Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
163 Cards in this Set
- Front
- Back
|
What is WTLS Protocol primarily used for?
|
WTLS (wireless transport layer security) is primarily used between a mobile device and WAP gateway. It is used on narrowband, low speed, low memory devices
|
|
|
How does WTLS Protocol work?
|
Wireless Transpor Layer Protocol uses digital certificates for the encryted session
|
|
|
What type of services does WTLS Protocol provide?
|
WTLS provides data integrity and authentication security
|
|
|
What is blind FTP?
|
Blind File Transfer Protocol allows a user to access contentsof a file only if they know the exact file nameand path. They do not have access to the directory to search for the file
|
|
|
What is a secure connection for remote server operating commands?
|
SSH
|
|
|
The attacker creates half open TCP connectios by sending theinitial SYN packet with a forged IP and never acknowledges the SN/ACK response from host. THis leads to the hos t reaching a limit and stops accepting connections from legitimate users. What specific type of attack is this?
|
TCP SYN Flood attack
|
|
|
How does a SMURF attack work?
|
Attacker sends a large amount of I MP traffic to a broadcast address and uses a victims IP address as the source IP. The replies from the devices that respond to the broadcast address will flood the victim.
|
|
|
What vulnerablility doe s a SMURF attack exploit?
|
poorly configurednetwork devicesthat respond to ICMP echos sent to broadcast addresses.
|
|
|
IPSEC is installed on a remote access sight server. RAS allows many different protocols. WHich protocol would send username and pass in clear text?
|
NONE, IPSEC is used to encrypt the data on the connection. All traffic including logon info is encrypted.
|
|
|
Where on the network would you place a web server so that network users and internet users can access and still enjoy the the protection from a firewall?
|
DMZ
|
|
|
What do CHAP and MS-CHAP do and how do they do it?
|
CHAP and MS-CHAP provide authentication ONLY via hash. MD4. (does not support encryption)
|
|
|
Decribe footprinting.
|
Gathering information about a company's internet, extranet, remote access, intranet, and internet connections
|
|
|
What can be connected to the internal network that will monitor all net traffic on the LAN and send notificaiton of a possible attack in progress?
|
NIDS
|
|
|
What are the first three steps after you install a web server?
|
--Modify administrator and disable guest accounts
--Install the latest updates and patches --Disable unused protocols and services |
|
|
WHat is DIFFie Hellman used for?
|
Exchanging secret keys over a non-secure network
|
|
|
What type of encryption is Diffie Hellmen?
|
Asymmetric alogarithm
|
|
|
What type of encryption is DES?
|
Symmetric -56 bit keys
encrypts 64 bit blocks |
|
|
What is the importance of a Chain of Custody?
|
Used when preserving attack evidence to be used in court
|
|
|
What is recorded in a chain of custody?
|
It keeps track of who stores, transports, and handles evidence where and when
|
|
|
What are PGP and S/MIME protocols used for?
|
Protocols used for seting up and securing sent and received email
|
|
|
Describe the PGP process and encryption types.
|
Pretty Good Protection uses symmetrical and asymmetrical key. It encrypts the data with symmetrical key: AES, CAT,IDEA, TWOFISH, 3 DES.
Then encrypts the symmetrical key with RSA, DIFFIE HEllman |
|
|
What is IKE?
|
Internet Key Exhange manages peer authentication and key exchange for IPSEC connection
--negotiates security associations for both IPSEC and ISAKMP |
|
|
What is SSL?
|
Secure Socket Layer
--E commerce --application layer security --Encrypted communication beween a web browser and web server |
|
|
What can automatically close/ restart a server /servicewhen DoS attack is detected?
|
ACTIVE IDS
|
|
|
What is S/MIME and how does it work?
|
Secure/Multipurpose Internet Mail Extensions are used to encrypt email
--header is left entact so mail servier can read address --Symmetric key to encrypt data --symmetric key encrypted by recipients public key and an asymmetric alogarithm |
|
|
Is everything encrypted in S/MIME?
|
no the address header is left entact so htat the mail server can read it
|
|
|
What is Security Association?
