ICTL
Port Forwarding
- Settings of the router which designates ports to be open for specific services, which then sends it on the the destination. - It allows remote computer to connect to a private computer.
FTP (File Transfer Protocol)
- TCP Port 21 (data port 20) - A format and set of rules for transferring files from a host to a remote computer - Typical usage is to upload files to a web server. - It uses a separate port for data and communications.
SMTP (Simple Mail Transfer Protocol)
- TCP Port 25 - Protocol used to transfer mail between network destinations.
Power over Ethernet
- A option in some devices to provide power to a device through the twisted pair CAT5 connection or higher. - Generally found on a switch based on hardware specifications.
connectionless
A type of Transport layer protocol that services a request without requiring a verified session and without guaranteeing delivery of data.
block cipher
A type of algorithm that encrypts a number of bits as individual units known as blocks.
stream cipher
A type of algorithm that encrypts each byte in a message on at a time.
IPsec
(IP security (IPsec) A type of VPN that provides confidentiality, integrity, and authentication.
IntServ
(Integrated Services) Often referred to as hard QoS, because IntServ can make strict bandwidth reservations. IntServ uses signaling among network devices to provide bandwidth reservations. Resource Reservation Protocol (RSVP) is an example of an IntServ approach to QoS. Because IntServ must be configured on every router along a packet's path, a primary drawback of IntServ is its lack of scalability.
AUP
(acceptable use policy) Identifies what users of a network are and are not allowed to do on that network. For example, retrieving sports scores during working hours via an organization's Internet connection might be deemed inappropriate by an AUP.
Switch
- A central network device to connect devices on the same subnet. Sends packets of data between devices within a network. Switches send packets directly to the correct machine. - Due to a system of logging MAC addresses for devices along the network, information sent from one port will only be forwarded to the receiving port. - Operates in full duplex mode since it has separate channels for sending and receiving.
SC (subscriber connector or standard connector)
- A connector used with single-mode or multimode fiber-optic cable. - Snap-in with 2.5 mm ferrule.
In virtualization, what are the host and guest?
- A guest is a virtual machine - The host is the machine that runs the virtual machines
Unix is:
- A trademark - An operating system
Dynamic IP
- IP address assigned by DHCP server. - This method insures there are no overlapping IP addresses within a network.
Linux is not Unix because:
- It hasn't undergone certification
RJ-11
- Most commonly used twisted pair connector for telephone lines and modems.
MAN (metropolitan area network)
- Much like a WAN, this is a network that covers a geographic area such as a city. - It interconnects multiple LANs for the purpose of shared network throughout the region.
Hybrid Topology
- Network topology which combines the use of multiple topology methods.
Mesh Topology
- Network topology which connects each device with one another. - This type has fault tolerance because if a path is down it can reroute through many others.
Which of the following are examples of a web server?
- Nginx - Apache
What are tradeoffs of increasing the level of privacy you have in your web browser?
- Sites may not work properly - You may have to explicitly permit some cookies to be saved
Router Channels
- Specifies portion of wireless frequencies used for a specific router in order to avoid overlapping and causing connectivity issues, especially when dealing with multiple access points.
POP3 (Post Office Protocol, v3)
- TCP Port 110 - Protocol used to retrieve emails from a mail server. - This protocol typically downloads the email and removes it from the server. It is not preferred if you plan to access the email from multiple devices.
VoIP Phones
- Telephone service that operates over an internet connection rather than through an analog signal.
Cable Internet
- Type of internet service that runs over a cable TV network. - The accepted standard for most internet connections today, as it is reliable and fast.
Which of the following are examples of text editors?
- emacs - pico - vim - nano
IMAP (Internet Message Access Protocol)
-TCP Port 143 - Protocol used to retrieve emails from a mail server. - This protocol allows you to synchronize with the mail server and have updated access from multiple devices.
Advantages of a Computer Network
1. File Sharing 2. Resource Sharing 3. Sharing a single internet connection 4. Increasing storage capacity 5. Inexpensive to operate
Class A
10.0.0.0-10.255.255.255
Kilobyte
1024 bytes
Megabyte
1024 kilobytes
Class B
172.16.0.0-172.31.255.255
Class C
192.168.0.0 - 192.168.255.255
Our responsibility to protect a citizens/soldiers private information stored on an automated information system is outlined in The Privacy Act of ___________.
1974
Byte
8 bits
Secure Sockets Layer (SSL)
A cryptographic protocol that provides secure Internet communications such as web browsing, instant messaging, e-mail, and VoIP.
point-to-point
A data transmission that involves one transmitter and one receiver.
web of trust
A decentralized model used for sharing certificates without the need for a centralized CA.
Security Specifications
A detailed description of the safeguards required to protect a system
Packet Sniffer
A device or program that monitors the data traveling between computers on a network
WAP (Wireless Access Point)
A device that connects to a wired network and provides access to that wired network for clients that wirelessly attach to the (AP) access point.
media converter
A device that enables networks or segments using different media to interconnect and exchange signals.
Power Supply
A device that provides power to a computer.
multiplexer (mux)
A device that separates a medium into multiple channels and issues signals to each of those subchannels.
demultiplexer (demux)
A device that separates multiplexed signals once they are received and regenerates them in their original form.
transceiver
A device that transmits and receives signals.
vampire tap
A device used to add computers to a 10BASE5 network. It pierces the copper conductor of a coaxial cable and can also be used for malicious purposes.
ISDN (Integrated Services Digital Network)
A digital telephony technology that supports multiple 64-kbps channels (known as bearer channels or B channels ) on a single connection. ISDN was popular back in the 1980s for connecting PBXs, which are telephone switches owned and operated by a company, to a telephone company's central office. ISDN has the ability to carry voice, video, or data over its B channels. ISDN also offers a robust set of signaling protocols: Q.921 for Layer 2 signaling and Q.931 for Layer 3 signaling. These signaling protocols run on a separate channel in an ISDN circuit (known as the delta channel , data channel , or D channel ).
hertz (Hz)
A measure of frequency equivalent to the number of amplitude cycles per second.
FM (frequency modulation)
A method of data modulation in which the frequency of the carrier signal is modified by the application of the data signal.
RSA
A public key cryptography, asymmetric encryption algorithm created by Rivest, Shamir, Adleman. It is commonly used in e-commerce. Uses the product of two very large prime numbers with an equal length of between 100 and 200 digits. Browsers use it to establish a secure connection
serial
A style of data transmission in which the pulses that represent bits follow one another along a single transmission line. In other words, they are issued sequentially, not simultaneously.
TIA (Telecommunications Industry Association)
A subgroup of the EIA that focuses on standards for information technology, wireless, satellite, fiber optics, and telephone equipment.
Tree Topology
A tree topology combines characteristics of linear bus and star topologies. It consists of groups of star-configured workstations connected to a linear bus backbone cable. Tree topologies allow for the expansion of an existing network, and enable schools to configure a network to meet their needs. pros - Point-to-point wiring for individual segments. - Supported by several hardware and software venders. cons - Overall length of each segment is limited by the type of cabling used. - If the backbone line breaks, the entire segment goes down.
Layer 2 Tunneling Protocol (L2TP)
A tunneling protocol used to connect virtual private networks. It does not include confidentiality or encryption on its own. It uses port 1701 and can be more secure than PPTP if used in conjunction with IPsec.
Cat 7 (Category 7)
A twisted pair cable that contains multiple wire pairs, each separately shielded then surrounded by another layer of shielding within the jacket. It can support up to a 1-GHz signal rate. But because of its extra layers, it is less flexible than other forms of twisted pair wiring.
Wireless Access Point (WAP)
A wireless transmitter which allows devices with a wireless NIC to connect to a network.
rollover cable
A type of cable in which the terminations on one end are exactly the reverse of the terminations on the other end. It is used for serial connections between routers and consoles or other interfaces.
Unix was originally invented at:
AT&T Bell Labs
Cat
Abbreviation for the word category when describing a type of twisted pair cable.
shutdown /a
Abort the shutdown countdown
CRC (cyclic redundancy check)
An algorithm (or mathematical routine) used to verify the accuracy of data contained in a data frame.
birthday attack
An attack on a hashing system that attempts to send two different messages with the same hash function, causing a collision.
cross-site request forgery (XSRF)
An attack that exploits the trust a website has in a user's browser in an attempt to transmit unauthorized commands to the website.
EMI (electromagnetic interference)
A type of interference that may be caused by motors, power lines, televisions, copiers, fluorescent lights, or other sources of electrical activity.
private key
A type of key that is known only to a specific user or users who keep the key a secret.
public key
A type of key that is known to all parties involved in encrypted transactions within a given group.
Cipher
An algorithm that can perform encryption or decryption.
Temporal Key Integrity Protocol (TKIP)
An algorithm used to secure wireless computer networks; meant as a replacement for WEP.
UPS (Uninterruptable Power Supply)
An appliance that provides power to networking equipment in the event of a power outage.
pop-up blocker
An application or add-on to a web browser that blocks pop-up windows that usually contain advertisements.
Mantrap
An area between two doorways, meant to hold people until they are identified and authenticated.
quantitative risk assessment
An assessment that measures risk by using exact monetary values.
Threat
Any circumstance or event with the potential to adversely impact an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service.
Output Device
Any device that presents data from the computer to the user.
Input Device
Any device used to enter raw information into a computer.
