Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
63 Cards in this Set
- Front
- Back
|
What is S/FTP?
|
Offers encryption for both authentication and data traffic using SSH. Client and server must be compatible.
|
|
|
What is Blind FTP
|
Write only FTP. Users can upload files, but can not view any files. Vulnerable to packet sniffing.
|
|
|
What is TCP/IP Hijacking?
|
A type of Man in the Middle attack. Attacker gains access to a host in network and logically disconnects it from the network. Inserts another machine in its place with same IP address.
Can take over client or server. Hijacker will possibly acquire privileges to access all information on server. |
|
|
What are Null Sessions?
|
Hacker can log into windows as a null user bypassing basic authentication. Especially a vulnerability with NetBIOS or if other Windows OS security setting is disabled.
|
|
|
What is Spoofing?
|
Masquerade as someone else. Usually access attack.
Spoofing can be used in email, redirect packets, bypass traffic filters, steal data, perform social engineering attacks and falsify websites. |
|
|
What is a Man-in-the-Middle attack?
|
A form of communications eavesdropping attack. Attackers position themselves in the communication stream between a client and server. The client and server believe they are communicating with each other.
|
|
|
What are Replay Attacks?
|
Capture information login credentials and replay it later gaining access to the system.
Countermeasures include packet sequencing and timestamps. Kerberos is not vulnerable to replay attacks because it uses timestamps |
|
|
What are Denial of Service (DoS) attacks?
|
Form of attack that has the primary goal of preventing the victimized system from performing legitimate activity or responding to legitimate traffic.
May either exploit an existing weakness or error, or may flood the server with garbage network traffic. |
|
|
What are Distributed Reflective Denial of Service (DRDoS)?
|
Uses amplification or bounce network that has been inadvertently left hanging out there with the ability to receive broadcasts or create broadcasts, messages, echoes or bounces.
|
|
|
What are Smurf Attacks?
|
Form of DDoS. Uses ICMP echo reply packets and IP spoofing and broadcasting to send a ping to a group of hosts on a network.
|
|
|
What is Fraggle?
|
Form of DRDoS. Uses UDP packets commonly directed to port 7 (echo port) to 19 (char gen port)
|
|
|
What is a SYN Flood attack?
|
Common form of DoS attack. Exploits TCP three way handshake. Client continually sends and receives ACK packets but doesn't open the session. The server holds the session open and sessions fill up.
|
|
|
What is a Teardrop attack?
|
DoS attack. Numerous partial IP packets are sent to a victim with overlapping sequencing and offset values. Victim attempts to assemble complete IP packets, but fragments overwrite each other and produce packet of invalid size. Causes victim to freeze or crash.
|
|
|
What is a Land Attack?
|
Numerous SYN packets are sent to the victim with source and destination addresses spoofed as the victims address. The victim is confused because it is unable to respond to a packet it sent to itself and has no record sending. Results in a freeze or crash.
|
|
|
What is a Ping Flood attack?
|
Attacker sends numerous ping echo requests to a victim. The victim responds with an echo. If enough inbound and outbound activity, no legitimate traffic can be used.
|
|
|
What is Ping of Death attack?
|
The attacker sends oversized ping packets to the victim. The victim doesn't know how to handle them and freezes or crashes.
|
|
|
What is Domain Name Kiting?
|
Scheme or scam used to discover which new domain names drive the most profitable traffic and then keep these domain names indefinitely without having to pay for them.
|
|
|
What is DNS Poisoning?
|
Falsifying the DNS Information used by a client to reach a desired system.
|
|
|
What is ARP Poisoning?
|
Falsifying IP-to-MAC address resolution system employed by TCP/IP protocol.
|
|
|
What is an Intranet?
|
Private LAN that uses the same protocol and information as the Internet
Private network that uses TCP/IP and offers web browsing, FTP, email... |
|
|
What is an Extranet?
|
Intranet that functions as a DMZ for business to business transactions
|
|
|
What is a DMZ?
|
Designed for public users to access
Usually controlled by firewalls and/or routers Buffer between the public untrusted internet and private trusted LAN |
|
|
What is a VLAN?
|
Logical creation of subnets from a single physical network
create groups of users and systems and segment them on the network. Reduces size of broadcasts |
|
|
What is Network Address Translation (NAT)?
|
Originally extended number of usable internet addresses. Now allows organization to present single address for all computer connections.
Hides your network. Acts as a firewall. Can save IP addresses. Act as a proxy between LAN and Internet |
|
|
What is a Router?
|
Primary instrument for connecting 2 or more networks. Provide path between networks. Router has 2 connections with own address. Intelligent devices. Most can act as packet filtering firewalls. Others more advanced.
|
|
|
What is a switch?
|
Multiport devices that improve network efficiency. Virtual circuit capability. These virtual circuits are more difficult to examine with network monitors
|
|
|
What is Network Access Control (NAC)?
|
A concept of controlling access to an environment through strict adherence to a security policy. Pre admission philosophy or Post admission philosophy .
|
|
|
What s RFC 1918?
|
Defines the ranges of private IP addresses that aren't routable across the Internet.
10.0.0.0-10.255.255.255 (10.0.0.0/8 subnet, 1 Class A range; 172.16.0.0 - 172.32.255.255 (172.16.0.0/12 subnet) 16 Class B ranges; 192.168.0.0 - 192.168.255.255 (192.168.0.0/16 subnets), 255 Class C ranges. |
|
|
What is Subnetting?
|
A divsioning process used on networks to divide larger groups of hosts into smaller collections.
|
|
|
What is Network Intrusion Detection System (NIDS)
|
NIDS can detect malicious activity inside the network (it doesn't cross the firewall)
Monitors network traffic in real time and monitors traffic patterns, scans packet header information and examines the contents of packets Good at detecting network focused attacks like bandwidth based DoS |
|
|
What is Network Intrusion Prevention System (NIPS)
|
NIPS is a subset of NIDS focused on prevention.
