800 Flashcards Preview

Security > 800 > Flashcards

Flashcards in 800 Deck (100):
1

Layer 1 of the OSI Model

Application

2

Layer 2 of the OSI Model

Presentation

3

Layer 3 of the OSI Model

Session

4

Layer 4 of the OSI Model

Transport

5

Layer 5 of the OSI Model

Network

6

Layer 6 of the OSI Model

Data Link

7

Layer 7 of the OSI Model

Physical

8

A network database that contains a listing of all network resources - such as users - printers - groups - and so on.

directory

9

A network service that provides access to a central database of information - which contains detailed information about the resources available on a network.

directory service

10

A method of communication between wireless receivers.

direct-sequence (DS)

11

A communications technology that is used to communicate in the 802.11 standard. It accomplishes communication by adding the data that is to be transmitted to a higher-speed transmission

direct-sequence spread spectrum (DSSS)

12

The act of recovering data following a disaster that has destroyed the data.

disaster recovery

13

The procedure by which data is recovered after a disaster.

disaster recovery plan

14

A means of restricting access to objects based on the identity of subjects and/or groups to which they belong.

Discretionary Access Control (DAC)

15

Technology that keeps identical copies of data on two disks to prevent the loss of data if one disk faults.

disk mirroring

16

Technology that enables writing data to multiple disks simultaneously in small portions called stripes.

disk striping

17

A fault-tolerance solution of writing data across a number of disks and recording the parity on another. In the event any one disk fails - the data on it can be recreated by looking at the remaining data and computing parity to figure out the missing data.

disk striping with parity

18

A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target.

Distributed Denial of Service (DDoS) attack

19

Any server that performs host name-to-IP address resolution.

DNS server

20

An area in the DNS hierarchy that is managed as a single unit.

DNS zone

21

Within the Internet - this is a group of computers with shared traits and a common IP address set.

domain

22

The network service used in TCP/IP networks that translates host names to IP addresses.

Domain Name Service (DNS)

23

A host that resides on more than one network and posses more than one physical network card.

dual-homed host

24

A keyboard and monitor that send keystrokes to a central processing computer (typically a mainframe or minicomputer) that returns screen displays to the monitor. The unit has no processing power of its own.

dumb terminal

25

Looking through trash for clues--often in the form of paper scraps--to users' passwords and other pertinent information.

dumpster diving

26

Two hard drives to which identical information is written simultaneously. A dedicated controller card controls each drive. Used for fault tolerance.

duplexed hard drives

27

Two servers that are identical - for use in clustering.

duplicate servers

28

A protocol used on a TCP/IP network to send client configuration data - including TCP/IP address - default gateway - subnet mask - and DNS configuration - to clients.

Dynamic Host Configuration Protocol (DHCP)

29

A type of firewall used to accept or reject packets based on their contents.

dynamic packet filtering

30

The use of route-discovery protocols to talk to other routers and find out what networks they are attached to. Routers that use dynamic routing send out special packets to request updates from the other routers on the network as well as to send their own updates.

dynamic routing

31

A TCP/IP port used by an application when needed. The port isn't constantly used.

dynamically allocated port

32

Any type of passive attack that intercepts data in an unauthorized manner--usually in order to find passwords.

eavesdropping

33

The interference that can occur during transmissions over copper cable because of electromagnetic energy outside the cable. The result is degradation of the signal.

electromagnetic interference (EMI)

34

A type of public key cryptosystem that requires a shorter key length than many other cryptosystems (including the de facto industry standard - RSA).

Elliptic Curve Cryptosystem (ECC)

35

A header used to provide a mix of security services in IPv4 and IPv6. ESP can be used alone or in combination with the IP Authentication Header (AH).

Encapsulating Security Payload (ESP)

36

The process of translating data into signals that can be transmitted on a transmission medium.

encoding

37

The process of converting data into a form that makes it less likely to be usable to anyone intercepting it if they can't decrypt it.

encryption

38

A string of alphanumeric characters used to decrypt encrypted data.

encryption key

39

The process of luring someone.

enticement

40

The process of encouraging an attacker to perform an act - even if they don't want to do it.

entrapment

41

An attempt to gain information about a network by specifically targeting network resources - users and groups - and applications running on the system.

enumeration

42

The act of moving something up in priority. Often - when an incident is escalated - it's brought to the attention of the next highest supervisor.

escalation

43

A shared-media network architecture. It operates at the Physical and Data Link layers of the OSI model.

Ethernet

44

A level of assurance - expressed as a numeric value - based on standards set by the CCRA (Common Criteria Recognition Agreement).

