Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
42 Cards in this Set
- Front
- Back
|
A back door attack is usually a?
|
Acess or Modification attack
|
|
|
SSH uses what port for connections
|
22 and TCP
|
|
|
is a whole idsk encryption feature that can encrypt an entire volume iwht 128-bit encryption
|
Bitlocker
|
|
|
allows a transport protocol to be sent acrross the network and utilized by the equivalent service or protocol at the receiving host
|
Encapsulation
|
|
|
Originally designed by MIT, it is becoming very popular as an authentication method.
|
Kerberos
|
|
|
are programs or snippets of code the execute when a certain predefined event occurs
|
Logic bomb
|
|
|
Two particular areas of interset with web servers are filters and controlling access to
|
Executable scripts
|
|
|
Occur when an attacker takes control of one end of a TCP session
|
TCP Sequence number attacks
|
|
|
is a facility designed to provide immdiate availability in the event of a system or network failure
|
Hot site
|
|
|
is the process of systematically identifying the network and its security proture
|
Footprinting
|
|
|
Allow you to isolate systems from unauthorized users
|
Security zones
|
|
|
can be thought of as an intermedicary between your network and any other network
|
Proxy firewall
|
|
|
cards that are difficult to counterfeit, but they're easy to steal
|
Smart cards
|
|
|
is a feature designed into many e-mail servers that allows them to forward e-mail to ther e-mail servers
|
SMTP Relay
|
|
|
The most difficult part of the process is attempting to assign values to information
|
Asset-identification
|
|
|
is a form of social engineering in which you simply ask someone for a piece of information that you are missing by making it look as if it is a legitimate request.
|
Phishing
|
|
|
The purpose of this is to identify and evaluate the enemy, identify and track communication patterns, and identify what type of technology are being used to send them.
|
Analysis and intelligence
|
|
|
This model is common in network administrative roles.
|
Role-based access control or Rbac
|
|
|
is a newer protocol that merges SSL with other protocols to provide encryption.
|
TLS
|
|
|
Attacks on TCP/IP usually occur at what layer,
|
HOST-TO-HOST or INTERNET layer
|
|
|
are software programs that have the ability to hide certain things from the operating system.
|
Rootkits
|
|
|
a device that has some of the best capabilities of routers and hubs combined.
|
Switch
|
|
|
it draws attackers away from a higher-value system or allows administrators to gain intelligence about an attack strategy.
|
Honeypots
|
|
|
are freestanding devices that operate in a largely self-contained manner, requiring less maintenance and support than a server-based product
|
Appliances
|
|
|
A system that uses smart cards and passwords is referred to as a
|
TWO-FACTOR authentication system
|
|
|
are common in an IDS environment and may be the result of unusual traffic in the network.
|
False positives
|
|
|
occur when an application receives more data than it’s programmed to accept.
|
Buffer overflow
|
|
|
differs from other malware in that it works often actively on behalf of a third party
|
Spyware
|
|
|
MAC uses this to identify the level of security that applies to objects
|
LABELS
|
|
|
are your first line of defense, and they must be configured to pass only traffic that is authorized by the network administrators.
|
Routers
|
|
|
Two primary methods use ICMP to disrupt systems:
|
SMURF attacks and ICMP tunneling.
|
|
|
can use multiple public IP addresses
|
NAT
|
|
|
uses a single one and shares the port with the network.
|
PAT
|
|
|
are a combination of the IP address and the port
|
Sockets
|
|
|
is an occurrence in a data source that indicates that a suspicous activity has occurred
|
event
|
|
|
involves trying to get access to your system from an attacker's perspective
|
penetration testing
|
|
|
viruses change for in order to avoid detection
|
polymorphic
|
|
|
works by encapsulating the network traffic in a protocol called Network Control Protocol (NCP)
|
PPP
|
|
|
Any wireless access point added to your network that has not been authorized is considered a
|
Rouge
|
|
|
help in identifying what services are running on a network.
|
Port scan
|
|
|
process of making a workstation or server more secure is
|
Platform hardening
|
|
|
exists to detect and report unusual occurrences in a network, not block them.
|
IDS
|