DTE (data terminal equipment)
Any end-user device, such as a workstation, terminal (essentially a monitor with little or no independent data-processing capability), or a console (for example, the user interface for a router).
Sensitive Data
Any information, the loss, misuse, modification of, or unauthorized access to, could affect the national interest or the conduct of Federal programs, or the privacy to which individuals are entitled under Section 552a of Title 5, U.S. Code, but has not been specifically authorized under criteria established by an Executive order or an act of Congress to be kept classified in the interest of national defense or foreign policy.
Replicator
Any program that acts to produce copies of itself. Examples include; a program, a worm, or virus
Five Layers of Internet Model (Protocol Stack)
Application, Transport, Network, Link, Physical
personal firewall
Applications that protect an individual computer from unwanted Internet traffic; they do so by way of a set of rules and policies.
Tier-1 ISP
Are national ISPs that connect together and exchange data at NAPs.
redundant power supply
An enclosure that contains two complete power supplies, the second of which turns on when the first fails.
Pretty Good Privacy (PGP)
An encryption program used primarily for signing, encrypting, and decrypting e-mails in an attempt to increase the security of e-mail communications.
Advanced Encryption Standard (AES)
An encryption standard used with WPA and WPA2. The successor to DES/3DES and is another symmetric key encryption standard composed of three different block ciphers: AES-128, AES-192, and AES-256.
Public Key Infrastructure
An entire system of hardware and software, policies and procedures, and people, used to create, distribute, manage, store, and revoke digital certificates.
Secondary storage
Backing storage- for when data is no longer being actively used.
vulnerability assessment
Baselining of the network to assess the current security state of computers, servers, network devices, and the entire network in general.
The Data Hierarchy Terms across the layers
Bits -> Frames -> Datagrams -> Segments -> Messages
Ports
Blocking or disabling ports of servers that are connected. Maintain the kind of data flow you want to see and close down possible entry points for hackers.
How are Trojan horses, worms, and malicious scripts spread?
By email attachments
Linux is written in:
C
Network Cabling
Cable is the medium through which information usually moves from one network device to another.
route command
Can add, modify, or delete routes in the IP routing table of Microsoft Windows ® and UNIX hosts. Additionally, the route command can be used to view the IP routing table of Microsoft Windows ® hosts.
ARP command
Can be used in either the Microsoft Windows ® or UNIX environment to see what a Layer 2 MAC address corresponds to a Layer 3 IP address.
netstat command
Can display a variety of information about IP-based connections on a Windows or UNIX host.
nslookup command
Can resolve a FQDN to an IP address on Microsoft Windows ® and UNIX hosts.
dig command
Can resolve a FQDN to an IP address on UNIX hosts.
host command
Can resolve a FQDN to an IP address on hosts.
CD
Change into directory or out of directory (aka drills down into a directory folder) example C:\Users\administrator>CD Documents example C:\Users\administrator\documents
Datagram
Chunks from the transport layer segment encapsulated within a network-layer packet
A license where you don't have access to the source code is called:
Closed source
Shared Medium
Coaxial Cable, from sender to multiple recievers
coaxial cable
Coaxial cables have a copper wire running through the middle encased in plastic insulation. - the metal braid acts as a shield against electromagnetic interference. - longer cable - hard to bend
logic bomb
Code that has, in some way, been inserted into software; it is meant to initiate some type of malicious function when specific criteria are met.
Worm
Code that runs on a computer without the user's knowledge; they self-replicate, whereas a virus does not.
xcopy
Command in the command-line interface used to copy multiple directories at once. Not only files but entire directories. -s/ means sub-directory usually used with xcopy to copy all the subdirectory folders within a root directory (along with root directory).
PPPoE (Point-to-Point Protocol over Ethernet)
Commonly used between a DSL modem in a home (or business) and a service provider. Specifically, PPPoE encapsulates PPP frames within Ethernet frames. PPP is used to leverage its features, such as authentication.
Stateful Inspection
Compares certain key parts of the packet to a database of trusted information
CISC
Complex Instruction Set Computer
Browser/ Browser Settings
Configuration strategy to manage the risk associated with active content while still enabling trusted sites
wet pipe sprinkler system
Consists of a pressurized water supply system that can deliver a high quantity of water to an entire building via a piping distribution system.
You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. The email provides a website and a toll-free number where you can make payment. What action should you take?
Contact the IRS using their publicly available, official contact information.
virtual machine (VM)
Created by virtual software; they are images of operating systems or individual applications.
NEXT (near end cross talk)
Cross talk, or the impingement of the signal carried by one wire onto a nearby wire, that occurs between wire pairs near the source of a signal.
CISM (Certified Information Security Manager)
Cybersecurity specialists responsible for managing, developing and overseeing information security systems at the enterprise level
Full Duplex
Data is transmitted via pulsing light sent from a laser or light-emitting diode (LED) through the central fiber (or fibers). Full-Duplex is the two-lanes going both directions at the same time.
Flash memory
Data that is stored permanently but that can be changed.
Ubuntu is derived from which distribution?
Debian
Acceptable usage policies
Define the rules that restrict how a computer, network, or other system may be used
A Mail Transfer Agent's primary purpose is to:
Deliver mail between servers
A maintenance cycle:
Describes how long a version of software will be supported
A release cycle:
Describes how often updates to the software come out
Spear Phishing attacks commonly attempt to impersonate email from trusted entities. What security device is used in email to verify the identity of sender?
Digital Signatures
What is the best protection method for sharing Personally Identifiable Information (PII)?
Digitally sign and encrypt the email.
Certificates
Digitally signed electronic documents that bind a public key with a user identity.
End-to-end connection
Direct, dedicated connection from two end systems.
nbtstat command
Displays NetBIOS information for IP-based networks. The nbt prefix of the nbtstat command refers to NetBIOS over TCP/IP, which is called NBT (or NetBT ). This command can, for example, display a listing of NetBIOS device names learned by a Microsoft Windows ® -based PC. Nessus ® A network-vulnerability scanner available from Tenable Network Security. ®
tasklist
Displays a list of currently running processes on a local or remote machine. Will give the PID, or process ID number-Windows
Security Plan
Document that details the security controls established and planned for a particular system.
chain of custody
Documents who had custody of evidence all the way up to litigation or a court trial (if necessary) and verifies that the evidence has not been modified.
alien cross talk
EMI interference induced on one cable by signals traveling over a nearby cable.
ENTER syntax
ENTER numbytes, nestinglevel
AP (access point) isolation
Each client connected to the AP will not be able to communicate with each other, but they can each still access the Internet.
due diligence
Ensuring that IT infrastructure risks are known and managed.
Physical Medium
Examples of this include twisted-pair copper wire, coaxial cable, multimode fiber-optic cable, terrestrial radio spectrum, and satellite radio spectrum.
A generic term for Open Source and Free Software is:
FLOSS
A server is likely to be running in graphical mode. True or False?
False
To place software under an open source license, you must give up your copyright. True or False?
False
CPU Cache Memory
Fast access memory. More of this means better performance
Ciphertext
Form of cryptoghraphy in which the plaintext is made unintelligible to anyone, who intercepts it by a transformation of the information itself, based on some key
signature-based monitoring
Frames and packets of network traffic are analyzed for predetermined attack patterns. These attack patterns are known as signatures.
permanent DoS (PDoS) attack
Generally consists of an attacker exploiting security flaws in routers and other networking hardware by flashing the firmware of the device and replacing it with a modified image.
honey pot
Generally is a single computer but could also be a file, group of files, or an area of unused IP address space used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network. Specifically, a system designated as a honey pot appears to be an attractive attack target. One school of thought on the use of a honey pot is to place one or more honey-pot systems in a network to entice attackers into thinking the system is real. The attackers then use their resources attacking the honey pot, resulting in their leaving the real servers alone.
Diskpart
Gives access to configure, format or makes changes to existing volumes on PC
security template
Groups of policies that can be loaded in one procedure.
Hardening
Hardening of the operating system is the act of configuring an OS securely, updating it, creating rules and policies to help govern the system in a secure manner, and removing unnecessary applications and services.
cryptographic hash functions
Hash functions based on block ciphers.
Application backdoor
Hidden access that provides some level of control of the program
Back Door
Hidden software or hardware mechanism used to circumvent security controls
Antivirus software installed to scan and monitor malware activities on a server or workstation would be identified as a __________ based intrusion detection/prevention system.
Host
PoP (Points of Presence)
ISP access points
congestion avoidance
If an interface's output queue fills to capacity, newly arriving packet are discarded (or tail dropped ). Congestion avoidance can prevent this behavior. RED is an example of a congestion-avoidance mechanism.
warchalking
If an open WLAN (or a WLAN whose SSID and authentication credentials are known) is found in a public place, a user might write a symbol on a wall (or some other nearby structure) to let others know the characteristics of the discovered network. This practice, which is a variant of the decades-old practice of hobos leaving symbols as messages to fellow hobos, is called warchalking.
promiscuous mode
In a network adapter, this passes all traffic to the CPU, not just the frames addressed to it. When the network adapter captures all packets that it has access to regardless of the destination for those packets.
recovery time objectives (RTO)
In business impact analysis, the acceptable amount of time to restore a function.
recovery point objectives (RPO)
In business impact analysis, the acceptable latency of data.
