Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
33 Cards in this Set
- Front
- Back
|
Unified threat management (UTM) can create what? |
Can creat a single point of failure. |
|
|
What’s used to prevent session hijacking |
Challenge handshake authentication protocol (CHAP). It periodically reauthenticate to prevent session hijacking |
|
|
SQL injection put text into text——— And cross site scripting put text into text———- |
SQL injection text into text boxes
Cross site scripting put text into text fields. |
|
|
What deals with logs? |
SIEM deals with logs |
|
|
Data at rest |
Data at rest is an inactive data that needs to be encrypted |
|
|
What does protocol analyzer do ? |
Protocol analyzer capture all network traffic |
|
|
NTP |
Network timed protocol when it’s down Kerberos is highly affected |
|
|
Type 1, 2 and 3 authentication |
1= something you know “password” 2= something you have “smart card” 3= something you are “biometric “ retina scan” |
|
|
DevOps |
DevOps is a term for software DEVelopment and information technology Operations. It refers to collaboration between software developers and IT professionals to align software development with infrastructure issues. |
|
|
Smurf attack |
Sending spoofing broadcast messages to the target network router |
|
|
SYN flood |
Large number of SYN packets are sent but not responded to. This leads to a large number of half open connections |
|
|
SQL injection protection against |
Input validation
WAF===web application firewall also protect against specific web attacks. |
|
|
DoS attack is control by ? |
DDOS mitigator |
|
|
Self signed in certificates issued |
Self signed on cert will display error in the browser stating the site is not trusted because the self signed cert is not from a trusted certificate authority . |
|
|
Hashing algorithms
RIPEMD SHA-1 MD5 |
RIPEMD produces 128-160-256 and 320 but message digest.
SHA-1 produces 160-but message digest MD5 produces 128-but message digest . Therefore MD5 produces the least secure hashing algorithm SHA and MD5 have known collision.
NB:::::::::AES Advanced Encryption Standard is a symmetric algorithm used to encrypt data that used the least amount of CPU usage. And also is used to encrypt data that is fast and secure. AES -256 can encrypt data quickly and securely with a USB flash drive.
3DES is also a symmetric algorithm not a hash...! |
|
|
Passive and active information gathering |
Passive information gathering =gathering information using method like social media, IP address etc.
Active information gathering= gathering information using port scanning that actually do connect you to the target. |
|
|
AH and ESP IKE |
AH= authenticating header(only provide integrity)...... will provide complete packet authentication including the header. But will not provide encryption.
ESP= encapsulating security payload provided both integrity and encryption(both authentication and encryption) but only authenticate the data not the header.
IKE====internet key exchange |
|
|
False positive and false negative |
False positive== it claims attack is there but there’s no attack.
False negative= an attack exist but won’t detect it. |
|
|
Rogue access point |
When users are claims are connected to WAP or any networks but does not show that they are connected to it then they are probably connected to a rogue access point . |
|
|
ALE SLE |
Annual Loss expectancy (ALE)
Single loss expectancy (SLE) |
|
|
Evil twin |
Evil twin is a fake / impersonate access point that looks like the legitimate one . This helps the attacker gain information without the end user knowing. Fake access point that appear to have legitimate SSIDs. |
|
|
Symmetric key system Symmetric cipher Symmetric algorithm Asymmetric algorithm Asymmetric key Block cipher and stream cipher |
Symmetric key system uses the same key to encrypt and decrypt data during the transport AES, 3DES, DES, RC4/5/6,IDEA, Blowfish, Twofish. Symmetric cipher and symmetric algorithm: AES, 3DES, DES, RC4/5/6, IDEA, Blowfish, Twofish
Stream cipher:::::bit by bit ....RC4
Block cipher ::::::fixed block...AES,3DES, DES, IDEA, blowfish, Twofish
Asymmetric key public key cryptography use 2 keys are used to encrypt and decrypt::::RSA, ECC, Diffie-Hellman
Asymmetric algorithm::::RSA, ECC, Diffie- hellman
ECC is used for mobile phone and tablet |
|
|
Credentialed and non credentialed |
Credentialed vulnerability scan consists of a scanning computer with an account on the computer being scanned so that the scanner can perform a deeper check for problems not seen from the network.
Non credentialed vulnerability scan provided a quick view of vulnerability by looking at network services that are exposed by the host . |
|
|
WPA2 WEP WPS WPA |
WPA2 is a security standard that secures computers connected to the 802.11n WiFi network. It provides the strongest available encryption for wireless network.
WEP is wired equivalent privacy is a security standard for 802.11b n it provide level security for WLAN
WPS is WiFi protected set up is a network security standard that allows home users to easily add new devices to an existing wireless network without entering long pass phrases . WPS is known to have vulnerability and is not recommended .
WPA is a security standard that has been replaced to WPA2. So therefore WPA should be avoided when setting up wireless company network. |
|
|
EAP-TLS PEAP |
EAP-TLS is a remote access authentication protocol that supports the use of smart cards. It requires both server and client certificates.
PEAP is an encapsulating protocol that uses a certificate on the authentication server and a certificate on the client. It supports password based authentication. |
|
|
PEM PFX DER ***Certificate format *** |
PEM privacy enhanced electronic mail is a certificate used for securing email using public key cryptography
PFX is personal information exchange ..... files are typically used with windows OS
DER==== java |
|
|
Stream cipher example and block cipher examples |
RC4= stream cipher
AES, DES, 3DES= block cipher |
|
|
Chain of custody Order of volatility Legal hold |
Chain of custody refers to the chronological document shoring the custody, control, transfer and disposition of physical or electronic evidence
Order of volatility represent the order in which you should collect evident
Legal hold is a written directive issued by attorneys ordering clients to preserve pertinent evidence in an anticipated litigation, audit or government investigation. This evidence can include paper documents and electronically stored information . |
|
|
——-is used for the establishment of a VPN tunnel using IPSec |
Diffie-Hellman |
|
|
What are the 2 hashes ? And which one is the strongest |
SHA and MD5........... SHA is the strongest ! |
|
|
What allows the certificate holder to get the ocsp record from the server at regular intervals and include it as part of the SSL or TLS handshake ? |
OCSP stapling |
|
|
What key type enables sites to resist impersonation attacks ....? |
Public key pinning |
|
|
What’s the most secured protocol that works with VPN |
IPSec |
