Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

60 Cards in this Set

  • Front
  • Back
What is CEP?
A propriatary protocol developed by Cisco that allows devices to acquire and utilize digital certificates from CAs used for the development of IPSEC VPNs
What is Fips?
includes standards issued by the US gov't for the evaluation of cryptography modules
What is Fips 140-2?
Associated with PKI, 4 levels of security
What is ISO 17799?
internationally recognized standards provides a comprehensive set of controls computing best practices in information security
What is the M of N?
relates to the concept of backing up the public and private keys across multiple systems
What is a mantrap?
a holding area between an entry point that gives security personnel time to view a person before allowing him into the building
What does social engineering rely on?
human emotions
What is reverse social engineering?
When an attacker provides information to the user that causes that user to believe the attacker is an authorized technical assistance
What is a Faraday cage?
a large well grounded metal box used to protect electronic equipment from eavesdropping
What is a technical control?
Using hardware and software technology to implement access control
What is CER?
Crossover error rate, the point at which FFR = FAR
Where is Kerberos normally used?
Win 2000+ & Sun Network File System
What is SESAME?
Secure European System and Applications in a mult-vendor environment, is a ticket based service that uses PKI, mD5 & CrC32
What is KryptoKnight?
another ticket based SSO authentication system
What is Bell La Padua?
No read up, no write down...addresses confidentiality
What is Biba?
First formal integrity model, lattice based. No read down, no write up, a subject at one level of integrity cannot invoke a subject at a higher level of integrity
What is Clark Wilson?
establishes a security framework for use in commercial activities such as the banking industry. Addresses integrity
What is 802.1
What is 802.6?
metropolitan area network
What is 802.7?
Broadband technical advisory group
What is 802.8?
Fiber Optic technical advisory group
What is 802.9?
Integrated voice/data network
What is 802.10
network security
What is 802.12?
High speed network
What is the MAC layer responsible for?
performs error control, identifies hardware devic, controls media access
What is SLIP?
predecessor of PPP, developed to support TCP/IP network over low speed asynchronous
What is PPP?
Point-to-Point tunneling protocol, provides router-to-router and host-network connections over synchronous and asynchronous circuits
What is the network layer primarily responsible for?
What are the two primary responsiblities of IP?
connectionless best effor delivery, fragmentation and reassembly of data grams
What is RARP?
reverse address resolution protocol maps MAC addresses to IP addresses
What is ICMP?
reports errors and other information back to the source reguarding the processing of transmittal of IP packets
What are the common ICMP messages?
destination unreachable, echo request/reply, redirect and time exceeded
What are the major functions of the transport layer?
flow control, multiplexing, vertical circuit mangement, error checking and recovery
What is TCP?
a full dupex, connection oriented protocol that provides reliable delivery of packets across a network
What is UDP?
a connectionless protocol that provides fast best effort delivery of datagrams across a network
What is SSL/TLS?
provides session-based encryption and authentication for secure communication between client and servers on the internet
What is SKIP?
similar to ssl but doens't require prior communication to establish a connection or exchange keys
What is the session layer responsible for?
establishng, coordinating and terminating communication session
What is the presentation layer responsible for?
coding and conversion functions
What is the application layer?
identifying and establishing availability of communication, determining resource availability, synchronizing communication
What is SET?
developed by Mastercard and Visa to provide secure e-commerce transactions
What is the difference between IPSEC transport and tunnel mode?
only the data is encrypted in transport mode and the entire packet is encyrpted in tunnel mode
What are the two main protocols in IPSEC?
authentication header (AH) and encapsulating security payload
What does AH provide in IPSEC?
integrity, authentication, & non-repudiation
What does ESP provide in IPSEC?
confidentiality and limited authentication
Which has a lower false alarm rate, behaviour based or knowledge based?
What is a major disadvantage of knowledge based IDS?
signature files must be continually updated and unique attacks may not be caught
What type of encryption does CHAP use?
MD-5 1-way hash
What type of authentication mechanism does EAP support?
MD-5-challenge, S/Key, generic token card, digital certificate
What does TACAS+ provide that RADIUS does not?
What is the formula for risk?
What is the formula for ALE?
What are the three general remedies for risk
risk reduction, risk assignment, risk acceptance
What is an agent?
a component in a distributive system that performs a particular function
What is aggregation?
the process of combining low-sensitivity data items to produce a high sensitivity data item
What is fuzzy logic?
Breaks the factors or a decision an outcomes into components, evaluates each component to arrive at yes/no or true/false for the big question
What is system high mode?
refers toa system that operates at the highest level of classification
What is the difference between change and configuration management?
configuration mangement actually documents the how
What is heuristics?
AV software detects certain kinds of anomalous behavior
What is a psuedoflaw?
a special form of social engineering in which an attacker posing as a system or security admin or vendor tells a user that a security flaw has been detected on their system and they need to install a patch