T3
In the same T-carrier family of standards as a T1, a T3 circuit offers an increased bandwidth capacity. Although a T1 circuit combines 24 DS0s into a single physical connection to offer 1.544 Mbps of bandwidth, a T3 circuit combines 672 DS0s into a single physical connection, with a resulting bandwidth capacity of 44.7 Mbps.
client-server network
In this type of network a dedicated server (ie: file server or a print server) provides shared access to a resources (ie: files or a printer). Clients (ie: a PCs) on the network with appropriate privilege levels can gain access to those shared resources.
content filters
Individual computer programs that block external files that use JavaScript or images from loading into the browser.
personally identifiable information (PII)
Information used to uniquely identify, contact, or locate a person.
Share Cyber Intelligence
InfraGard is an example of
input validation
Input validation or data validation is a process that ensures the correct usage of data.
traffic shaping
Instead of making a minimum amount of bandwidth available for specific traffic types, you might want to limit available bandwidth. Both policing and shaping tools can accomplish this objective. Collectively, these tools are called traffic conditioners . Traffic shaping delays excess traffic by buffering it as opposed to dropping the excess traffic.
policing
Instead of making a minimum amount of bandwidth available for specific traffic types, you might want to limit available bandwidth. Both policing and trafficshaping tools can accomplish this objective. Collectively, these tools are called traffic conditioners . Policing can drop exceeding traffic, as opposed to buffering it.
Decode
Instructions checked in the control unit.
Attack
Intentional act of attempting to bypass one or more computer security controls.
site-to-site VPN
Interconnects two sites, as an alternative to a leased line, at a reduced cost.
radio frequency interference (RFI)
Interference that can come from AM/FM transmissions and cell towers.
IAB
Internet Architecture Board
IANA
Internet Assigned Numbers Authority
IETF
Internet Engineering Task Force.
If you want to store logins and passwords for different websites in a secure manner, you could use:
KeePassX
LOCAL syntax
LOCAL varlist
traffic intensity
La/R La averages bits/sec
port address translation (PAT)
Like NAT, but it translates both IP addresses and port numbers.
CHAP (Challenge-Handshake Authentication Protocol)
Like PAP, CHAP performs one-way authentication. However, authentication is performed through a three-way handshake (challenge, response, and acceptance messages) between a server and a client. The three-way handshake allows a client to be authenticated without sending credential information across a network.
DIR
List files and directories
The bootloader's job is to:
Load the kernel after the computer is powered on
LocalTalk
LocalTalk is a network protocol that was developed by Apple Computer, Inc. for Macs. The method used by LocalTalk is called CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance).
MD
Makes a new directory
Surge
Means that there is an unexpected increase in the amount of voltage provided.
access control model
Methodologies in which admission to physical areas, and more important computer systems, is managed and organized.
MAN
Metropolitan-area network - Interconnects locations scattered throughout a metropolitan area. (ie: Chicago Public Schools)
RAID 1
Mirroring. Data is copied to two identical disks. If one disk fails, the other continues to operate.
Router layers
Network, Link, and Physical Layers
protocol
Networking: A standard method or format for communication between network devices. Protocols ensure that data are transferred whole, in sequence, and without error from one node on the network to another. Web: The set of rules the page follows for communication and provides information to the computers about how the data is formatted, transmitted, received, and acknowledged
Extensible Authentication Protocol (EAP)
Not an authentication mechanism in itself but instead defines message formats. 802.1X would be the authentication mechanism and defines how EAP is encapsulated within messages.
Two
Number of cores required to run two instructions simultaneously
DMZ (demilitarized zone)
Often contains servers that should be accessible from the Internet. This approach would, for example, allow users on the Internet to initiate an e-mail or a web session coming into an organization's e-mail or web server. However, other protocols would be blocked. Subnetwork used to separate a private sector of a network from the public portion allotted to give access to its services to an untrusted network.
ping command
One of the most commonly used command-line commands. It can check IP connectivity between two network devices. Multiple platforms (for example, routers, switches, and hosts) support the ping command.
Honeynet
One or more computers, servers, or an area of a network, used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network.
address bus
Pathway from memory to processing unit that carries the address in memory to and from which data is transferred.
first responders
People who perform preliminary analysis of the incident data and determine whether the incident is an incident or just an event, and the criticality of the incident.
Control Unit (CU)
Processor component that manages the execution of instructions during the fetch-execute cycle.
Internet Standards
RFC: Request for comments IETF: Internet Engineering Task Force
RISC
Reduced Instruction set Computer
Policy
Rules or guidelines used to guide decisions and achieve outcomes. They can be written or configured on a computer.
If Volume is locked during a chkdsk
Run during startup
If you wanted to let a Linux machine share files with Windows clients and servers, you would use:
Samba
Multi-home
Same connection for multiple ISPs to a home
redundant ISP
Secondary connections to another ISP; for example, a backup T-1 line.
IP proxy
Secures a network by keeping machines behind it anonymous; it does this through the use of NAT.
Operation Controls
Security methods that focus on mechanisms that primarily are implemented and executed by people (as opposed to systems)
Virus
Self-replicating, malicious code that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence
Controller
Sends and receives signals from all parts of the computer
Control Bus
Sends control signals to different parts of the computer
TCP reset attack
Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.
Network Access Control (NAC)
Sets the rules by which connections to a network are governed.
A type of attack where the intruder observes authentication secrets such as a combination or PIN:
Shoulder Surfing
shutdown /r /t nn
Shutdown and restart after nn seconds
Triple DES (3DES)
Similar to DES but applies the cipher algorithm three times to each cipher block.
packet-switched connection
Similar to a dedicated leased line, because this is an always on network. However, unlike a dedicated leased line, this connection allows multiple customers to share a service provider's bandwidth.
Proxy
Software agent that performs a function or operation on behalf of another application or system while hiding the details involved
Malicious Code
Software capable of performing an unauthorized process on an information system.
SNMP agent
Software deployed by the network management system that is loaded on managed devices. The software redirects the information that the NMS needs to monitor the remote managed devices.
IP Class A
Specified IP classing standard within the range of 1.0.0.0 to 126.255.255.255 with the subnet mask of 255.0.0.0
IP Class B
Specified IP classing standard within the range of 128.0.0.0 to 191.255.255.255 subnet mask of 255.255.0.0
IP Class C
Specified IP classing standard within the range of 192.0.0.0 to 223.255.255.255 subnet mask of 255.255.255.0
A type of attack where an intruder is able to forge a biometric sample:
Splicing Attack
Output Queue
Stores packets the router is about to send to a link
If your wireless device is improperly configured someone could gain control of the device? T/F
TRUE
Forwarding Table
Table that maps destination address to a routers outbound links
Fetch
Takes an address, stored in the instruction register and moves the program counter on one.
uninterruptible power supply (UPS)
Takes the functionality of a surge suppressor and combines that with a battery backup, protecting computers not only from surges and spikes, but also from sags, brownouts, and blackouts.
computer security audits
Technical assessments made of applications, systems, or networks.
Source Routing
Technique in which the originator of a packet can attempt to partially or completely control the path through the network to the destination.
Random Access Memory (RAM)
Temporary storage or working memory; a type of volatile memory that can be accessed randomly.
CIR (committed information rate)
The CIR of an interface is the average traffic rate over the period of a second.
Ethernet
The Ethernet protocol is by far the most widely used.Ethernet uses an access method called CSMA/CD(Carrier Sense Multiple Access/Collision Detection). - can use all three cables
Richard Stallman is associated with:
The Free Software Foundation
Most of the tools that are part of Linux systems come from:
The GNU (GNU's Not Unix!) project
HTTP proxy (web proxy)
The HTTP proxy, also known as a web proxy, which caches web pages from servers on the Internet for a set amount of time.
802.3
The IEEE standard for Ethernet networking devices and data handling (using the CSMA/CD access method).
802.16
The IEEE standard for broadband wireless metropolitan area networking (also known as WiMAX).
802.2
The IEEE standard for error and flow control in data frames.
802.5
The IEEE standard for token ring networking devices and data handling.
802.11
The IEEE standard for wireless networking.
Remote Access
The ability to get access to a computer or a network through wifi, phone lines, or DSL
Spim
The abuse of instant messaging systems, a derivative of spam.
privilege escalation
The act of exploiting a bug or design flaw in a software or firmware application to gain access to resources that normally would've been protected from an application or user.
Performance measure - Bandwidth
The amount of data that can be transferred on a network in a given time.
core
The central component of a cable designed to carry a signal.
unified communications
The centralized management of multiple types of network-based communications, such as voice, video, fax, and messaging services.
Certification
The comprohensive evaluation of the technical and non-technical security features of an IT and other safeguards, made in support of the accreditation process, that establishes the extent to which a particular design and implementation meet specified set of security requirements.
latency
The delay between the transmission of a signal and its receipt.
Encryption
The process of changing information using an algorithm (or cipher) into another form that is unreadable by others—unless they possess the key to that data.
risk transference
The transfer or outsourcing of risk to a third party. Also known as risk sharing.
cold site
This has tables, chairs, bathrooms, and possibly some technical setup, for example, basic phone, data, and electric lines, but will require days if not weeks to set up properly.
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
This is a system where each computer listens to the cable before sending anything through the network.
Basic QoS (quality of service)
This is simply the measured quality of an internet connection.
Fetch-Execute Cycle
This is the process of fetching the instructions from memory, decoding them and then executing them so that the CPU performs continuously.
asymmetric key encryption
This type of cipher uses a pair of different keys to encrypt and decrypt data.
time bomb
Trojans set off on a certain date.
