Network Risk Management Flashcards
(35 cards)
the list of statements on a router to permit/deny traffic
ACL (access control list)
a myriad of small, simple requests that all result in giant responses
amplification attack
the filter takes applications into consideration
application aware
gives the firewall application awareness
Application Control
software security flaws
backdoor
a group of computers in coordinated DDoS attacks without knowledge
botnet
a document to make employees aware that their computer and equipment use will be monitored
consent to monitoring
A system becomes inundated with service requests and ceases to respond
Denial of Service attack
software on a device that allows it to access the network, subsequently uninstalls
dissolvable agent
multiple hosts inundate a target with traffic
Distributed attakc
a DoS attack bounced off of uninfected computers (reflectors) before arriving at the target.
Distributed reflector attack
A switch security feature to monitor ARP messages and detect phony ones
Dynamic ARP inspection
Implementation of TEMPEST to protect against RF emanation
emission security
causing the target’s computer screen to fill with garbage
flashing
An FTP client specifies a different host’s IP address and port number for data destination.
FTP bounce
scanning for malware-like behavior
heuristic scanning
runs on a single computer, alerts about intrusions
HIDS (host-based intrusion detection system)
runs on a single computer, intercepts intrusions
HIPS (host-based intrusion prevention system)
dedicated service to monitor traffic and alert
IDS (intrusion detection system)
dedicated service to prevent malicious traffic
IPS (intrusion prevention system)
a virus in a macro that executes when a program is in use
macro virus
a person captures or redirects secure data while in transit
man-in-the-middle attack
combines known scanning techniques and exploits to explore potential exploits
metasploit
employs network policies to determine a device’s access permissions.
NAC (network access control)
