Chapter 8 Flashcards
privilege escalation
The act of exploiting a bug or design flaw in a software or firmware
application to gain access to resources that normally would’ve been protected from
an application or user.
radio frequency interference (RFI)
Interference that can come from AM/FM transmissions
and cell towers.
crosstalk
When a signal transmitted on one copper wire creates an undesired effect on
another wire; the signal “bleeds” over, so to speak.
data emanation (or signal emanation)
The electromagnetic field generated by a network
cable or network device, which can be manipulated to eavesdrop on conversations
or to steal data.
Faraday cage
An enclosure formed by conducting material or by a mesh of such material;
it blocks out external static electric fields and can stop emanations from cell phones
and other devices within the cage from leaking out.
butt set (or lineman’s handset)
A device that looks similar to a phone but has alligator
clips that can connect to the various terminals used by phone equipment, enabling a
person to listen in to a conversation.
TEMPEST
Refers to the investigations of conducted emissions from electrical and mechanical
devices, which could be compromising to an organization.
wiretapping
Tapping into a network cable in an attempt to eavesdrop on a conversation
or steal data.
protected distribution system
Security system implemented to protect unencrypted
data transfer over wired networks.
Wi-Fi Protected Setup (WPS)
A simplifi ed way of connecting to wireless networks
using an eight-digit code.
Advanced Encryption Standard (AES)
An encryption standard used with WPA and
WPA2. The successor to DES/3DES and is another symmetric key encryption standard
composed of three different block ciphers: AES-128, AES-192, and AES-256.
Temporal Key Integrity Protocol (TKIP)
An algorithm used to secure wireless computer
networks; meant as a replacement for WEP.
AP isolation
Each client connected to the AP will not be able to communicate with
each other, but they can each still access the Internet.
IV attack
type of related-key attack, which is when an attacker observes the operation
of a cipher using several different keys and fi nds a mathematical relationship
between them, allowing the attacker to ultimately decipher data.