• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

Card Range To Study



Play button


Play button




Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

64 Cards in this Set

  • Front
  • Back


Acknowledgement Number

connection-oriented protocol

TCP -means the sender doesn't send any data to the destinations node until the destination acknowledges that its listening to the sender.

connectionless protocol

User Datagram Protocol - operates on transport layer- used for speed

Initial Sequence Number (ISN)

is a 32 bit number, Track packets received by a node, allows reassembly of large packets that were broken into smaller packets,

It is in steps 1 and 2 of the TCP three way handshake. sent SYN and returned in the SYN ACK packet.

Internet Assigned Numbers Authority ,(IANA)

The global coordination of the DNS Root, IP addressing numbers.

Internet Control Message Protocol (ICMP)

Helps troubleshoot network connectivity problems, ping command, tracks the route a packet traverses, traceroute command

TCP three way handshake

computer A sends computer B a SYN packet

computer B replies with a SYN-ACK packet

Computer A replies with an ACK packet

SYN Packet

Synchronized message to the server


Logical, not physical, TCP connection component, identifies running service, helps you stop or disable unneeded services more running services, more ports open for attack.

TCP packet

Two 16-bit fields, contains source and destination port numbers


Language used by computers to communicate

Transmission Control Protocol/ Internet Protocol (TCP/IP)

Most widely used

TCP/IP Stack

4 Distinct Layers:





TCP Flag

Each flag occupies one bit of the TCP segment,


SYN flag- synch flag

ACK flag- acknowledgement flag

PSH flag-push flag

URG flag-urgent flag

RST flag- reset flag

FIN flag- finish flag

Port 25

Simple Mail Transfer Protocol (SMTP)

email servers listen on this port

Port 53

Domain Name Service (DNS)

Used to connect users to web sites using URLS instead of IP addresses.

Port 80

Hypertext Transfer Protocol (HTTP)

used when connecting to a Web Server

Port 443

Secure Hypertext Transfer Protocol

reserved for secure connections to a Web server

Port 110

Post Office Protocol 3 (POP3)

Used for retrieving e-mail

User Datagram Protocol (UDP)

Fast but unreliable delivery protocol

Operates on transport layer

used for speed

does not need to verify if receiver is listening or ready, connectionless protocol

IP Address

Class A 1-126, Class B 128-191, Class C 192-223

It is composed of 4 bytes, one byte is equal to 8 bits which is an octet

Class C

supports 254 host computers

HEX C1, DEC 193

BIN 1100 0001


installed without users being aware, determines users purchasing habits, slows down computers


Any attempt by an unauthorised person to access damage, or use network resources. Usually happens when a weakness or a vulnerability is exploited.


allows attackers remote access also called rootkits they are created after an attack and usually hide in OS tools, delivered through trojan programs

bot net

a network of private computers infected with malicious software and controlled as a group without the owners knowledge, ex to send spam


A specially crafted string of data intended to take advantage of a vulnerability.

Network Security

Concern with security of network infastructure

Computer Security

Concern with security of a stand alone computer, not part of a network Infrastructure.

Denial of Service Attacks

Prevents legitimate users form accessing network resources

Attackers do not attempt to access information, may just want to cripple the network

Distributed Denial of Service Attacks

Attack on host from multiple servers or workstations,

network could be flooded with billions of packets resulting in a loss of bandwidth and degradation or loss of speed. Participants are not aware they are part of the attacks.

Dark DDoS

It is a smokescreen to distract network defenders form the real attack occuring.

Buffer Overflow Attacks

Attacker finds a vulnerability in poorly written code, no check for amount of memory space use, it fills the buffer with executable code, os runs the code and code elevates attackers permissions to administrator or owner or creator


Attacker listens in on unencrypted network communications, to gather information that can be used to extend attack. This is accomplished with sniffing tools designed to capture copies of packets being sent across a network. Must encrypt communications.

Man in the Middle

Attacker injects themselves between two parties or systems communicating in order manipulating messages being passed back and forth.

Network Session Hijacking

Attacker joins TCP session and makes both parties think he or she is the other party, Complex attack

Ping of death attack

Type of DOS attack not as common since the late 1990s, attacker creates large ICMP packet , it is then segmented and then reassembled as an oversize packet that the Destination point cant handle.


Malicious software that attacks a network which prevents a business from operating. Viruses, worms, Trojan programs, and the main goal is to make money.


A program that attaches itself to a file or another program. Needs host to replicate, Does not stand on its own, no foolproof prevention method. Phishing and ransomware.

Antivirus programs

Detection based on virus signatures, must update periodically. Run a base 64 decoder on email attachments to see if malware or viruses are detected.

Macro virus

A virus encoded as a macro in programs that support a macro programming language. basically a list of commands can be use in destructive ways. Instructions posted on websites.


A program that replicates and propagates without host. , theoretically can infect every computer in the world. Some worms have cost businesses billions. caused by down computer time, recovering lost data and hiring of IT personnel.

Trojan Programs

Insidious attacks against networks and computers, disguise themselves as useful programs, can install backdoors and rootkits.

prevent with good software and hardware firewall.trojans can use port 80 and port 53.


Sends information form infected computer to attacker, ex. financial data, passwords, pins and can register each keystroke entered.


Allows only approved programs to run on computers


Used to capture keystrokes on a computer, software-loaded on Computer, hardware- easy to install device between keyboard and computer. also available as spyware and can be sent over e-mail.

Shell (Backdoor)

Malicious piece of code that can be uploaded to site to gain access to files stored on the site. Once uploaded hacker can use it to edit, delete, or download any files on the site. Usually uploaded to websites to gain root access to the site.


Bots that perform malicious tasks allowing an attacker to take complete control over an infected computer which gives the attacker complete control turning the computer into a zombie.


type of software application or script that performs tasks on command like indexing a search engine and good at performing repetitive tasks.


type of malicious software designed to block access to a computer system until a sum of money is paid.

Competitive Intelligence

Gathering information using technology


Text file generated by a web server, stored on users web browser used to customize web page when user returns

Dumpster Diving

Attacker finds information in victims trash, ex computer manuals, passcodes jotted down, company phone directories, resumes, finacial reports, Format disks before disposing them.


finding information on company's network, passive and nonintrusive, may also be called reconnaissance.


Trailing closely behind an employee cleared to enter restricted areas.


Email urging you to update account details, send you to visit a fake web site.

Spear phishing

Combines social engineering and exploiting vulnerabilities. Email attacks directed at specific people.

Shoulder surfing

reads what users enter on keyboards, uses binoculars and knows popular letter substitutions.

social engineering

Targets the human component of a network, goal is to obtain confidential information and other personal information. Gained persuasion, coercion, intimidation, and extortion. Biggest security threat, most difficult to protect against. Study of human behavior.

Web Bug

1x1 pixel image file, usually works with a cookie, clear gif, to be invisible to users, similar to spyware or adware.


Also called web crawler, it is an internet bot that systematically browses the internet typically for the purpose of web indexing. can validate hyperlinks and html code.

Zone Transfers

It is the process, After determining what name server a company is using, you can attempt to transfer all the records for which the DNS server is responsible.


Domain Name System, resolves host names to IP addresses, people prefer url's to IP addresses. DNS is vulnerable for network attacks.