Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
79 Cards in this Set
- Front
- Back
What is an open-source application that enables users to remotely control desktop computers?
|
VNC Virtual Network Computer
|
|
What must be secured in a PKI to protect the certificates that have been validated?
|
The private key of the root CA
|
|
What is an example of process monitoring?
|
BIOS virus monitoring
|
|
On a Unix computer what starts other daemons when network services are requested?
|
xinetd
|
|
What type of virus is specifically designed to take advantage of the extention search order of an operating system?
|
companion
|
|
What is contained in the /etc/motd file on a Unix computer?
|
login banner configurations
|
|
Which type of IDS searches through log files on network computers for evidence of hacker attacks?
|
Log File Monitor LFM
|
|
Which of the following services is used on windows networks for remote commands and remote file sharing?
|
NetBIOS services
|
|
Which of the following types of scanning uses only a portion of TCP triple handshake?
|
half scanning
|
|
What Unix tools can be used to determine which network ports are open and listening?
|
lsof, netstat
|
|
Which of the following is the equipment in a telephone company central office that connects an ISP to the digital communications network
|
POP
|
|
Which of the following operates at the Presentation layer of the OSI model?
|
Unicode
|
|
What is contained within a X.509 CRL
|
serial numbers
|
|
What TCSEC levels refers to a computer system that provides DAC as a max level of security?
|
C1
|
|
Which organization produces BackOrifice?
|
Cult of the Dead Cow
|
|
What is a private key encryption standard that was developed i nRussia and uses 256-bit encryption key?
|
GOST
|
|
What is used to digitally sign packets that are transmitted on IPSEC connections?
|
KHMAC Key Hashing for Message Authentication Code
|
|
Which type of IDS is designed to notify administrators when critical system files on a computer are altered?
|
SIV
|
|
What typically enables a social engineering virus to replicate?
|
gullibility
|
|
Which of the following is an example of untargeted hacker recon that uses TCP RST packet to scan for open ports?
|
reset scan
|
|
What happens to the payload of a session using the IPSec in tunnel mode with the AH protocol?
|
encapsulated packet that is digitally signed
|
|
What agents are used by teh presence service of an IM system?
|
presence user agent, watcher user agent.
|
|
Which of the following determines whether the information in a file has changed?
|
a digital signature
|
|
Port 0
|
TCP/UDP, source port
|
|
Port 19
|
Chargeen, TCp/UDP
|
|
Port 67/68
|
DHCP
|
|
Port 69
|
tftpd, UDP
|
|
Port 79
|
finger TCP
|
|
Port 110, 109
|
POP TcP
|
|
Port 143
|
IMAP, TCP
|
|
Port 144
|
NeWS, TCP
|
|
Port 161/2
|
snmp UDP
|
|
Port 513
|
rlogin TCP AND who, UDP
|
|
Port 1114
|
SQL, TCP
|
|
Port 2049
|
NFS, TCP/UDP
|
|
Port 12345, 12346, 20034
|
NetBus, TCP
|
|
Port 31337
|
BackOrifice, UDP
|
|
Port 33434
|
traceroute, UDP
|
|
Port 8
|
ping, ICMP
|
|
Port 11
|
traceroute, ICMP
|
|
Port 1812
|
RADIUS
|
|
Port 138
|
netbios
|
|
Port 67
|
bootp & DHCP
|
|
Port 70
|
IIS gopher
|
|
Port 119
|
NNTP
|
|
Port 135
|
RPC
|
|
Port 2049
|
NFS
|
|
Port 88
|
Kerberos
|
|
Port 123
|
NTP
|
|
Port 1701
|
L2TP, UDP
|
|
Port 636
|
LDAP (SSL/TLS)
|
|
What is MAC?
|
A strict hierarchial access model used often in gov't systems where the OS control access
|
|
What type of access control uses labels/classifications?
|
MAC
|
|
What is DAC?
|
An access control method where data owners decide who has access to data. it is enforced by the OS but determined by the user and set by the adminitrator
|
|
What is the basis of DAC?
|
ACL, access control lists
|
|
What is rule based access control usually used on?
|
routers/firewalls
|
|
What is another name for Role Based Access control?
|
Non-discretionary Access control
|
|
How many roles can a user be assigned RBAC?
|
1
|
|
what are the three access methods used by RBAC?
|
task-based, lattice-based & role-based
|
|
What does a lattice-based system define?
|
upper & lower bounds
|
|
Who developed Kerberos?
|
MIT
|
|
What type of key authentication does Kerberos use?
|
symetric
|
|
Describe the steps of the Kerberos process?
|
Client authenticates with the KDS, KDS issues a TGT to client, client sents TGT to TGS, TGS sends an application ticket to the client. The client presents this ticket to the application server and is granted access to the resource
|
|
Is mutual authentication mandatory or optional in Kerberos?
|
optional
|
|
What is CHAP?
|
Used to provide on-demand (continuous) authentication w/i an ongoing data session uses 1-way (MD5)hashing
|
|
What type of attack is CHAP especially good at thwarting
|
replay
|
|
What are certificates used for?
|
to establish encrypted communications streams through unsecured networks.
|
|
Is PKI symetric/asymetric?
|
asymmetric
|
|
What is the purpose of encrypted messages?
|
to ensure privacy
|
|
What is the purpose of encyrpted signatures
|
ao validate identiy (authenticity)
|
|
What is a token?
|
Either a physical device or a one time password issued to a user
|
|
Why is DHCP less secure that static IPs?
|
Because an unauthorized user can obtain an IP address on you network
|
|
What is a Smurf attack?
|
When an attacker sends ping requests to the broadcast node on a network, replacing the original IP source address with that of the victim
|
|
What is a Fraggle attack/
|
Same as smurf except with UDP packets directed at port 7 & 19
|
|
What is a SYN attack?
|
Takes advantage of the TCP three way handshake by sending a flood of SYN requests but never send the final acknowledgment
|
|
What is a Land attack/
|
The attacker spoofs TCP/IP SYN packets to teh victims system with the same source and destination IP address & ports
|
|
What is a teardrop attack?
|
Sends fragmented UDP packets w/odd offset values in subsequent packets
|
|
What is a bonk attack?
|
affects mostly Windows machines by sending corrupt UDP packets to DNS port 53
|
|
What is a boink attack?
|
Same as bonk but uses multiple ports
|