Security + Flashcards Preview

Echo > Security + > Flashcards

Flashcards in Security + Deck (31)
Loading flashcards...
1

What is the CIA triangle?

Confidentiality, Integrity, Availability. Loss of one one can lead to another.

2

What are causes of compromised security?

Technology weaknesses, Configuration weaknesses, Policy weaknesses, Human Error or malice

3

What are some of the biometric devices used?

Fingerprint scanner, hand geometry scanner, eye scanner (including retina and iris scanners), voice verification, signature verification, and DNA scan

4

What are some Malware varieties?

Virus, Worm, Trojan horse, Logic bomb, Rootkit, Spyware, Adware, Keylogger, Botnet, Backdoor, Drive by download, zero day exploit

5

What is a virus?

A computer virus is a destructive application that is loaded on your computer. A virus is a program, not data, and you can only catch a virus by running a program.

6

Describe the structure of a virus

Replication - viruses must propagate themselves. Payload - the malicious activity a virus performs when triggered. Payload trigger - The date or counter or circumstances present when a virus payload goes off.

7

What is DoS?

Denial of Service

8

What is DDoS?

Distributed denial of service

9

Name some examples of payload

Displaying messages, launching DDoS attack Erasing files randomly by type or usage, formatting hard drive, overwrite mainboard bios, sending email, expose private information

10

What is encryption?

Converting to unreadable format

11

Decryption

Converting back to readable format

12

Algorithm

Procedure for encrypting or decrypting

13

Cipher

Pair of encryption and decryption algorithms

14

Cryptography

Science of encryption

15

Phishing

the activity of defrauding an online account holder of financial information by posing as a legitimate company

16

Whaling

A type of fraud that targets high-profile end users

17

Vishing

The act of using the telephone in an attempt to scam the user into surrendering private information

18

Steganography

Hidden messages, often plain text, concealed in images etc.

19

Hashes

Fixed length derivation of plaintext

20

Three factors for authentication

biometrics, cac card, password (something you are, something you have, something you know)

21

What is the biggest authentication vulnerability

Failed password attempts that don't result in banning

22

What are some authentication vulnerabilities

Short and insecure passwords, reusing passwords, saved passwords, protocol and algorithm deficiencies, failed attempts that dont result in banning

23

How many anivirus and anti spyware programs should you have?

one antivirus, and as many anti spyware as you want

24

Give an example of a two factor password

CAC followed by biometrics

25

What is a trojan horse?

A backdoor installed into your computer so that it can be controlled

26

What is a worm?

Like a virus, but it self replicates continuously until it eventually crashes your computer

27

When updating BIOS, what do you not want to do?

Do not turn off computer

28

What is a botnet?

a network of private computers infected with malicious software and controlled as a group without the owners' knowledge, e.g., to send spam messages

29

Give some examples of physical access control

ID badges, proximity cards, smart cards, physical tokens, common access cards, biometrics

30

What does social engineering mostly exploit?

Exploits trust between people