3. Security Flashcards
(81 cards)
1
Q
OPSEC
A
Operations Security - Process you use to protect your information
2
Q
Steps of OPSEC (5)
A
- Identification of critical info (identify the assets that would cause you the most harm if exposed)
- Analysis of threats (analyze any threats related to each critical info)
- Analysis of vulnerabilities (analyze the vulnerabilities int he protections you’ve put in place to secure your info assets. HOW YOU INTERACT W/ ASSETS)
- Assessment of risks (what issues you need to address in the rest of the ops sec process. RISK OCCURS WHEN YOU HAVE A MATCHING THREAT AND VULNERABILITY)
- Application of COUNTERMEASURES (when you construct countermeasures for a risk, you need to mitigate either the threat or the vulnerability at a min)
3
Q
Laws of OPSEC - Kurt Haase (3)
A
- Know the threats “If you don’t know the threat, how do you know what to protect?”
- Know what to protect (determine critical info)
- Protect the information
4
Q
Purple Dragon
A
Code study during the Vietnam War. Coined the term OPSEC
5
Q
Competitive Intelligence
A
Conducting intelligence gathering and analysis to support business decisions
6
Q
Competitive Counterintelligence
A
Managing info gathering activities directed at an organization
7
Q
OpSEC Support Staff (IOSS)
A
Provide multiple agencies w/ a wide variety of security awareness and trainings
8
Q
Social engineering attacks
A
manipulate people to gain info/access to facilities
9
Q
HUMINT
A
Human Intelligence - gathered by talking to people, torture, tricking people w/ scams
10
Q
OSINT
A
Open Source Intelligence - info collected from publicly available sources
11
Q
Metadata
A
Data about data found in almost any file
Ex forensic tool: EnCase
12
Q
EXIF data
A
Image/video file metadata
13
Q
Shodan
A
Search engine of service banner which are metadata that the server sends back to the client.
Web based search engine that looks for info saved on internet connected devices.
14
Q
FTP
A
File Transfer Protocol
15
Q
GEOINT
A
Geospatial info from satellites
16
Q
MASINT
A
Measurement and signature from sensors
17
Q
RADINT
A
Radar info
18
Q
TECHINT
A
Technical info about equipment, tech, and weapons
19
Q
FININT
A
Financial info about financial dealings
20
Q
CYBINT/DNINT
A
Cyber/Digital Network info from comp systems/networks
21
Q
Pretexting
A
Social engineering attack that utilizes credible scenarios to lure people into disclosing sensitive info
22
Q
Phishing
A
Social engineering technique that uses electronic communications to carry out an attack that is broad in nature
23
Q
Tailgating
A
Following someone through an access control point
24
Q
Malware
A
Application that makes unauthorized changes to a device
25
Clean desk policies
Sensitive info shouldn't be left out/unattended
26
BCP - Business continuity planning
Plans put in place to ensure that critical business functions can continue in a state of emergency
27
DRP - Disaster recovery planning
Plans put in place to prepare for a potential disaster. What to do during and after.
28
Types of physical security controls (3)
Deterrent
Detective
Preventive
29
Magnetic Media
Use movement and magnetically sensitive material to record data
Ex: hard drives, tapes
30
Flash Media
Media that stores data on NONVOLATILE memory chips
Cheaper and faster
31
Optical Media
Ex: CD, DVDs
Fragile
32
RAID/RAID array
Redundant arrays of inexpensive disks - method of copying data to more than 1 storage device
33
Computer Network
Group of computers/other devices that are connected to facilitate the sharing of resources
34
DDoS
Distributed denial of service attacks
35
Network Segmentation
Network design factor that controls the flow of traffic between subnets to prevent attacks and boost network performance
36
Firewalls
Mechanism for controlling network traffic. Natural segmentation where level of trust changes.
37
Types of firewalls (4)
Packet Filtering
Stateful Packet Inspection
Deep Packet Inspection
Proxy Servers
38
Deep Packet Inspection Firewalls
Analyze content of traffic and can reassemble the content to determine what will be delivered to the destination application
39
Disaster Recovery
Steps and organization will take during a state of emergency to REPLACE IT INFRASTRUCTURE
40
Stateful Packet Firewall
Monitors and defends a system based on traffic patters over a given connection
41
Packet Filtering
Makes a determination on each packet individually based on the source and destination IP addresses, port #, and protocol used
42
Proxy Servers
Pertain specifically to applications. "Choke point". Log traffic for later inspection. Single source for requests.