Evaluation Assurance Level (EAL)

45

Any noticeable action or occurrence.

event

46

A calculation of how much data (or other assets) could be lost from a single occurrence. If all the data on the network could be jeopardized by a single attack - the exposure factor is 100 percent.

exposure factor

47

A threat that originates from outside the company.

external threat

48

Web (or similar) services set up in a private network to be accessed internally and by select external entities - such as vendors and suppliers.

extranet

49

Examining data leaving the network for signs of malicious traffic.

extrusion

50

Programs that provide additional functionality to Web browsers.

Add-ons

51

Part of the TCP/IP protocol for determining the MAC address based on the ip address.

Address Resolution Protocol (ARP)

52

An attack that corrupts the ARP cache.

ARP poisoning

53

Files that are coupled to e-mail messages.

Attachments

54

An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

Buffer Overflow

55

An attack that targets vulnerabilities in client applications that interact with a compromised server or process malicious data.

Client-side Attack

56

A file on a local computer in which a server stores user-specific information.

Cookie

57

Injecting and executing commands to execute on a server.

Command Injection

58

An attack that injects scripts into a Web application server to direct attacks at clients.

Cross-site Scripting (XSS)

59

An attack that attempts to prevent a system from performing its normal functions.

Denial of Service (DoS)

60

An attack that takes advantage of a vulnerability in the Web application program or the Web server software so that a user can move from the root directory to other restricted directories.

Directory Traversal

61

An attack that uses multiple zombie computers (even hundreds or thousands) in a botnet to flood a device with requests.

Distributed Denial of Service (DDoS)

62

An attack that substitututes DNS addresses so that the computer is automatically redirected to another device.

DNS Poisoning

63

A hierarchical name system for matching computer names and numbers.

Domain Name System (DNS)

64

A cookie that is created from the Web site that currently is being viewed.

First-party Cookie

65

A cookie named after the Adobe Flash player.

Flash Cookie

66

A list of the mappings of names to computer numbers.

Host Table

67

Part of HTTP that is composed of fields that contain the different characteristics of the data that is being transmitted.

HTTP Header

68

Modifying HTTP headers to create an attack.

HTTP header manipulaatioon

69

An attack that intercepts legitimate communication and forges a fictitious response to the sender.

Man-in-the-Middle

70

A cookie that is recorded on the hard drive of the computer and does not expire when the browser closes.

Persistent Cookie (tracking cookie)

71

A utility that sends an ICMP (Internet Control Message Protocol) echo request message to a host.

Ping

72

An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.

Ping Flood

73

An attack that exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining.

Privilege Escalation

74

An attack that makes a copy of the transmission before sending it to the recipient.

Replay

75

A cookie that is only used when a browser is visiting a server using a secure connection.

Secure Cookie

76

A cookie that is stored in Random Access Memory (RAM) - instead of on the hard drive - and only lasts for the duration of visiting a Web site.

Session Cookie

77

An attack in which an attacker attempts to impersonate the user by using his session token.

Session Hijacking

78

A form of verification used when accessing a secure Web application.

Session Token

79

An attack that broadcasts a ping request to all computers on the network yet changes the address from which the quest came to that of the target.

Smurf Attack

80

Impersonating another computer or device.

Spoofing

81

An attack that targets SQL servers by injecting commands to be manipulated by the database.

SQL Injection

82

An attack that takes advantage of the procedures for initiating a TCP session.

SYN Flood Attack

83

A cookie that was created by a third party that is different from the primary Web site.

Third-Party Cookies

84

An attack involving using a third party to gain access rights.

Transitive Access

85

A markup language that is designed to carry data instead of indicating how to display it.

XML (Extensible Markup Language)

86

An attack that injects XML tags and data into a database.

XML Injection

87

Attacks that exploit previously unknown vulnerabilities

Zero Day Attacks

88

What are the three vulnerability control types?

Technical - Management and Operational

89

What are the three primary functions of controls?

Preventative - detective and corrective

90

The National Institue of Standards and Technology

NIST

91

Information Technology Laboratory

ITL

92

Uses technology to reduce vulnerabilities.

Technical Control

93

Specifies that individuals or processes are granted only rights and permissions needed to perform their assigned tasks or functions - but no more

Least Privelege

94

Provides protection against infection from malicious software and viruses

Antivirus software

95

Monitors a network or host for intrusions and provides ongoing protection against various threats

Intrusion Detection Systems (IDSs)

96

Restricts network traffic going in and out of a network

Firewall

97

Use planning and assessment methods to provide an ongoing review of the organization's ability to reduce and manage risk.

Management Controls

98

Helps quantify and qualify risks within an organization so that they can focus on serious risks.

Risk assessments

99

Attempts to discover current vulnerabilities

Vulnerability assessments

100

Helps ensure that day-to-day operations of an organization comply with their overall security plan

Operational Controls