Security Threat Landscape Flashcards
A Virus requires _________ to spread
Human interaction
What is Data Exfiltration
When data leaves an organization without authorization
Spoofing is where an attacker _____ their identity
fakes
ARP spoofing is a well know _____ _____ _____ ______ attack
man in the middle
False positive vs False negative
False positive - there is NO attack but triggers an alert
False negative - there IS an attack but doesn’t trigger an alert
IPS uses ____ to inspect packets. While Firewalls uses ____ to block traffic
signatures, rules
Stateful Firewalls maintain a ______ ______ which tracks the two-way ‘state’ of traffic passing through the firewall
connection table
Packet Filters don’t _____ the state of two-way connections
track
For stateful firewalls, only ___ ___ is allowed back into the network
valid traffic (traffic already in the connection table)
What are 3 symmetric encryption algorithms
DES, 3DES, and AES
What are 2 Asymmetric Encryption algorithms?
RSA and ECDSA
Hash-Based Message Authentication Codes (HMAC) provide what and uses what kind of encryption?
data integrity, symmetric
What are 2 HMAC algorithms?
MD5, SHA
How does Public Certificate Authorities verify certificate request?
Out-of-band checks before issuing legitimate certificates
For IP sec, what is commonly used to protect against replay attackes
Encapsulating Security Payload (ESP)