Applications make requests to the kernel and receive resources, such as memory, CPU, and disk in return. True or False?
True
Mobile devices include fitness bands, tablets, smartphones, electronic readers, and Bluetooth- enabled devices.
True
Participating in open source projects can improve your technical skills, even if it is not your day job. True or False?
True
You can configure your computer to check for updates automatically. True or False?
True
twisted-pair cable
Twisted pair cables have pairs of insulated copper wires twisted round each other to cancel out come in two types: - unshielded twisted pair (UTP)(ex: telephone cables): prone to electromagnetic interference - shielded twisted pair (STP): has a metal sheath encasing the twisted pairs, shielding them further from outside electromagnetic interference.
Cluster
Two or more servers that work with each other.
incremental backup
Type of backup that backs up only the contents of a folder that have changed since the last full backup or the last incremental backup.
differential backup
Type of backup that backs up only the contents of a folder that have changed since the last full backup.
full backup
Type of backup where all the contents of a folder are backed up.
stateful packet inspection
Type of packet inspection that keeps track of network connections by examining the header in each packet, also known as SPI.
Flooding
Type off incident involving insertion of a large volume of data resulting in denial of service
Intrusion
Unauthorized act of bypassing the security mechanisms of a system.
Spoofing
Unauthorized use of legitimate identification and authentication data, however it was obtained, to mimic a subject different from the attacker. Impersonating, masquerading, piggybacking, and mimicking are forms of this
Hacker
Unauthorized user who attempts to or gains access to an information system.
Patches (Software Patches)
Updates that fix particular problem or vulnerability within a program. Sometimes, instead of just releasing this vendors will release an upgraded version of their software.
Which tool would be most effective for mapping a target network?
Vulnerability scanner
null session
When used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$).
Internal Memory
Where data is moved to when not actively being used
3DES
a symmetric block cipher with 64-bit block size that uses a 56-bit key, encrypts data three times and uses a different key for at least one of the three passes, giving it a cumulative key size of 112-168 bits
CAM (Content Addressable Memory) table
a table that is in a switch's memory that contains ports and their corresponding MAC addresses.
XSS (Cross Site Scripting)
allows criminals to inject scripts into the web pages viewed by users
ethical hacker
an expert at breaking into systems and can attack systems on behalf of the system's owner and with the owner's consent.
Product Key
code that you type when requested as you install the software
Complex Instruction Set Computer (CISC)
computers designed with a full set of computer instructions that range from very simple to very complex and specialized to provide needed capabilities in the most efficient way.
Methods used to ensure confidentiality
data encryption, authentication, and access control.
mySub PROC enter 0, 0
declare a procedure with no local variables using the ENTER instruction similar to: mySub PROC push ebp mov ebp, esp
Parity
detects data errors
Asynchronous Online Communication
does not require the participants to be online at the same time
type
either a standard type or a user-defined type (used with the LOCAL directive) - standard types are WORD, DWORD..... - user-defined types are Structures .....
help
gives list of commands
input-output parameter
identical to an output parameter, with one exception: The called procedure expects the variable referenced by the parameter to contain some data. The procedure is also expected to modify the variable via the pointer.
Detective Control
identify different types of unauthorized activity
Bitmapped Graphics
images composed of pixels
ENTER
instruction that automatically creates a stack frame for a called procedure. It reserves stack space for local variables and saves EBP on the stack. Specifically, it performs three actions: - Pushes EBP on the stack (puch ebp) - Sets EBP to the base of the stack frame (mov ebp, esp) - Reserves space for local variables (sub esp, numbytes)
PGP (pretty good privacy)
is a widely deployed asymmetric encryption algorithm and is often used to encrypt e-mail traffic.
NSA (National Security Agency)
is responsible for intelligence collection and surveillance activities in the U.S
While Loop
loops through a block of code while a specified condition is true
Scareware
persuades the user to take a specific action based on fear
Administrative Access Control
policies and procedures defined by organizations to implement and enforce all aspects of controlling unauthorized access. These controls focus on personnel and business practices
Giga
prefix multiplier for 1,000,000,000
Confidentiality
prevents the disclosure of information to unauthorized people, resources and processes
Methods
procedure(Action) associated with an object
Overclocking
processor being set to run faster than it's original design
Portable Apps
programs that you carry with you on a flash drive
Software Watermarking
protects software from unauthorized access or modification
Internet Service Providers
provide an access path to the Internet
Compensative Control
provide options to other controls to bolster enforcement in support of a security policy
IPv6 (Internet Protocol version 6)
provides a large number of new addresses to route Internet traffic.The IPv6 address format is much different than the IPv4 format. It contains eight sets of four hexadecimal digits and uses colons to separate each block. , such as "fe80::42:acff:feaa:1bf0".
Oversight and Development
provides for leadership, management, and direction to conduct cybersecurity work effectively
omnidirectional antenna
radiates power at relatively equal power levels in all directions (somewhat similar to the theoretical isotropic antenna). Omnidirectional antennas are popular in residential WLANs and SOHO (small office/home office) locations.
attributes
refers to distance, langType, visibility, prologue (used with the PROC directive)
Unguided Media
signals propagate freely, e.g. radio
IPFix
standard format for exporting router based information about network traffic flows to data collection devices
Preventative Control
stop unwanted or unauthorized activity from happening
Document Management System
store documents on a server or on the Web, and provide security and access to the business documents
Main Memory
stores data and information and is usually volatile; its contents are lost when electrical power is turned off. It plays a major role in a computer's performance.
Mirroring
stores duplicate data on a second drive
External Hard Drive
suitable for backing up home computer systems
Magnetic tape
suitable for backing up large commercial servers.
Flash drive
suitable for moving relatively small files
STDCALL calling convention
supply an integer parameter to the RET instruction, which in turn adds to EBP after returning to the calling procedure. Integer must equal the number of bytes of stack space consumed by the subroutine parameters. Example2 PROC push ebp mov ebp, esp ; base of stack frame mov eax, [ebp + 12] ; second parameter add eax, [ebp + 8] ; first parameter pop ebp ret 8 ; clean up the stack Example2 ENDP NOTE: requires 32-bit operands, smaller operands must be pushed with zero extend
Methods used to ensure availability
system redundancy, system backups, increased system resiliency, equipment maintenance, up-to-date operating systems and software, and plans in place to recover quickly from unforeseen disasters.
Early Warning Systems
the Honeynet project is an example of
address
the code that identifies where a piece of information is stored
IoT
the collection of technologies that enable the connection of various devices to the Internet.
epilogue
the ending of a function consisting of restoring the EBP register and returning to the caller
Transistor
the fundamental building block of modern electronic devices, which is used to control the flow of electricity in electronic circuits.
HMAC (Hash-based Message Authentication Code)
they strengthens hashing algorithms by using an additional secret key as input to the hash function
Cloud storage
third party storage of data- using someone else's servers.
Macros
tools that allow a user to program repetitive tasks into the computer's memory so that they can be quickly accomplished with the touch of a couple keys that the user has selected
Guided Media
transmission flows along physical medium
channel bonding
two wireless bands can be logically bonded together, forming a band with twice the bandwidth of an individual band. Some literature refers to channel bonding as 40 MHz mode , which refers to the bonding of two adjacent 20-MHz bands into a 40-MHz band.
VLANs (Virtual LANs)
use logical connections instead of physical connections
Routing Protocols
used to facilitate the exchange of routing information between routers, set the forwarding tables
IDEA
uses 64-bit blocks and 128-bit keys, performs eight rounds of transformations on each of the 16 blocks that results from dividing each 64-bit block
SEO Poisoning
uses SEO to make a malicious website appear higher in search result
SMiShing
uses Short Message Service to send fake text messages
Rule Based Access Control
uses access control lists (ACLs) to help determine whether to grant access
Wired networks
uses cables to transmit data
PKI (public key infrastructure)
uses digital certificates and a certificate authority to allow secure communication across a public network.
uses store-and-forward technology
CIFS (Common Internet File System)
- TCP Port 445, UDP Port 137, 138, 139 - Dialect of Server Message Block (SMB) protocol. - Enables the sharing of folders/files, printers and ports over a network.
PAP (Password Authentication Protocol)
Performs one-way authentication (that is, a client authenticates with a server). However, a significant drawback to PPP, other than its unidirectional authentication, is its clear-text transmission of credentials, which could permit an eavesdropper to learn authentication credentials.
Spillage occurs when
Personal information is inadvertently posted at a website
IP address (Internet Protocol address)
The Network layer address assigned to nodes to uniquely identify them on a TCP/IP network. IP addresses consist of 32 bits divided into four octets, or bytes. is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.[1][2] An IP address serves two main functions: host or network interface identification and location addressing.
Wardriving
The act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna, often a particularly strong antenna.
Defense in depth
The building up and layering of security measures that protect data from inception, on through storage and network transfer, and lastly to final disposal.
block ID
The first set of six characters that make up the MAC address and that are unique to a particular manufacturer.
incident management
The monitoring and detection of security events on a computer network and the execution of proper responses to those security events.
data emanation (or signal emanation)
The electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversations or to steal data.
certificate authority
The entity (usually a server) that issues digital certificates to users.
Key
The essential piece of information that determines the output of a cipher.
business impact analysis
The examination of critical versus noncritical functions, it is part of a business continuity plan (BCP).
attenuation
The extent to which a signal has weakened after traveling a given distance.
