• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/79

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

79 Cards in this Set

  • Front
  • Back
What is an open-source application that enables users to remotely control desktop computers?
VNC Virtual Network Computer
What must be secured in a PKI to protect the certificates that have been validated?
The private key of the root CA
What is an example of process monitoring?
BIOS virus monitoring
On a Unix computer what starts other daemons when network services are requested?
xinetd
What type of virus is specifically designed to take advantage of the extention search order of an operating system?
companion
What is contained in the /etc/motd file on a Unix computer?
login banner configurations
Which type of IDS searches through log files on network computers for evidence of hacker attacks?
Log File Monitor LFM
Which of the following services is used on windows networks for remote commands and remote file sharing?
NetBIOS services
Which of the following types of scanning uses only a portion of TCP triple handshake?
half scanning
What Unix tools can be used to determine which network ports are open and listening?
lsof, netstat
Which of the following is the equipment in a telephone company central office that connects an ISP to the digital communications network
POP
Which of the following operates at the Presentation layer of the OSI model?
Unicode
What is contained within a X.509 CRL
serial numbers
What TCSEC levels refers to a computer system that provides DAC as a max level of security?
C1
Which organization produces BackOrifice?
Cult of the Dead Cow
What is a private key encryption standard that was developed i nRussia and uses 256-bit encryption key?
GOST
What is used to digitally sign packets that are transmitted on IPSEC connections?
KHMAC Key Hashing for Message Authentication Code
Which type of IDS is designed to notify administrators when critical system files on a computer are altered?
SIV
What typically enables a social engineering virus to replicate?
gullibility
Which of the following is an example of untargeted hacker recon that uses TCP RST packet to scan for open ports?
reset scan
What happens to the payload of a session using the IPSec in tunnel mode with the AH protocol?
encapsulated packet that is digitally signed
What agents are used by teh presence service of an IM system?
presence user agent, watcher user agent.
Which of the following determines whether the information in a file has changed?
a digital signature
Port 0
TCP/UDP, source port
Port 19
Chargeen, TCp/UDP
Port 67/68
DHCP
Port 69
tftpd, UDP
Port 79
finger TCP
Port 110, 109
POP TcP
Port 143
IMAP, TCP
Port 144
NeWS, TCP
Port 161/2
snmp UDP
Port 513
rlogin TCP AND who, UDP
Port 1114
SQL, TCP
Port 2049
NFS, TCP/UDP
Port 12345, 12346, 20034
NetBus, TCP
Port 31337
BackOrifice, UDP
Port 33434
traceroute, UDP
Port 8
ping, ICMP
Port 11
traceroute, ICMP
Port 1812
RADIUS
Port 138
netbios
Port 67
bootp & DHCP
Port 70
IIS gopher
Port 119
NNTP
Port 135
RPC
Port 2049
NFS
Port 88
Kerberos
Port 123
NTP
Port 1701
L2TP, UDP
Port 636
LDAP (SSL/TLS)
What is MAC?
A strict hierarchial access model used often in gov't systems where the OS control access
What type of access control uses labels/classifications?
MAC
What is DAC?
An access control method where data owners decide who has access to data. it is enforced by the OS but determined by the user and set by the adminitrator
What is the basis of DAC?
ACL, access control lists
What is rule based access control usually used on?
routers/firewalls
What is another name for Role Based Access control?
Non-discretionary Access control
How many roles can a user be assigned RBAC?
1
what are the three access methods used by RBAC?
task-based, lattice-based & role-based
What does a lattice-based system define?
upper & lower bounds
Who developed Kerberos?
MIT
What type of key authentication does Kerberos use?
symetric
Describe the steps of the Kerberos process?
Client authenticates with the KDS, KDS issues a TGT to client, client sents TGT to TGS, TGS sends an application ticket to the client. The client presents this ticket to the application server and is granted access to the resource
Is mutual authentication mandatory or optional in Kerberos?
optional
What is CHAP?
Used to provide on-demand (continuous) authentication w/i an ongoing data session uses 1-way (MD5)hashing
What type of attack is CHAP especially good at thwarting
replay
What are certificates used for?
to establish encrypted communications streams through unsecured networks.
Is PKI symetric/asymetric?
asymmetric
What is the purpose of encrypted messages?
to ensure privacy
What is the purpose of encyrpted signatures
ao validate identiy (authenticity)
What is a token?
Either a physical device or a one time password issued to a user
Why is DHCP less secure that static IPs?
Because an unauthorized user can obtain an IP address on you network
What is a Smurf attack?
When an attacker sends ping requests to the broadcast node on a network, replacing the original IP source address with that of the victim
What is a Fraggle attack/
Same as smurf except with UDP packets directed at port 7 & 19
What is a SYN attack?
Takes advantage of the TCP three way handshake by sending a flood of SYN requests but never send the final acknowledgment
What is a Land attack/
The attacker spoofs TCP/IP SYN packets to teh victims system with the same source and destination IP address & ports
What is a teardrop attack?
Sends fragmented UDP packets w/odd offset values in subsequent packets
What is a bonk attack?
affects mostly Windows machines by sending corrupt UDP packets to DNS port 53
What is a boink attack?
Same as bonk but uses multiple ports