Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/82

Click to flip

82 Cards in this Set

  • Front
  • Back

AES

Advanced Encryption Standard


128 Bits

ADS

Alternate Data Streams


Added to NTFS (Windows File System) in order to improve interoperability with Apple's HFS - and Resource Forks

Hooking

API Hooking, Can use to intercept calls to the APIs that access OS data structures storing data about files in directories, running processes, and network connections

Honeypot

Closely monitored network decoys serving several purposes

Purpose of Honeypot

-Distract aversaries from more valuable machines on a a network


-Provide early warning about new attack and exploitation trends


-Allow indepth examination of adversaries during and after exploitation of the honeypot

Obfuscation

The concept of concealing the meaning of communication by making it more confusing and harder to interpret

BIOS

Basic Input Output System


Manages data flow between the computer's operating system and attached devices

Slack Space

At the end of files, in unused space between the end of the actual file and the end of the dined data unit(cluster)

Unallocated Space

Unassigned space on a hard drive that the operating system can assign to a program

Stateless Layer Firewall

Watches network traffic, and restricts or blocks packets based on source and destination addresses or other static values


Fast, and perform better under heavy traffic

Stateful Layer Firewall

Watches traffic streams from end to end


Better at identifying and forged communications

Application Layer Firewall

A form of firewall that controls input, output, and/or access from, to, or by an application or service

Process Stack

Contains a list of all threads currently running in the process space

Stuxnet

Attacked Iran's Nuclear Program


Recorded data operations and caused damage to centrifuges

Zeus

Banking worm that was designed to steal from your banking account


Middle type browser attack to make action for you

Mariposa

Botnet involved in DOS and cyber spamming attacks


Million zombie computers

Storm

Trojan horse that affects Microsoft OS's


Infected things by email message, made zombie network

Bot net

A number of internet computers that have been set up to forward transmissions

Phishing

Usually provides a link to a bogus website through emails in order to gain control of computer

Spoofing

Counterfeits of webpages, emails, or other virtual documents to trick business owner into taking ill-advised actions

Command & Control

The influence an attacker has over a compromised computer system they control

Stealth Mode

Firewall setting, hides ports on your computer from the internet

Promiscuous Mode

Allows a network adapter to pick up all packets even though it's not addressed to the IP

Polymorphic

A virus that includes a scrambled virus body and decryption routine that first gains control of the coputer, then decrypts the virus body

Hash Tables

Passwords that have been hashed, so you can match the hashed file to previously hashed files to figure out the passwords


Hashing

the transformation of a string of characters into a usually shorter fixed-length value

Rainbow Table

Precomputed, for reversing cryptographic hash functions

MBR

Master Boot Record


Loader for the operating system, and a layout of the partition of the drive

SEO

Search Engine Optimization,

using metadata to push results on search engines through keywords and other methods


WEP

Wired Equivalent Privacy


Security algorithm for IEEE 802.11 wireless networks.


Intention was to provide data confidentiality comparable to that of a traditional wired network

WPA

Wi-Fi Protected Access


Intermediate measure to take the pace of WEP pending availability of the full IEEE 802.11i standard

WPA2

Wi-Fi Protected Access 2


requires testing and certification by the Wi-Fi

SQL Injection

A code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution

Cross-Site Scripting

Uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely

Host-Based IDS

Installed in a host and they can monitor traffics that are originating and coming to that particular hosts only

IDS

Intrusion Detection System

Signature-Based IDS

Monitors packets on the network and compares them against a database of signatures or attributes from known malicious threats

Anomaly-Based IDS

Detects computer intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous

Network-Based IDS

Strategically positioned in a network to detect any attack on the hosts of that network, by capturing all data passing through.

Metasploit Framework

A tool for developing and executing exploit code against a remote target machine

Port 21

ftp (file transfer protocol)

Port 22

ssh (secure shell)

Port 23

telnet (remote login)

Port 25

smtp (simple mail transport protocol)

Port 53

dns (domain name service)

Port 80

http (hypertext transfer protocol - webpages)

Port 110

pop3 (post office protocol)

Port 135

netbios (network basic input output system)

Port 139

netbios (network basic input output system)

Port 445

netbios (network basic input output system)

Port 443

https (encrypted webpages, s = secure)

Dual Homed Host

Type of firewall that uses two or more network interfaces, one connection internal, one connection to the internet

NAT

Network Address Translation

IP/UDP vs TCP

Connectionless vs Connection-Oriented

TCP/IP Network Model

Layer 4: Application


Layer 3: Transport


Layer 2: Network


Layer 1: Link

Application Layer

Handles the details of the particular application

Transport Layer

Provides a reliable flow of data between two hosts

Network Layer

Handles the movement of packets

Link Layer

Includes device driver and network interface card (MAC)

Routers

Move packets between networks

Switches

Move packets within networks

TCP

Transport Control Protocol


Three Way Handshaking

UDP

User Datagram Protocol

IP

Internet Protocol

IPv4 Addresses

32 bits long


000 000 000 000 to 255 255 255 255

Port Numbers

16 bits long


0 to 65,535

MAC Addresses

48 bits long in hexadecimal

Encapsulation

Data over Data, Think of a Onion of data

Ping Sweeps

Identify computers are visible

Port Scans

Identify any programs listening for connections

Traceroutes

Identify the route across an IP network

OS fingerprinting

Identifies what operation system is running

TTL

Time to Live

Possible States of a Port

Open


Closed


Filtered

SYN

Synchronize

ACK

Acknowledge

All Important Flags

SYN


ACK


Reset


Urgent Pointer


FIN


Push

Attack Points

Human Access


Physical Access


LAN Access


Remote Access


Wireless Access

Link Farm

A group of sites and webpages hyperlinked to each other to increase page rank

Keyword/Content Stuffing

Hackers add many extra pages to compromised websites that contain keywords to topics

Cloacking

Webserver hosting SEO Poisoned misleading pages

SEO Poisoning

Redirect to a malicious page or fake alert messages