Security+ 7 #2 Flashcards
Split tunneling : client system can access public network and LAN at same time using 1 or more network connections.
GRE : Cisco protocol to encapsulate lots of different data, mainly routing info that passes between VPN-enabled connected networks using PPTP/IPsec.
RADIUS encrypts only password, remainder of packet is unencrypted. TACACS+ encrypts entire packet and provides more types of authentication requests than RADIUS.
info …
DAC : access control policy generally determined by the owner. Owner decides which users have access and what access they can have, these levels of access are stored in ACLs.
MAC : access control policy determined by computer not by user or owner. MAC model defines sensitivity labels assigned to users and objects (files, folders etc). Users label dictates its security level. Access controls in MAC are based on need-to-know info, where user can access only what system considers necessary.
Rule-Based Access Control defines whether access should be granted or denied objects by comparing object label and user label.
info …
Lattice-Based Access Control : used for more complex determinations of object access by users. Advanced Math used to create sets of objects and users and define how they interact.
RBAC : controlled by system not owner or resource. Works with sets of permissions which constitute a role.
ABAC : Access rights are granted to users through the use of multiple policies that can combine various user, group, and resource attributes together.
User Account Control (UAC) is a security component of Windows that keeps every user (besides the actual Administrator account) in standard user mode instead of as an administrator with full administrative rights—even if the person is a member of the administrators group.
info …
Risk register : known as risk log, tracks issues and addresses problems as they occur.
SCRM : when org. collaborates w/suppliers and distributors to analyze and reduce risk.
Risk Assessment : Identify org.s assets, identify vulnerabilities, identify threats and threat likelihood, identify potential monetary impact.
info …
Qualitative risk assessment is an assessment that assigns numeric values to the probability of a risk and the impact it can have on the system or network.
Quantitative risk assessment measures risk by using exact monetary values. It attempts to give an expected yearly loss in dollars for any given risk. It also defines asset values to servers, routers, and other network equipment.
SLE : loss of value in dollars based on a single incident.
ARO : no of times per year that a specific incident occurs.
ALE : total loss of dollars a year due to a specific incident. (SLE x ARO = ALE)
MTBF : avg no of failures per million hours of operation for a product.
MTTR : time needed to repair a failed device. MTTF : measure of reliability for devices that cant be repaired.
info …
Active Scanning (intrusive Scanning) : when hands-on tests are run on system, may require system being taken off network or loss in productivity, is used to find out which open ports are open and what IP addresses are in use in the network on a system.
Passive Scanning (Non-Intrusive Scanning) : when servers, devices and network are not affected by your testing, scans, analysis etc.
Active Fingerprinting : direct connection is made to PC starting w/ICMP requests. Passive Fingerprinting : scanning host sniffs the network by chance classifying hosts as the scanning host observes its traffic on occasion that it occurs.
info …
Management Controls : focus on decisions by management and management of risk, also procedures, policies, legal and regulatory, SDLC, computer security life cycle, info assurance, and vulnerability management/scanning.
Operational Controls : controls executed by people, include user awareness and training, FT and DR plans, incident handling, computer support, baseline config dev., and environmental security.
Technical Controls : logical controls executed by computer system, include authentication, AC, auditing, cryptography. Config of firewalls, session locks, RADIUS servers, RAID 5 arrays and least privilege are also included.
info …
The Open Vulnerability and Assessment Language (OVAL) is a standard designed to regulate the transfer of secure public information across networks and the Internet utilizing any security tools and services available at the time. Include : System Testing info, system state analysis, assessment results reporting.
Banner grabbing is a technique used to find out information about web servers, FTP servers, and mail servers.
info …
Cryptanalysis attack: Uses a considerable set of precalculated encrypted passwords located in a lookup table. These tables are known as rainbow tables, and the type of password attack is also known as precomputation, where all words in the dictionary (or a specific set of possible passwords) are hashed and stored. This is done in an attempt to recover passwords quicker. It is used with the ophcrack and RainbowCrack applications. This attack can be defeated by implementing salting, which is the randomization of the hashing process.
behavior-based monitoring system looks at the previous behavior of applications, executables, and/or the operating system and compares that to current activity on the system.
info …
Security posture assessments (SPAs) use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems.
Protocol Analyzers : Promiscuous mode = network adapter captures all packets that is has access to regardless of the dest. of those packets. Non-promiscuous mode = network adapter captures only packets addressed to it. Can find header manipulation, which can be done by entering unvalidated data into header of packet which can lead to XSS attacks, poisoning attacks, hijacking and cookie manipulation can be corrected/prevented by proper input validation and detected w/protocol analyzer.
info …
