Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

82 Cards in this Set

  • Front
  • Back


Advanced Encryption Standard

128 Bits


Alternate Data Streams

Added to NTFS (Windows File System) in order to improve interoperability with Apple's HFS - and Resource Forks


API Hooking, Can use to intercept calls to the APIs that access OS data structures storing data about files in directories, running processes, and network connections


Closely monitored network decoys serving several purposes

Purpose of Honeypot

-Distract aversaries from more valuable machines on a a network

-Provide early warning about new attack and exploitation trends

-Allow indepth examination of adversaries during and after exploitation of the honeypot


The concept of concealing the meaning of communication by making it more confusing and harder to interpret


Basic Input Output System

Manages data flow between the computer's operating system and attached devices

Slack Space

At the end of files, in unused space between the end of the actual file and the end of the dined data unit(cluster)

Unallocated Space

Unassigned space on a hard drive that the operating system can assign to a program

Stateless Layer Firewall

Watches network traffic, and restricts or blocks packets based on source and destination addresses or other static values

Fast, and perform better under heavy traffic

Stateful Layer Firewall

Watches traffic streams from end to end

Better at identifying and forged communications

Application Layer Firewall

A form of firewall that controls input, output, and/or access from, to, or by an application or service

Process Stack

Contains a list of all threads currently running in the process space


Attacked Iran's Nuclear Program

Recorded data operations and caused damage to centrifuges


Banking worm that was designed to steal from your banking account

Middle type browser attack to make action for you


Botnet involved in DOS and cyber spamming attacks

Million zombie computers


Trojan horse that affects Microsoft OS's

Infected things by email message, made zombie network

Bot net

A number of internet computers that have been set up to forward transmissions


Usually provides a link to a bogus website through emails in order to gain control of computer


Counterfeits of webpages, emails, or other virtual documents to trick business owner into taking ill-advised actions

Command & Control

The influence an attacker has over a compromised computer system they control

Stealth Mode

Firewall setting, hides ports on your computer from the internet

Promiscuous Mode

Allows a network adapter to pick up all packets even though it's not addressed to the IP


A virus that includes a scrambled virus body and decryption routine that first gains control of the coputer, then decrypts the virus body

Hash Tables

Passwords that have been hashed, so you can match the hashed file to previously hashed files to figure out the passwords


the transformation of a string of characters into a usually shorter fixed-length value

Rainbow Table

Precomputed, for reversing cryptographic hash functions


Master Boot Record

Loader for the operating system, and a layout of the partition of the drive


Search Engine Optimization,

using metadata to push results on search engines through keywords and other methods


Wired Equivalent Privacy

Security algorithm for IEEE 802.11 wireless networks.

Intention was to provide data confidentiality comparable to that of a traditional wired network


Wi-Fi Protected Access

Intermediate measure to take the pace of WEP pending availability of the full IEEE 802.11i standard


Wi-Fi Protected Access 2

requires testing and certification by the Wi-Fi

SQL Injection

A code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution

Cross-Site Scripting

Uses known vulnerabilities in web-based applications, their servers, or plug-in systems on which they rely

Host-Based IDS

Installed in a host and they can monitor traffics that are originating and coming to that particular hosts only


Intrusion Detection System

Signature-Based IDS

Monitors packets on the network and compares them against a database of signatures or attributes from known malicious threats

Anomaly-Based IDS

Detects computer intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous

Network-Based IDS

Strategically positioned in a network to detect any attack on the hosts of that network, by capturing all data passing through.

Metasploit Framework

A tool for developing and executing exploit code against a remote target machine

Port 21

ftp (file transfer protocol)

Port 22

ssh (secure shell)

Port 23

telnet (remote login)

Port 25

smtp (simple mail transport protocol)

Port 53

dns (domain name service)

Port 80

http (hypertext transfer protocol - webpages)

Port 110

pop3 (post office protocol)

Port 135

netbios (network basic input output system)

Port 139

netbios (network basic input output system)

Port 445

netbios (network basic input output system)

Port 443

https (encrypted webpages, s = secure)

Dual Homed Host

Type of firewall that uses two or more network interfaces, one connection internal, one connection to the internet


Network Address Translation


Connectionless vs Connection-Oriented

TCP/IP Network Model

Layer 4: Application

Layer 3: Transport

Layer 2: Network

Layer 1: Link

Application Layer

Handles the details of the particular application

Transport Layer

Provides a reliable flow of data between two hosts

Network Layer

Handles the movement of packets

Link Layer

Includes device driver and network interface card (MAC)


Move packets between networks


Move packets within networks


Transport Control Protocol

Three Way Handshaking


User Datagram Protocol


Internet Protocol

IPv4 Addresses

32 bits long

000 000 000 000 to 255 255 255 255

Port Numbers

16 bits long

0 to 65,535

MAC Addresses

48 bits long in hexadecimal


Data over Data, Think of a Onion of data

Ping Sweeps

Identify computers are visible

Port Scans

Identify any programs listening for connections


Identify the route across an IP network

OS fingerprinting

Identifies what operation system is running


Time to Live

Possible States of a Port








All Important Flags




Urgent Pointer



Attack Points

Human Access

Physical Access

LAN Access

Remote Access

Wireless Access

Link Farm

A group of sites and webpages hyperlinked to each other to increase page rank

Keyword/Content Stuffing

Hackers add many extra pages to compromised websites that contain keywords to topics


Webserver hosting SEO Poisoned misleading pages

SEO Poisoning

Redirect to a malicious page or fake alert messages