Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
32 Cards in this Set
- Front
- Back
|
C.I.A (Confidentiality, Intergirty, Availbility) |
Ensuring the prevention of unauthorised disclosure of information |
|
|
The Principle of least information |
Requires that each subject in a system is granted restrictive privillages |
|
|
Social Engineering |
Pretending to be someone your not to gain information |
|
|
Key Stroke Logging |
the process of recording what keys are typed without the user knowing |
|
|
Access Control |
LImiting access to certain items of information or controls |
|
|
Internet Zone |
Contains websites that are not on your local intranet |
|
|
A secure website |
A secure website will have a padlock symbol within the URL Link |
|
|
Service set identifier (SSID) |
a 32 length character identifier attached to a header of packs sent over a WLAN that acts as a password |
|
|
WIFI Protected access (WPA) |
a WIFI standard that was designed to improve security |
|
|
Wired equivalent privacy (WEP) |
a ecription algorism system included as part of the 802.4 standard, developed by the institute of electrical and electronic engineers |
|
|
Impersonation |
Will dominate or charm targets into revealing information or providing access to information |
|
|
Dumpster diving |
Going through bins/rubish to find documentatio/information |
|
|
Shoulder Surfing |
Password observation |
|
|
Tail Gating |
following someone to gain entry |
|
|
Phishing |
Spoofed electronic communications to trick a user into providing confidential information
spoof emails or faked/hacked websites
spear version is when you attack the senior managment |
|
|
Malware |
Rely on some sort of host file
vector (executable, scripts, macro)
Payload |
|
|
Worms |
Propagate in memory/ over network links
Consume bandwidth
May be able to compromise application or OS to get payload |
|
|
Trojans |
Malicious program concealed within a nonmalious program
many are designed to provide survelience or control of an infected host |
|
|
Spyware |
allows an attacked to record system configuration and user actions
key logging, screenshots, Remote Desktop, ect.... |
|
|
Adware |
records some user activicty but less than spyware
uses cookies to deliver forged adverts based on the users browser history
legitimate adware should make privacy policys obvious |
|
|
Rootkits and Backdoors |
Replace key system files and utilities
most powerful operate with system/kernal level privlages
backdoors could be opened by malicious software |
|
|
Hardening |
reducing the attack surface |
|
|
First/Second line Defence |
1. Policies + Proedures
2. Physical Security |
|
|
ACL |
Access Control List |
|
|
IPSEC |
Internet Protocol Security
Tunneling Protocol |
|
|
Drive-By Download |
A virus/peice of malware that infects your system as you browse the internet |
|
|
White/Black List |
A list of entries either allowed/Denied irrespective of all other rules |
|
|
White List |
Allow Entries |
|
|
Black List |
Denied Entries |
|
|
Security Types |
WEP, WPA, WPA2, AES, 3DES, DES, TKIP |
|
|
Mac Filters |
enables you to expilicly allow or deny acces to a WAP through the MAC address. Will not protect against MAC Spoofing |
|
|
Spoofing |
Falsifing Data |