FCS (frame check sequence)
The field in a frame responsible for ensuring that data carried by the frame arrives intact. It uses an algorithm, such as CRC, to accomplish this verification.
Session layer
The fifth layer in the OSI model. This layer establishes and maintains communication between two nodes on the network. It can be considered the "traffic cop" for network communications.
segmentation
The process of decreasing the size of data units when moving data from a network that can handle larger data units to a network that can handle only smaller data units.
domain name kiting
The process of deleting a domain name during the five-day grace period (known as the add grace period or AGP) and immediately reregistering it for another five-day period to keep a domain name indefinitely and for free.
license tracking
The process of determining the number of copies of a single application that are currently in use on the network and whether the number in use exceeds the authorized number of licenses
load balancing
The process of distributing data transfer activity evenly across a network so that no single device is overwhelmed.
Risk Analysis
The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards
Configuration Management
The process of keeping track of changes to the system, if needed, approving them.
Baselining
The process of measuring changes in networking, hardware, software, and so on.
reassembly
The process of reconstructing data units that have been segmented.
regeneration
The process of retransmitting a digital signal.
System Integrity
The quality that a system has when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system
bend radius
The radius of the maximum arc into which you can loop a cable before you will cause data transmission errors.
Salting
The randomization of the hashing process to defend against cryptanalysis password attacks and Rainbow Tables. Used to make hashing more secure
Performance measure - Download speed
The rate at which packets can be downloaded from one computer to another.
Performance measure - Upload speed
The rate at which packets of information can be sent from one computer to another.
tip and ring
The red and green wires found in an RJ-11 wall jacks, which carry voice, ringing voltage, and signaling information between an analog device (for example, a phone or a modem) and an RJ-11 wall jack.
chromatic dispersion
The refraction of light as in a rainbow. If light is refracted in such a manner on fiber optic cables, the signal cannot be read by the receiver.
Program Counter (PC)
The register that contains the address of the next instruction to be executed
impedance
The resistance that contributes to controlling an electrical signal. It is measured in ohms.
Optical
Uses lasers to binary data
noise
The unwanted signals, or interference, from sources near network cabling, such as electrical motors, power lines, and radar.
LLC (Logical Link Control Sublayer)
The upper sublayer in the Data Link layer. The LLC provides a common interface and supplies reliability and flow control services.
convergence
The use of data networks to carry voice (or telephone), video, and other communications services in addition to data.
PSTN (public switched telephone network)
The worldwide telephony network comprised of multiple telephone carriers.
group policy
Used in Microsoft environments to govern user and computer accounts through a set of rules.
Backdoors
Used in computer programs to bypass normal authentication and other security mechanisms in place.
Magnetic
Used in hard disks and tapes
Remote Authentication Dial-In User Service (RADIUS)
Used to provide centralized administration of dial-up, VPN, and wireless authentication.
Read head
Used to read data on magnetic storage
Expand command
Used to remove files in a cabinet (.cab file)
Write head
Used to write data to magnetic storage
Hub-and-Spoke Topology
Used when interconnecting multiple sites (ie: multiple corporate locations) via WAN links, a hub-and-spoke topology has a WAN link from each remote site (a spoke site) to the main site (the hub site).
WPA2 (Wi-Fi Protected Access, v2)
Uses Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) for integrity checking and Advanced Encryption Standard (AES) for encryption. These algorithms enhance the security offered by WPA.
public key cryptography
Uses asymmetric keys alone or in addition to symmetric keys. The asymmetric key algorithm creates a secret private key and a published public key.
Entity integrity
a database integrity that state that all rows must have a unique identifier called a primary key
Circuit Switching
a dedicated connection is formed between two points and the connection remains active for the duration of the transmission
Wired Equivalent Privacy (WEP)
a deprecated security protocol that attempted to provide a wireless local area network (WLAN) with the same level of security as a wired LAN
Hashing algorithm
a tool that ensures data integrity by taking binary data and producing a fixed-length representation called the hash value or message digest
File encryption
a tool used to protect data stored in the form of files
Cache
a type of memory to store data temporarily in a computing environment often to shorten data access time, reduce latency and improve input/output (I/O).
Authorization
services that determine which resources users can access, along with the operations that users can perform, after the user is granted access once authentication is complete
WriteStackFrameName
similar to WriteStackFrame procedure, except includes additional parameter that holds the name of the procedure owning the stack frame
Freeware
you generally download the software app from the Internet for free and you can use the software for an unlimited period of time
Multimeter
- Tool used to measure the electric currents of various components of a computer. - Can be used to measure voltage (AC and DC), current (amps), resistance (ohms), capacitance and frequency.
What can be done to prevent remote people from running programs on your computer?
- Turn on a firewall - Use strong passwords on all user accounts
RJ-45
- Twisted pair connector used for network cabling. - Uses either T568A or T568B wiring configurations.
LC (local connector)
- Type of connector used in fiber optic cabling. - Uses a connector likened to RJ-45. It has a smaller form factor and uses 1.25 mm ferrule. - Preferred for single mode.
Internet Protocol Security (IPsec)
A TCP/IP protocol that authenticates and encrypts IP packets, effectively securing communications between computers and devices using the protocol.
Simple Network Management Protocol (SNMP)
A TCP/IP protocol that monitors network-attached devices and computers. It's usually incorporated as part of a network management system.
Infrastructure as a Service (IaaS)
A cloud computing service that offers computer networking, storage, load balancing, routing, and VM hosting.
node
A computer or other device connected to a network, which has a unique address and is capable of sending or receiving data
MT-RJ (mechanical transfer-registered jack)
A connector used with single-mode or multimode fiber-optic cable.
security policy
A continually changing document that dictates a set of guidelines for network use. These guidelines complement organizational objectives by specifying rules for how a network is used
Backup
A copy of data and/or applications contained in the IT stored on magnetic media outside of the IT to be used in the event IT data are lost.
GPC (GNU privacy guard)
A free variant of pretty good privacy (PGP), which is an asymmetric encryption algorithm.
Grayware
A general term used to describe applications that are behaving improperly but without serious consequences; often describes types of spyware.
The Internet
A global network connecting millions of computers; has more than 200 million users worldwide, and that number is growing rapidly; a complex WAN that connects LANs and clients around the globe
Botnet
A group of compromised computers used to distribute malware across the Internet; the members are usually zombies.
Secure Hash Algorithm (SHA)
A group of hash functions designed by the NSA and published by the NIST, widely used in government. The most common currently is SHA-1.
service pack (SP)
A group of updates, bug fixes, updated drivers, and security fixes that are installed from one downloadable package or from one disc.
VPN concentrator
A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN.
PCI (Peripheral Component Interconnect) Express
A high-speed serial bus interface made by Intel for connecting peripheral devices.
Cat 5e (Enhanced Category 5)
A higher-grade version of wiring that contains highquality copper, offers a high twist ratio, and uses advanced methods for reducing cross talk. It can support a signaling rate of up to 350 MHz
Source code refers to:
A human readable version of computer software
hardware firewall
A network appliance dedicated to the purpose of acting as a firewall. This appliance can have multiple interfaces for connecting to areas of a network requiring varying levels of security.
teardrop attack
A type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.
SYN flood
A type of DoS where an attacker sends a large amount of SYN request packets to a server in an attempt to deny service.
network intrusion detection system (NIDS)
A type of IDS that attempts to detect malicious network activities—for example, port scans and DoS attacks—by constantly monitoring network traffic.
connection oriented
A type of Transport layer protocol that requires the establishment of a connection between communicating nodes before it will transmit data.
data packet
A discrete unit of information sent from one node on a network to another.
trouble ticket
A problem report explaining the details of an issue being experienced in a network.
ISOC (Internet Society)
A professional organization with members from 90 chapters around the world that helps to establish technical standards for the Internet.
Software
A program or instructions that give directions to the computer.
Secure Shell (SSH)
A protocol that can create a secure channel between two computers or network devices.
IKE (Internet Key Exchange)
A protocol used to set up an IPsec session.
Nonce
A random number issued by an authentication protocol that can only be used once.
decibel (dB)
A ratio of radiated power to a reference value. In the case of dBi, the reference value is the signal strength (that is, the power) radiated from an isotropic antenna, which represents a theoretical antenna that radiates an equal amount of power in all directions (in a spherical pattern). An isotropic antenna is considered to have gain of 0 dBi.
Audit Trail
A record showing who has accessed a computer system and what operations he or she has performed during a given period of time. Useful both for maintaining security and for recovering lost transactions
Current Instruction Register (CIR)
A register inside the CPU which holds the current instruction (not the data)
patch cable
A relatively short section (usually between 3 and 25 feet) of cabling with connectors on both ends.
Terminal Access Controller Access-Control System (TACACS)
A remote authentication protocol similar to RADIUS used more often in UNIX networks.
ACK (acknowledgment)
A response generated at the Transport layer of the OSI model that confirms to a sender that its frame was received. The ACK packet is the third of three in the three-step process of establishing a connection.
black-hole router
A router that drops packets that cannot be fragmented and are exceeding the MTU size of an interface without notifying the sender.
Blackout
When a total loss of power for a prolonged period occurs.
single sign-on (SSO)
When a user can log in once but gain access to multiple systems without being asked to log in again.
least privilege
When a user is given only the amount of privileges needed to do his job.
time of day restriction
When a user's logon hours are configured to restrict access to the network during certain times of the day and week.