|
Bundles of alogarithm and parameters (keys)used to encrypt and authenticate a particular flow in on direction. Normal bidirectional traffic hasa pair of security associations
|
|
|
Describe AH.
|
Authentication Header is a configuration mode of IPSEC protocol. It authenticates packets by signing the entire packet. DHCP uses this protocol.
|
|
|
Describe ESP.
|
Encapsulating Security Payload is a configuration mode of IPSEC protocol that provides orign authenticity, integrity, confidentiality of packets
--ENcryption only, authentication, only, or both --Tunnel mode encapsulates entire original IP packet and assigns anew header for routing. |
|
|
What types of encryption are used in a digital signature?
|
Hash, asymmetric
|
|
|
You see massive amounts of traffic coming from TCP port 25 after business hours. WHat should you do?
|
Configure the port to permit relay traffic from authorized users only. (your email address was hacked to spam)
|
|
|
WHat is PAP?
|
PAP is an authentication method that uses clear-text passwords and provides almost no protection against unauthorized access
|
|
|
What is DNS spoofing?
|
DNS spoofing is an attck when the DNS server accepts incorrect information from a host that is not authorized to give information.
|
|
|
What principle dictates that a user is given no more privilege necessary than that required to preform his/her job?
|
Least Privilege
|
|
|
What is TLS?
|
A protocol that ensures private communications by ensuring that no third party can eavesdrop or tamper with any message or data transfer between client and server systems
|
|
|
What principle requires that for a particular set of transactions, no one individual is solely responsible or allowed to execute the complete set?
|
Separation of Duties
|
|
|
What security policy includes mandatory vacations, separation of duties, and job rotation?
|
Change management
|
|
|
What is an alogarithm?
|
A set of instructions normally implemented on a computer system as a procedure to manipulate data
--Algorithms used within cryptography encrypt sensitive data files, and are also used to encrypt and decrypt email, and also to digitally sign documents and programs |
|
|
WhAT is the default port for DNS?
|
Port UDP/TCP 53
|
|
|
What is the default port for SSH?q
|
TCP22
|
|
|
What is the default port for FTP?
|
File transfer Protocol uses port TCP 20/21
|
|
|
What traffic travels on default port 80?
|
Web traffic HTTP
|
|
|
What is the default port for HttpS?
|
TCP 443
|
|
|
What is TCP?
|
IT is conection oriented with the three way hand shake
|
|
|
WHat is UDP?
|
User datagram protocol
|
|
|
WHat is GRE?
|
Generic Routing ENcapsulation encapsulates TCP data within a tunnel and then encrypts it.
|
|
|
What port is forTelnet?
|
TCP 23
|
|
|
WHat port is for SMTP
|
TCP 25
|
|
|
What is the default port for POP3?
|
TCP 110
|
|
|
WHat is the default port for Kerberos?
|
TCP88
|
|
|
What is cross site scripting?
|
It is an attack that is embedded in an HTML image object or java script image tag in an email
|
|
|
How do you prevent cross site scripting?
|
You can disable some parts of javascript
|
|
|
WHat type of encryption would I use on an internal server to an internal database with as little latency as possible.
|
3DES
|
|
|
What is clustering?
|
Provides availabilty of SERVICE (ex: distribute processig effort when generating hashes for pasword cracking program
|
|
|
What is a root kit?
|
A system level kernel module whic modifies files system operations
|
|
|
What kind of attack is DNS susptable to?
|
Reverse loook up attempts if not configured properly
|
|
|
WHat allows decadmins to view the latest unknown attacks?
|
Honey pots
|
|
|
What is a PIV?
|
Smart Card
|
|
|
What is the best tool for analyzing incoming network traffic?
|
Sniffer
|
|
|
What protocol do you use to securely administer remote servers?
|
SSH
|
|
|
What is the purpose of an SQL attack?
|
Exploits vulnerability in the database layer of application through a website to change database content or dump info (credit card info)
|
|
|
What are the steps in an attack?
|
1. recon
2. scanning 3. research vulnerabiliity 4. attack |
|
|
What is a protocol analyzer?