NIPS can respond in real time to prevent attacks by dropping packets or otherwise interfere with it |
|
|
What is a Packet Filter Firewall?
|
Typically a router mainly for Internet access. Passes or blocks traffic to specific addresses base on type of application. Doesn't analyze the data of the packet. Filters traffic based on packet header. Least secure but good first line of defense.
Layer 3 |
|
|
What is a Circuit Level Gateway Firewall?
|
A type of proxy server that filters traffic by monitoring the activity with a session. Maintains state information.
Occurs at Layer 5 - session layer |
|
|
What is an Application Level Gateway Firewall?
|
A type of proxy server that filters traffic based on user access, group membership, application or service used or type of resource being transmitted.
Examines packets for content. |
|
|
What is a Proxy Firewall?
|
Intermediary between networks and in front of DMZ. Process requests from an outside network. Examines data and makes rules based decisions about whether should be forwarded or refused. Can hide IP addresses. Better security than packet filtering. Increased intelligence.
|
|
|
What is Stateful Inspection Firewall?
|
Has intelligence. Perimeter security. Records kept using a state table that tracks every communication channel. Especially used in connectionless protocols such as UDP and ICMP. Vulnerable to DOS attacks. Can overload the state table causing firewall to shut down.
|
|
|
What are Internet Content Filters?
|
Tools used to limit access to resources that are deemed insecure.
|
|
|
What are Protocol Analyzers?
|
Tool used to examine the contents of network traffic.
|
|
|
What are COAX cables?
|
Built around a center conductor or core that caries data. core has wrapping and insulation. Relatively protected. Supports baseband and broadband signals. Terminator, NIC, t-connector or other connector can malfunction or become disconnected. Can become brittle over time. Expensive per foot. Can be vulnerable via t-connector attached to a network sniffer. Can be victim of vampire tap.
|
|
|
What are Twisted Pair?
|
Unshielded Twisted pair (UTP) and Shielded Twisted Pair (STP) most prevalent today. Comes in 7 grades and categories. Cost common is CAT 5. Can be easily tapped into, primarily for internal wiring. Known as 10BaseT (category 3)supports 10Mbps of throughput. Max length of 100 meters. More susceptible to EMI
|
|
|
What are Fiber Optic Cables?
|
High level of performance, but expensive. Uses light so less vulnerable to interference. Can’t be tapped easily. However passive connections can bee made at the connections. Usually bridged to wire connections. Not as susceptible to EMI. More difficult to eavesdrop. Throughput of 1Gbps and max length of 2-26km
|
|
|
Describe Category 1 Twisted Pair cables.
|
Voice grade. Used for phones and modems.
|
|
|
Describe Category 2 Twisted Pair cables.
|
4 Mbps. used in older mainframe systems.
|
|
|
Describe Category 3 Twisted Pair cables.
|
10Mbps Ethernet, used in 10BaseT networks
|
|
|
Describe Category 4 Twisted Pair cables.
|
16 Mbps. Used in Token ring networks
|
|
|
Describe Category 5 and 5e Twisted Pair cables.
|
100Mbps, 1000 Mbps, used in 10, 100 and 1000 baseT and similar networks. Most common in newer networks
|
|
|
Describe Category 6 Twisted Pair cables.
|
1000 Mbps. Used in highspeed network installations
|
|
|
Describe Category 7 Twisted Pair cables.
|
10Gbps. Very high speed. Not available. Proposed
|
|
|
What is Wired Equivalent Privacy (WEP)?
|
Defined by the IEEE 802.11 standard. Security standard for wireless devices. Encrypts and provides data security. Some weaknesses in encryption. Protects against packet sniffing and eavesdropping.
|
|
|
What is Wi-Fi Protected Access (WPA)?
|
Designed to address core problems with WEP. Implement 802.11i standard. WPA is backward compatible but limited. WPA2 is not backward compatible but implements full standard
|
|
|
What is Wireless Application Protocol (WAP)?
|
Equivalent to TCP/IP for wireless. Standard. Uses smaller version of html called wireless markup language (WML). Communicate using a WAP gateway system. Gap in the WAP - interconnection between the WAP server and internet isn't encrypted and can be intercepted
|
|
|
What is Data Emanation?
|
Transmission of data across electromagnetic signals. Most computer and network activity are performing some sort of data emanation.
|
|
|
What is Blue jacking?
|
Sending messages to Bluetooth capable devices without permission.
|
|
|
What is Bluesnarfing?
|
Unauthorized accessing of data via bluetooth connection. Data theft.
|
|
|
What is a Rogue Access Point?
|
Access point that can be connected to any open network port or cable.
|
|
|
What is Network Access Control (NAC)?
|
Can be used to protect network from malicious hosts. Ensures computers are properly configured. Can not grant access based on users computer.
|
|
|
What is Dual Backbone?
|
Lan redundancy
|
|
|
What is LDAP Data Interchange Format (LDIF)?
|
Protocol designed to enable LDAP Servers to exchange directory information.
|
|
|
What do you use the Netstat tool for?
|
Display incoming and outgoing network connections, routing tables, and network interface statistics.
|
|
|
What do you use the tracert tool for?
|
Determine the route a packet takes across a Windows IP network.
|
|
|
What is Directory Information Tree (DIT)?
|
Hierarchial structure that can be used to search directory information.
|
|
|
What is X.500?
|
Directory service specification on which LDAP is based.
|
|
|
What is the purpose of a dual backbone?
|
To provide LAN redundancy
|