Sandbox
When a web script runs in its own environment for the express purpose of not interfering with other processes, possibly for testing.
explicit allow
When an administrator sets a rule that allows a specific type of traffic through a firewall, often within an ACL.
explicit deny
When an administrator sets a rule that denies a specific type of traffic access through a firewall, often within an ACL.
Pharming
When an attacker redirects one website's traffic to another bogus and possibly malicious website by modifying a DNS server or hosts file (domain spoofing)
one-to-one mapping
When an individual certificate is mapped to a single recipient.
risk avoidance
When an organization avoids risk because the risk factor is too great.
risk reduction
When an organization mitigates risk to an acceptable level.
Piggybacking
When an unauthorized person tags along with an authorized person to gain entry to a restricted area.
key escrow
When certificate keys are held in case third parties, such as government or other organizations, need access to encrypted communications.
Serial Transmission
When data is sent or received using serial data transmission, the data bits are organized in a specific order, since they can only be sent one after another
Parallel Transmission
When data is sent using parallel data transmission, multiple data bits are transmitted over multiple channels at the same time.
disk duplexing
When each disk is connected to a separate controller.
many-to-one mapping
When multiple certificates are mapped to a single recipient.
load-balancing clusters
When multiple computers are connected in an attempt to share resources such as CPU, RAM, and hard disks.
fuzz testing (fuzzing)
When random data is inputted into a computer program in an attempt to find vulnerabilities
Remote Login
When someone connects to a computer via the Internet
Brownout
When the voltage drops to such an extent that it typically causes the lights to dim and causes computers to shut off.
broadcast storm
When there is an accumulation of broadcast and multicast packet traffic on the LAN coming from one or more network interfaces.
BERT (bit-error rate tester)
When troubleshooting a link where you suspect a high bit-error rate (BER), you can use a piece of test equipment called a bit-error rate tester (BERT), which contains both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is synchronized with the pattern generator and can determine the number of bit errors) and can calculate a BER for the tested transmission link.
mutual authentication
When two computers, for example a client and a server, both verify each other's identity.
classification
is the process of placing traffic into different categories.
URL (Uniform Resource Locator)
is typed in the address bar of a browser to open the home page or other resource on the website
VoIP
is used to transmit calls over the Internet rather than traditional phone lines or cellular towers
Digital certificate
it enable users, hosts, and organizations to exchange information securely over the Internet
Examples of Input Devices
keyboard, mouse, microphone, camera, scanner...
PROC syntax
label PROC [attributes] [USES reglist], parameter_list
varlist form
label: type (used with the LOCAL directive)
Deterrent Control
limit or mitigate an action or behavior
WriteStackFrame
link library procedure that displays the contents of the current procedure's stack frame. It shows the procedure's stack parameters, return address, local variables, and saved registers.
Bottleneck Link
link on end-end path that constrains end-end throughput
PaaS (Platform as a Service)
makes collaboration easier and requires less programming knowledge
Browser Hijacker
malware that alters a computer's browser settings to redirect the user to websites paid for by the cyber criminals customers
Personal Information Manager
manages your email, calendar, contacts, and tasks
Gray Hat Attackers
may find a vulnerability and report it to the owners of the system if that action coincides with their agenda
Sniffing
occurs when attackers examine all network traffic as it passes through their NIC independent of whether or not the traffic is addressed to them or not
short
occurs when two copper connectors touch each other, resulting in current flowing through that short rather than the attached electrical circuit, because the short has lower resistance.
Video Graphics Array (VGA)
one of the de facto display standards for PCs, which supports analog signals rather than digital signals.
ADDR
operator that can be used to pass a pointer argument when calling a procedure using INVOKE - must be assembly time constant - call only be used in conjunction with INVOKE
argumentList
optional comma-deliminated list of arguments passed to a procedure
Database
organises facts about people, places, things, or events
parameterList syntax
paramName:type (used with the PROC directive)
by reference
passing an argument that consists of the address (OFFSET) of an object.
by value
passing an argument using a copy of the value pushed on the stack.
IDS (Intrusion Detection System)
passively monitors the traffic on a network. can recognize the signature of a well-known attack and respond to stop the attack. However, this sensor does not reside in-line with the traffic flow. Therefore, one or more malicious packets might reach an intended victim before the traffic flow is stopped by this sensor.
register
(computer science) Storage location on a CPU; the control unit of a digital computer that stores the current instruction of the program and controls the operation of the computer during the execution of that instruction
buffer
(computer science) a region of a physical memory storage used to temporarily store data while it is being moved from one place to another
interrupt
(computer science) a signal from a device attached to a computer or from a program within the computer that requires the operating system to stop and figure out what to do next
memory unit
(computer science) a unit for measuring computer memory
operating system
(computer science) software that controls the execution of computer programs and may provide various services
processor
(computer science) the part of a computer (a microprocessor chip) that does most of the data processing; "the CPU and the memory form the central part of a computer to which the peripherals are attached"
ELSR
(edge label switch router) Resides at the edge of an MPLS service provider's cloud and interconnects a service provider to one or more customers.
MTU
(maximum transmission unit) The largest packet size supported on an interface through the media of air .
The Samba application is a:
- File Server
Linux is distributed under which license?
- GPLv2
Which of the following licenses was made by the FSF?
- GPLv3
IPv6
- 128-bit hexidecimal network addressing standard - Designed as a backup system when we've run out of traditional IP addresses.
802.11b
- 2.4-GHz band and the DSSS transmission method - 11 Mbps - 300 ft maximum range - 11 total operating channels, 3 non-overlapped
IPv4
- 32-bit decimal network addressing standard - Separated by decimal into 4 octets (8-bits). - OSI Layer 3 address
Router
- A Layer 3 network device used to connect two network that have different subnets. - Destination addresses are compiled by IP so it keeps track of where to forward requests.
Hub
- A central network device to connect devices on the same subnet. - Information sent from one port will be sent out to every other port. - Operates strictly in half-duplex mode due to the limitation of only one send request permitted at a time. - Handles a data type called frames
ST (straight tip) Connector
- A connector used with single-mode or multimode fiber-optic cable. - Uses bayonet connector with 2.5 mm ceramic or polymer ferrule.
Access Point
- A device on a network which creates a position to provide access to incoming connections.
Modem
- A device that acts to convert digital information to analog to send information over telephone lines. - On the receiving end it converts the analog data back into digital.
Bridge (network hardware)
- A device to connect two network segments with the same subnet. - Compiles a list of devices by MAC address in order to know where to forward requests. Bridges connect different physical network types together, e.g. Ethernet to Fast Ethernet etc.A bridge can also separate a network into two segments.Good for when there is a lot of network traffic.
Internet appliance
- A device with an alternate primary purpose yet has the ability to use internet services. - This could be a smart TV, PDA, camera, etc.
WPS (Wi-Fi Protected Setup)
- A method of connecting to a wireless network devised to make it easier to those with less knowledge of network security. - It involves pressing of a button on the router in relation to the computer or other compatible network device, and they will securely connect the computer to the wireless network without the need of a passcode or pre-shared key.
Fiber Optic Internet
- A modern internet delivery variation from cable companies upgrading their networks with the use of high speed fiber optic cabling. - Since the data is literally delivered on beams of light it is able to travel extremely fast and far distances.
WAN (Wide Area Network)
- A network that consists of multiple LANs and covers a larger geographic area such as a town, city or county.
Port Triggering
- A setting of a router which would open a specific port only on request from a local host, to which that host is the designated recipient of communication through that port. - Ports remain closed when there is no activity.
Loopback plug
- A simple plug use to test the outgoing and incoming communication on a port. - It routes the transmit portto the receive porton the same device.
Cable tester
- A tool that validates the usability of a network cable. -It is connected to the network cable at both ends of a cable and will verify that the signals are being sent successfully and that the wiring in the connectors are in the correct position.
Which of the following is true about graphical mode?
- After login, you are provided with a desktop - You access this mode by logging into a - You have menus and tools to help you find what you are looking for
Creative Commons licenses allow you to:
- Allow or disallow commercial use Get a veto on where the work is used - Specify whether or not people may distribute changes - Specify whether or not changes must be shared
The Linux shell:
- Allows you to launch programs - Is customizable - Has a scripting language
Public IP
- An IP address issued by a network provider used to communication with hosts across the world wide web. - This is the IP address used for remote users to access a private network.
Private IP
- An internal IP address assigned to each device on a network for communication between one another. - This IP address must be within a specified group of available addresses in order to operate.
Permission-free software licenses:
- Are not approved by the FSF - Can allow software to be used inside - Don't have a copyleft provision
Which of the following are properties of a strong password?
- At least 10 characters long - Includes symbols - A mix of upper and lower case
Which are examples of permissive software licenses?
- BSD - MIT
The largest difference between the GPLv2 and BSD licenses is:
- BSD has no copyleft provision
Who founded the Open Source Initiative?
- Bruce Perens - Eric Raymond
The two main families of Linux shells are:
- C Shell - Bourne Shell
Which distributions are made by, or clones of, Red Hat?
- CentOS - Fedora
Apple's OS X is:
- Certified as UNIX compatible - Derived from FreeBSD - Only compatible with Apple hardware
Microsoft Windows
- Comes in desktop and server variants - Has powerful scripting capabilities - Has built in virtualization
Client-side DNS
- Compiles a list of frequently used domain name and IP destinations to quickly pull up a destination upon request.