|
A tool used to capture and analyze signals and data traffic over a communication channel
Monitoring port mirrors all packets of all traffic |
|
|
Whch of the following functions of a firewall allows an admin to map an external service to an internal host?
|
PORT Forwarding
|
|
|
Hash addresses what security concept?
|
iNTEGRITY
|
|
|
After setting up a root CA which of the following can Pete aSecuriy admin implement to allow intrmediate CAs to handout keys andcerts?:
|
Trust Model
|
|
|
OOOOOOOH! a Man trap! Define.
|
Visitors entering a building are required to close the back door before the front dor of hte same entry room is open.
|
|
|
Symmetric encryption utilizes _________ keys
|
shared
|
|
|
Asymmetric encryption utilizes __________keys
|
Private keys
|
|
|
What security policies mitigate brute force attacks or dictionary attacks?
|
Account lockout, and password complexity
|
|
|
What do I use to prevent intrusion on a network?
|
NIPS
|
|
|
A bank has imlemented encrption between two locaitons. What security concept BEST exemplifies the protection provided? Integrity, confidentiality, cost, availability
|
CONFIDENTIALITY
|
|
|
What mitigates the risk of proprietary information being compromised?
|
FIle encryption
|
|
|
What do you use to verify the integrity of a downloaded file?
|
MD5
|
|
|
Several users computers are not responding normally and are sending out spam. Whattype of attack is this?
|
Worm
|
|
|
What does HSD do?
|
It is a hardware storage device for asymmetric keys such as RSA. TPM trusted platform models also store asymmetric key
|
|
|
Which protocol would an administrator most likely use to monitor the perimeter of the network?
|
SNMP (simple network management protocol)
|
|
|
What two protocols most commonly enccrypt HTTP?
|
SSL and TLS
|
|
|
ARP poison routing attack is an example of what kind of attack?
|
MAN-IN -the MIddle
|
|
|
Least privilege is considered a _________ control
|
Technical
|
|
|
What type of access control method allows the creator of the file to decide who gets to view it?
|
DAC Discresionary access COntrol
|
|
|
What is platform as a service? (PAAS)
|
Platform as a service is defined as a computing platform being delivered as a service. Here the platform is outsourced in place of a company or data center purchasing and managing their own hardware and software.
|
|
|
What is Software as a Service?
|
It is a software delivery method that provides remote use of softeware as a web based service. It also includes STORAGE.
|
|
|
What is infrastructure as a service?
|
IAAS is a computer structure, such as virtualization, being delivered as a service. It is popular in the work center where software and servers are fully outsourced for a monthly cost based on resource usage
|
|
|
What is infrastructure as a service?
|
IAAS is a computer structure, such as virtualization, being delivered as a service. It is popular in the work center where software and servers are fully outsourced for a monthly cost based on resource usage
|
|
|
What is Madatory Access Control?
|
It is an access control system determined by the administrator based on on special groups, any group with a "label" such as security clearance and need to know
|
|
|
Define authentication
|
Authentication is verification of identification
|
|
|
Define authorization.
|
Authorization is the term defining what you are allowed to do
|
|
|
What is confidentiality?
|
Confidentiality ensures unauthorized access does not happen
|
|
|
Define integrity.
|
Integrity is when data remains unchanged
|
|
|
What are policies?
|
Policies are broad, high level statements of what an orgaization wants to accomplish
|
|
|
Define guidelines.
|
Guidelines are recommendations relatingto a policy
|
|
|
Define standards
|
Standards are mandatory elements regardingthe implementaion of a policy
|
|
|
Define Non-Repudiation
|
Non-repudiation is that a message sender cannot later deny they sent a message. It is a system based on public and private key
|
|
|
what are the parts of cryptography?
|
--Hashing
--symmetric cryptography --asymmentric cryptography --stenography |
|
|
What is hashing used for?
|
--Maintaining integrity
--digital signatures |
|
|
I digitally sign my email with my__________ key. I encrypt and send my email with my ______ key.
