Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
15 Cards in this Set
- Front
- Back
|
Password History |
Password history defines the number of previous passwords that must have defined before a user can use the same password again . |
|
|
Nmap |
Port scanning tool |
|
|
Nessus |
Vulnerability tool |
|
|
Metasploit |
Penetration tool |
|
|
Telnet should not be used in network due to its ......... |
Weak security posture . |
|
|
Behavior based detection |
Means that the engine is trained to recognize baseline traffic or expected events associated with a user account or network device. |
|
|
Heuristic |
Heuristic analysis determines wether several observed data points constitute an indicator and whet their related indicators make up incident depend on a good understanding of the relationship between the observed indicators . |
|
|
Anomaly |
Defining an expected outcome or pattern to events and identifying any event that do not follow these pattern |
|
|
MD5 SHA-1 SHA-2 |
MD-5======128-bit fixed SHA-1======160 SHA-2======256 |
|
|
Order of volatility |
Cache, RAM, swap file, hard drive/USB |
|
|
Risk appetite Risk acceptance |
Risk appetite describes how much risk organization is willing to accept
Risk acceptance is the act of accepting the identified risk and not taking additional actions to reduce the risk because the risk is low enough . |
|
|
Tokenization Data masking Data minimization Data anonymization |
Tokenization means that all or part of data in a field is replaced with a randomly token.
Data masking can mean that all or part of a field content is redacted by substituting all character strings with x
Data minimization involves limiting data collection to only what is required to fulfil a specific purpose .
Data anonymization is the process of removing personally identifiable information from data sets so that the people whom the data describe remain anonymous . |
|
|
Advanced persistent threat |
APT is very sophisticated and have financial and technical resources provided by the government . Typically sponsored by nation or state |
|
|
Hacktivist |
Motivated by a social issue or political cause. |
|
|
Smurf’s attack |
“”Flood of packets”” |