When a computer boots, it can get its network information through:
- DHCP
POP and IMAP are related to:
TKIP (Temporal Key Integrity Protocol)
- Encryption method utilized in WPA
WiMAx
- High speed internet access provided through wireless signals to a larger area of subscribers. - Would require a device or antennae which would receive the signal. - Could potentially eliminate the use of cable internet due to simpler setup.
APIPA (Automatic Private IP Addressing)
- If enabled, this feature will assign a default IP address when the DHCP server is not responding. - The IP address will be assigned between 169.254.0.0 to 169.254.255.255
Cellular/Mobile Hotspot
- Internet connection shared from a device receiving a connection from mobile network towers. - This device can be used as an access point to allow those nearby with internet access. - Mobile phone tethering is also a way to share your phone connection as an access point. - Depending on the level of service this can prove to be a very fast internet connection: EDGE (400-1000 kbps), 3G (2 Mbps+), 4G (3-100+ Mbps), etc.
An interpreted programming language:
- Is converted into machine specific instructions as the program runs - Tends to offer more features than compiled languages
Software is backward compatible if:
- It still supports old file formats or applications
A package manager:
- Keeps track of which files belong to which packages - Downloads software from the Internet
The difference between the GPL and LGPL licenses are:
- LGPL allows linking to non GPLed software
One of the jobs of the kernel is to:
- Manage the system's resources
Static IP
- Manually assigned IP address
Plenum
- Material used to surround twisted pair cabling, especially when wiring above ceiling tiles.
UTP (unshielded twisted pair)
- Most commonly used networking cable. - Lower cost since it doesn't have the extra protection layer of copper grounding material. - Cable type used in networks that do not have any concerns over EMI, RFI, or cross talk. If these are a concern, STP is used.
Ring Topology
- Network topology which connects one computer to another in a continuous loop. - The signal travels in one direction as each device repeats the signal until it reaches the intended destination. - If there is a missing connection in a loop the network connection is down from that point in the setup.
Star Topology
- Network topology which requires each computer to connect to a central point such as a hub or switch. - The typical setup for LANs due to the ease of adding and removing connections.
Bus Topology
- Network topology with a trunk cable that runs the full length with a terminator at both ends to prevent repeated signals. The devices are connected with a drop cable along the trunk cable. - Broken cables prevent communication with any device on the network.
STP (Shielded twisted pair) cable
- Networking cable with extra protection against EMI. prevent loops on a network when switches interconnect via multiple paths - Copper used as grounding material around the internal wires.
The Creative Commons version of Public Domain licensing is:
- No Rights Reserved
PVC (Polyvinyl Chloride)
- Normal material used to surround twisted pair cabling. - Can be toxic when burned, therefore is not permitted for use when wiring above ceiling tiles.
Satellite Internet
- Not known as the fastest, yet reliability from anywhere in the world and not limited by wiring. - This sends and receives radio signal from satellite it is susceptible to interference from weather conditions. - Requires satellite dish setup, to send and receive signals, with a clear line of sight setup. - Can be used as a portable option and available in remote regions. - Expect latency due to distance of travel.
A permissive free software license:
- Places no restrictions on sharing modifications - Means you can use the software for anything you want
HTTPS (HTTP Secure)
- Port 443 - Protocol used to access websites on the world wide web with added SSL protection. - Any website cannot be automatically accesses with this protocol, it is authorized by certificate.
If a podcast is licensed under the CC BY-ND license, you may:
- Post it to your website - Share it as long as you give credit to the author
TCP (Transmission Control Protocol)
- Protocol for data transmission which requires a return receipt on every delivery to ensure the information reached the intended destination. - Packets that are lost or dropped are re-sent. - This system ensures a reliable transfer. - Connection-oriented protocol. - TCP is tightly linked with IP and usually seen as TCP/IP in writing.
UDP (User Datagram Protocol)
- Protocol for quicker transmission of data since there is no requirement of receipt. - Dropped or lost packets are not re-transmitted. - More reliable method to deliver audio or video due to the increased rate of transmission. - Connectionless protocol. - UDP uses a best-effort delivery mechanism.
How can you make money from open source software?
- Provide paid consulting services for users - Take payments for fixing bugs - Sell hardware that's built to work with the software
Which of the following are traits of a multiuser operating system?
- Resources are shared between users - Users can protect their information from other - Many users can log in simultaneously with a unique account
SMB (Server Message Block)
- TCP Port 445, UDP Port 137, 138, 139 - Protocol implemented in Microsoft Windows. - This system allows users to share resources across the network remotely. (ie. shared folders/files, printers)
DNS (Domain Naming Server)
- TCP Port 53 - Translates real name network commands to associated IP destinations. A protocol used to convert URLs into IP addresses when loading a webpage.
HTTP (Hyper Text Transfer Protocol)
- TCP Port 80 - Protocol used to access websites on the world wide web.
SSH (Secure Shell)
- TCP/UDP Port 22 - A secured protocol used to access and control remote systems. - Generally used in terminal mode.
SFTP (SSH File Transfer Protocol)
- TCP/UDP Port 22 - Used to access and transfer server files from a host system with a secure shell protocol.
TELNET
- TCP/UDP Port 23 - Network protocol to connect to a server and operate it as a native user in terminal mode. - This method of server control, though it has username and password as security, is unencrypted and not the most secure method.
RDP (Remote Desktop Protocol)
- TCP/UDP Port 3389 - Used to access, view and control one computer from another while connecting through a network and/or internet connection.
LDAP (Lightweight Directory Access Protocol)
- TCP/UDP port 389 (secure port 636) - Protocol used to build and share information within a network. - An Application Layer protocol used for accessing and modifying directory services data.
What is the meaning of a public domain license?
- The author has relinquished the copyright on the work
Which of the following is a tool that helps you anonymize your Internet browsing?
- The onion router (TOR)
Gateway
- The point on a network that connects all of the devices together at a central point or bridges two networks - This address is required for a private network to access a public network. - Typically the first or last IP address assigned within an available range.
Punchdown tool
- The required tool used to attach network wiring to a punchdown block.
Dial-up
- The service whereby a computer terminal can use the telephone to initiate and effect communication with a computer. - Connects a phone line to a modem to provide a rather slow internet connection. - Data transfer rates can be 28.8, 33.3, 56 Kbps based on compression rates. - Compression standards: V.24, V.32bis, V.34, V.42, V.44, V.90, and V.92. - Can be used over any telephone line, but not simultaneous to phone usage.
Subnet Mask
- This network setting dictates which portion of the IP address is available within a network addressing schematic.
Crimper
- Tool used to attach RJ-45 or RJ-11 connections to ethernet cabling by use of closing force.
Line of sight wireless internet service
- Type of internet service that would require a device to point directly to an internet providers tower without anything blocking its path. - Could be susceptible to interference due to disturbance of path by weather conditions.
SNMP (Simple Network Management Protocol)
- UDP 161, 162 - Part of the TCP/IP suite, this protocol shares information devices on a network for management purposes.
802.11g
- Uses 2.4-GHz band and either the OFDM or DSSS transmission method - 54 Mbps - 300 ft maximum range - 11 total operating channels, 3 non-overlapped - Compatible with other wireless networking standard which also operates at the same frequency.
802.11n
- Uses the 2.4-GHz and/or 5.75-GHz band and the OFDM transmission method - 150, 300 or 600 Mbps depending on network configuration - 1200 ft maximum range - Compatible with other wireless networking standards operating at 2.4-GHz and 5.75-GHz depending on specifications of the hardware
802.11a
- Uses the 5.75-GHz band and the OFDM transmission method - 54 Mbps - 150 ft maximum range - 23 total operating channels, 12 non overlapped
When choosing a distribution of Linux, you should consider:
- Which distributions are supported by the software you need to run - The maintenance cycle of the distribution - Which management tools are provided by the distribution - Whether or not the distribution is under active development - If you need support on the distribution itself
Which of the following is provided by a graphical interface that isn't normally provided to a non graphical interface?
- Windows - Menus - Popups - Desktop
T568A
- Wiring standards used for configuring twisted pair networking cable with RJ-45 connections based on a specified color order of the individual wires. - The color order for this standard is as follows: green-white, green, orange-white, blue, blue-white, orange, brown-white, brown
T568B
- Wiring standards used for configuring twisted pair networking cable with RJ-45 connections based on a specified color order of the individual wires. - The color order for this standard is as follows: orange-white, orange, green-white, blue, blue-white, green, brown-white, brown - This particular scheme is the accepted standard.
Methods used to ensure high availability
- eliminate single points of failure - design for reliability - detect failures as they occur
Two components that provide the ability to implement a firewall include:
- iptables - gufw
stack frame use
- passed arguments, if any, are pushed on the stack. - the subroutine is called, causing the subroutine return address to be pushed on the stack. - as the subroutine begins to execute, EBP is pushed on the stack - EBP is set equal to ESP. From this point on, EBP acts as a base reference for all of the subroutine parameters - If there are local variables, ESP is decremented to reserve space for the variables on the stack - If any registers need to be saved, they are pushed on the stack (this method is used frequently with API)
Queueing Delay
- time waiting at output link for transmission - depends on congestion level of router
In graphical mode, you can get to a shell by running which applications?
- xterm - terminal
Which package manager is used in Fedora, a Red Hat derived system?
- yum
MAC address
A 12-character string that uniquely identifies a network node. The manufacturer hard codes the MAC address into the NIC. This address is composed of the block ID and device ID.