|
Sign with private key
Encrypt and send with public key |
|
|
Once I have digitally signed my email with my private key and encrypted and sent it with my public key, the RECIPIENT will decrypt my email with their________ key.
|
private
|
|
|
What are three examples of SHA?
|
SHA1
SHA2 MD5 Message digest |
|
|
You are told to use a 128 bit hash. What would you use?
|
MD5
|
|
|
WHat is a 160 bit hash?
|
SHA1
|
|
|
What is LANMAN? What does it do?
|
LANMAN is a password hashing alogarithm used to hide stored passwords
|
|
|
What is the term used when describing the summary of results for a hashing alogarithm
|
Checksum
|
|
|
What are three types of symmetric key?
|
DES Twofish
3DES IDEA Blowfish |
|
|
What type of encyrption type encrypts bit by bit and what is it used for?
|
RC4 encypts streams of data bit by bit and is used for encrypting video
|
|
|
Why is symmetric encryption considered weak?
|
It uses shared keys
|
|
|
How does 3 DES work?
|
3DES encrypts with one key, decrypts with a second, and encrypts with a third
|
|
|
My CRL is SOOOOO out of date! How can I verify the validity of a cert?
|
OCSP
|
|
|
Who authenticates the identification of a subordinate Certification Authority?
|
THE CA
|
|
|
Pertaining to PKI, who issues and authenticates certifications to users?
|
CA certification authority but if there is a subordinate CA the subordinate CA does all the grunt work for the users
|
|
|
Pertaining to PKI, what is updated when an employee goes berserk and leaves the company?
|
The CRL certification revokation list
|
|
|
What is a NAC?
|
Network access control (Cisco) is the same as Windows NAP. IT enforces a security policy by permitting access only to healthy users. If users are not "healthy" they are sent to a separate VPN to update patches and security measures to become compliant for access.
|
|
|
What is a NAP?
|
Windows Network Access Protection is the same as NAC by Cisco. IT enforces a security policy by permitting access only to healthy users. If users are not "healthy" they are sent to a separate VPN to update patches and security measures to become compliant for access.
|
|
|
What symmetric encryption method encrypts 64 bit blocks?
|
DES 3 DES Blowfish IDEA
|
|
|
Why and in what manner do people still use symmetric encryption?
|
Symmetric encryption is still used because it is fast and efficient. It is typically used between ad internal server to internal database or work station
|
|
|
Are Smurfing and Denial of Service different attacks?
|
Smurfing is a type of denial of service attack that requires IP spoofing. a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. A smurf attacker sends PING requests to an Internet broadcast address. The return address of the request itself is spoofed to be the address of the attacker's victim. All the hosts receiving the PING request reply to this victim's address instead of the real sender's address. The purpose of this attack is to halt a system
|
|
|
What is ARP cache poisoning, ARP spoofing, or ARP poison routing?
|
They are all the same invisible attack where the attacker switches the recipient's MAC address; therefore diverting all intended traffic to the attacker's MAC addreass.
|
|
|
What is used to prevent loops or syn attacks?
|
Spanning tree protocol STP
|
|
|
What is NAT?
|
Network address translation is a configuration on a router that translates IP Address. (not to be confused with PAT which translates Ports)
|
|
|
What is stateful filtering? (routers and firewalls do it)
|
Stateful filtering means that the router will keep track of a TCP connection. Remember: a TCP connection consists of four parts: the remote and local IP address, and the connected ports. Stateful filters verify that every packet into the network is part of an already established, pre-verified connection.
|
|
|
What is stateful filtering? (routers and firewalls do it)
|
Stateful filtering means that the router will keep track of a TCP connection. Remember: a TCP connection consists of four parts: the remote and local IP address, and the connected ports. Stateful filters verify that every packet into the network is part of an already established, pre-verified connection.
|
|
|
Just a reminder of NAT and PAT difference...
|
NAT is Network Address Translation- is translates IP addresses from the ISP to the Network (outside in)
PAT is port address translation. Many hosts use the same public IP butdifferent port IDs. (inside out) |
|
|
What is port forwarding and when is it used?