43
DMZ
Demilitarized zone - Creates a zone that allows public facing servers to be accessed from the outside while providing protection and restricting traffic
44
IDS
Network Intrusion Detection Systems
45
Signature-based IDS
Maintain a database of the signatures that might signal an attack and compare incoming traffic to those signatures
46
Anomaly-based IDS
Determine normal kinds of traffic/activity taking place on the network then measure present traffic against this.
Can produce a larger number of false positives
47
VPN
Virtual private network - encrypted connection between 2 points
48
Packet Sniffer
Network/protocol analyzer tool that can intercept traffic on a network
Ex: TcpDump, Ethereal, Wireshark, Kismet
49
Honeypots
Network security tool that deliberately configures a system w/ fabricated vulnerabilities to detect and monitorthe activities of an attacker
50
Buffer overflow attack
Inputting more data than an application is expecting
51
HIDS
Host Intrusion Detection - Analyze activity on or directed at the network interface of a particular host
52
Centrally Managed
Devices are under control of 1 main system that maintains them
53
Baseband Operating System
Runs on it's own processor and generally handles the phone's hardware
54
Supervisory Control and Data Acquisition System
Industrial control system that monitors and controls systems over long distances, often those related to utilities and other infrastructure
55
Embedded Devices
Computer contained inside another device
56
How to counteract a buffer overflow/buffer overrun attack?
Bounds checking
57
Input validation attacks AKA Format string attacks
When certain print functions within a programming language can be used to manipulate/view internal memory of an app
58
Software development vulnerabilities (6)
Buffer overflows
Race conditions
Input validation attacks
Authentication attacks
Authorization attacks
Cryptographic attacks
59
AES
SYMMETRIC ALGORITHM
STANDARD US ENCRYPTION)
Advanced Encryption Standard (Cryptographic attack)
60
Client-Side Attacks (3)
XSS (Cross-site scripting)
XSRF (Cross-site request forgery)
Clickjacking
61
XSS
Cross-site scripting - attack carried out by placing code in the form of a scripting language into a Web Page or other media that is interpreted by a client browser
62
XSRF
Cross-site request forgery - attack of a planed line on a Web Page in a way that will be automatically executed in order to initiate a particular activity on another page/app where the user is authenticated
63
Clickjacking
Attack takes advantage of graphical display capabilities of browsers to click something we wouldn't normally. Another layer over the web page.
64
Server-side attacks (3)
Lack of input validation (Directory traversal attacks)
Improper/Inadequate permissions
Extraneous files (server moved from development to production, files not directly related to the running of the site)
65
Database Vulnerabilities (4 main branches)
Protocol issues
Unauthenticated access
Privilege escalation
Arbitrary code execution
66
Port 443
Provides HTTP Secure Services, which web pages secured with secure socket layer and or transport layer security
67
TCPdump
Data network packet analyzer that runs under a cmd line interface
68
RSA
Asymmetric encryption to secure web and email traffic
69
What does endpoint protection help reduce?
Malware
70
Residual Data
Leftover info after erasing a hard drive
71
WPA3
Wireless protocol
72
System hardening
Done to an organizations attack surface to protect its devices and network
73
When are software updates performed?
After testing and vetting
74
Port 53
Needs to be removed when running a web server
75
Core Impact - Exploit framework
Centralized penetration testing that enables security teams to conduct multi-phased penetration tests
76
What control protects against authorization attacks?
Principle of least privilege
77
Wireshark
Packet sniffer used to monitor web traffic. Can intercept and troubleshoot traffic from wired and wireless sources.
78
Burp Suite
Web assessment and analysis tool that looks for issues on websites such as XSS or SQL injection flaws
79
Fuzzer
Analysis tool that bombards applications with all manner of data and inputs from a wide variety of sources in the hope that the application will fail/perform in unexpected ways
80
Port 80
Provides HTTP Services - Web content
81
Port 22
Provides remote access services and is secured with Secure Shell
