. It covers the entire 802.11i standard.
# Lightweight Extensible Authentication Protocol (LEAP), also called EAP-Cisco – a wireless security protocol created by Cisco to address the weaknesses in WEP and WPA. LEAP is a good choice when using Cisco equipment in conjunction with operating systems like Windows and Linux.
Troubleshooting process
1. Gather Data from Customer
2. Verify Obvious Issues
3. Try Quick Solutions first
4. Gather Data From Computer
5. Evaluate Problem and Implement Solution
6. Close with Customer