|
Port forwarding allows things outside the network to access a private IP via a public IP. (Outside to inside) PRINTERS, WEB access to private net
|
|
|
Just a reminder of NAT and PAT difference...
|
NAT is Network Address Translation- is translates IP addresses from the ISP to the Network (outside in)
PAT is port address translation. Many hosts use the same public IP butdifferent port IDs. (inside out) |
|
|
What is port forwarding and when is it used?
|
Port forwarding allows things outside the network to access a private IP via a public IP. (Outside to inside) PRINTERS, WEB access to private net
|
|
|
What does WPA2- enterprise require?
|
RADIUS server
|
|
|
What is the worst wireles encryption?
|
No encryption or WEP
|
|
|
What is EAP?
|
Extensive AUthenticaiton Protocol is a means to remotely prove identity ususally with a smart card CAC or Cert
|
|
|
What is CHAP?
|
CHAP is a basic authentication system that secures username and password but does not support data encryption
|
|
|
What is PAP?
|
Password Authentication Protocol authenticates a username and password against a network's (usually encrypted) table of passwords. but it is in clear text- all of it!
|
|
|
What basic authentication method supports encryption?
|
MSCHAPV2 encrypts username and password, and supports data encyrption
|
|
|
What are the two primary VPN protocols?
|
PPTP
L2TP/IPSEC |
|
|
What is RADIUS?
|
A centralized authentication and policy management
Accounting features |
|
|
What is an open based remote authentication system?
|
RADIUS
|
|
|
What is TACACS+?
|
TACACS+ is Cisco's proprietary remote authentication system. It is TCP based and encrypts the entire process.
|
|
|
What is RADIUS?
|
RADIUS server is a remote authentication dail in user service that is UDP based and open standard. (when you sign on to WAP it requests password. RADIUS encrypts your entry and compares the "shared secret" to password at the RADIUS server.
|
|
|
What type of attack is the man-in-the-middle attack?
|
ARP poisoning when the MAC address is changed
|
|
|
What type of attack is DNS poisoning?
|
It is an ARP poisoning that changes a device's IP address to a malicious destination
|
|
|
What is a protocol that is immune to replay attacks because of the time stamp on the ticket?
|
KERBEROS port TCP 88
|
|
|
What is a software that appears to be one thing but does something different instead?
|
TROJAN
|
|
|
What is the signature characteristic of a Worm?
|
A worm is self-replicating
|
|
|
How does a logic bomb work?
|
It is an attack that is triggered by a specific time or event
|
|
|
What are root kits?
|
They are used to alter systems. Root kits completely hides IP access from Network Status and hides trojan from registry. However, the remote access can be seen by a packet sniffer
|
|
|
What tool is used to detect a root kit attack?
|
Packet sniffer
|
|
|
Is IM secure?
|
NO
|
|
|
How does SPAM affect a network?
|
Affects bandwidth, productivity, and storage space on the web server
|
|
|
What is the protocol to securely transfer files within a network?
|
FTPS
|
|
|
What port does secure http traffic use?
|
TCP 443
|
|
|
What is GRE?
|
Generic Routing Encapsulation it is used by the SMTP protocol
|
|
|
What port is SSH?
|
TCP 22
|
|
|
What tool is used to detect a root kit attack?
|
Packet sniffer
|
|
|
What port is Telnet?
|
TCP 23
|
|
|
Is IM secure?
|
NO
|
|
|
What port is SMTP?
|
TCP 25
|
|
|
How does SPAM affect a network?
|
Affects bandwidth, productivity, and storage space on the web server
|
|
|
What port is DNS?
|
UDP/TCP 52
|
|
|
What is the protocol to securely transfer files within a network?
|
FTPS
|
|
|
What port does secure http traffic use?
|
TCP 443
|
|
|
What is GRE?
|
Generic Routing Encapsulation it is used by the SMTP protocol
|
|
|
What port is SSH?
|
TCP 22
|
|
|
What port is Telnet?
|
TCP 23
|
|
|
What port is SMTP?
|
TCP 25
|
|
|
What port is DNS?
|
UDP/TCP 52
|