Message-Digest Algorithm 5 (MD5)
A 128-bit key hash used to provide integrity of files and messages.
BRI (Basic Rate Interface)
A BRI circuit contains two 64-kbps B channels and one 16-kbps D channel. Although such a circuit can carry two simultaneous voice conversations, the two B channels can be logically bonded together into a single virtual circuit (by using PPP's multilink interface feature) to offer a 128-kbps data path.
Trusted Computer System Evaluation Criteria (TCSEC)
A DoD standard that sets basic requirements for assessing the effectiveness of computer security access policies. Also known as The Orange Book.
How do you describe the Command Line Interface?
A GUI is sometimes called a WIMP interface: Windows, Icons, Menus, Pointer
Wireless Local Area Network (WLAN)
A LAN connected using wireless protocols. For example, a network in a café.
SONET (Synchronous Optical Network)
A Layer 1 technology that uses fiber-optic cabling as its media. Because SONET is a Layer 1 technology, it an be used to transport various Layer 2 encapsulation types, such as TM. Also, because SONET uses fiber-optic cabling, it offers high data rates, typically in the 155 Mbps-10 Gbps range, and long-distance limitations, typically in the 20 km-250 km range.
Frame Relay
A Layer 2 WAN technology that interconnects sites using virtual circuits. These virtual circuits are identified by locally significant data-link connection identifiers (DLCI).
ATM (Asynchronous Transfer Mode)
A Layer 2 WAN technology that interconnects sites using virtual circuits. These virtual circuits are identified by a pair of numbers, called the VPI/VCI pair. A virtual path identifier (VPI) identifies a logical path, which can contain multiple virtual circuits. A virtual circuit identifier (VCI) identifies the unique logical circuit within a virtual path.
RRAS (Microsoft Routing and Remote Access Server)
A Microsoft Windows Server ® feature that allows Microsoft Windows ® clients to remotely access a Microsoft Windows network.
tracert command
A Microsoft Windows ® -based command that displays every router hop along the path from a source host to a destination host on an IP network. Information about a router hop can include such information as the IP address of the router hop and the round-trip delay of that router hop.
ipconfig command
A Microsoft Windows ® command that can be used to display IP address configuration parameters on a PC. Additionally, if DHCP is used by the PC, the ipconfig command can be used to release and renew a DHCP lease, which is often useful during troubleshooting.
MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol)
A Microsoft-enhanced version of CHAP, offering a collection of additional features not present with PAP or CHAP, including two-way authentication.
fragmentation
A Network layer service that subdivides segments it receives from the Transport layer into smaller packets.
POTS (plain old telephone service)
A POTS connection connects a customer device (such as a telephone) to the public switched telephone network (PSTN).
PRI (primary rate interface)
A PRI circuit is an ISDN circuit built on a T1 or E1 circuit. Recall that a T1 circuit has 24 channels. Therefore, if a PRI circuit is built on aT1 circuit, the ISDN circuit has 23 B channels and a one 64 kbps D channel. The24th channel in the T1 circuit is used as the ISDN D channel (that is, the channel used to carry the Q.921 and Q.931 signaling protocols, which are used to set up, maintain, and tear down connections).
RS-232 (Recommended Standard 232)
A Physical layer standard for serial communications, as defined by EIA/TIA.
TACACS+ (Terminal Access Controller Access-Control System Plus)
A TCP-based protocol used to communicate with a AAA server. encrypts an entire authentication packet rather than just the password. offers authentication features, but they are not as robust as the accounting features found in RADIUS. is a Cisco-proprietary protocol.
traceroute command
A UNIX command that display every router hop along the path from a source host to a destination host on an IP network. Information about the router hop can include the IP address of the router hop and the round-trip delay of that router hop.
ITU (International Telecommunication Union)
A United Nations agency that regulates international telecommunications and provides developing countries with technical expertise and equipment to advance their technological bases.
L2F (Layer 2 Forwarding)
A VPN protocol designed (by Cisco Systems ® ) with the intent of providing a tunneling protocol for PPP. Like L2TP, L2F lacks native security features.
L2TP (Layer 2 Tunneling Protocol)
A VPN protocol that lacks security features, such as encryption. However, it can still be used for a secure VPN connection if it is combined with another protocol that provides encryption.
MPLS (Multiprotocol Label Switching)
A WAN technology popular among service providers. MPLS performs labels switching to forward traffic within an MPLS cloud by inserting a 32-bit header (which contains a 20-bit label) between a frame's Layer 2 and Layer 3 headers and making forwarding decisions based on the label within an MPLS header.
IBSS (Independent Basic Service Set)
A WLAN can be created without the use of an AP. Such a configuration, called an IBSS, is said to work in an ad-hoc fashion. An ad-hoc WLAN is useful for temporary connections between wireless devices. For example, you might temporarily interconnect two laptop computers to transfer a few files.
robocopy (robust file copy)
A Windows command that is similar to and more powerful than the xcopy command, used to copy files and folders. -used to copy a lot of files and folders to a lot of different servers to a lot of different network connections. -able to resume a copy in case a session or connection is lost for whatever reason. -robocopy /s is used also for subdirectories
Towers of Hanoi
A backup rotation scheme based on the mathematics of the Towers of Hanoi puzzle. Uses three backup sets. For example, the first tape is used every second day, the second tape is used every fourth day, and the third tape is used every eighth day.
10 tape rotation
A backup rotation scheme in which ten backup tapes are used over the course of two weeks.
grandfather-father-son
A backup rotation scheme in which three sets of backup tapes must be defined—usually they are daily, weekly, and monthly, which correspond to son, father, and grandfather.
braiding
A braided metal shielding used to insulate some types of coaxial cable.
Denial of Service (DoS)
A broad term given to many different types of network attacks that attempt to make computer resources unavailable.
open
A broken strand of copper that prevents current from flowing through a circuit.
CO (central office)
A building containing a telephone company's telephone switching equipment is referred to as a central office (CO). COs are categorized into five hierarchical classes. A Class 1 CO is a long-distance office serving a regional area. A Class 2 CO is a second-level long-distance office (that is, it is subordinate to a Class 1 office). A Class 3 CO is a third-level long-distance office. A Class 4 CO is a fourth-level long-distance office, which provides telephone subscribers access to a live operator. A Class 5 CO is at the bottom of the five-layer hierarchy and physically connects to customer devices in a local area.
ISP (internet service provider )
A business that provides organizations and individuals with Internet access and often, other services, such as e-mail and Web hosting.
one-time pad
A cipher that encrypts plaintext with a secret random key that is the same length as the plaintext.
symmetric key algorithm
A class of cipher that uses identical or closely related keys for encryption and decryption.
special hazard protection system
A clean agent sprinkler system such as FM-200 used in server rooms.
Kerberos
A client-server authentication protocol that supports mutual authentication between a client and a server. Kerberos uses the concept of a trusted third party (a key distribution center ) that hands out tickets to be used instead of a username and password combination.
Platform as a Service (PaaS)
A cloud computing service that provides various software solutions to organizations especially the ability to develop applications without the cost or administration of a physical platform.
Software as a Service (SaaS)
A cloud computing service where users access applications over the Internet that are provided by a third party.
BNC (Bayonet Neill-Concelman, or British Naval Connector)
A coaxial cable connector type that uses a twist-and-lock (or bayonet) style of coupling, generally made of nickel plated brass, named after its coupling method and its inventors
baseline
A collection of data portraying the characteristics of a network under normal operating conditions. Data collected while troubleshooting can then be contrasted against baseline data.
ISO (International Organization for Standardization)
A collection of standards organizations representing 157 countries with headquarters located in Geneva, Switzerland.
PPP (Point-to-Point Protocol)
A common Layer 2 protocol offering features such as multilink interface, looped link detection, error detection, and authentication.
X.509
A common PKI standard developed by the ITU-T that incorporates the single sign-on authentication method.
CRAM-MD5 (Challenge-Response Authentication Mechanism Message Digest 5)
A common variant of HMAC frequently used in e-mail systems. Like CHAP, this only performs one-way authentication (the server authenticates the client).
nonbroadcast point-to-multipoint transmission
A communications arrangement in which a single transmitter issues signals to multiple, defined recipients.
point-to-multipoint
A communications arrangement in which one transmitter issues signals to multiple receivers. The receivers may be undefined, as in a broadcast transmission, or defined, as in a nonbroadcast transmission.
Blended Threat
A computer network attack that seeks to maximize the severity of damage and speed of contagion by combining methods, for example using characteristics of both viruses and worms, while also taking advantage of vulnerabilities in computers, networks, or other physical systems. An attack using a blended approach might send a virus via an e-mail attachment, along with a Trojan horse embedded in an HTML file that will cause damage to the recipient computer. EX. Nimba, CodeRed, Bugbear.
Server
A computer that awaits and responds to requests for data; serves up resources to a network. For example, E-mail access provided by an E-mail server, web pages provided by a web server, or data files available on a file server.
host
A computer that enables resource sharing by other computers on the same network
Web server
A computer that manages Web site services, such as supplying a Web page to multiple users on demand.
workstation
A computer that runs a desktop operating system and connects to a network.
stand-alone computer
A computer that uses applications and data only from its local disks and that is not connected to a network.
local loop
A connection between a customer premise and a local telephone company's central office.
virtual private network (VPN)
A connection between two or more computers or devices that are not on the same private network.
session
A connection for data exchange between two parties. The term session may be used in the context of Web, remote access, or terminal and mainframe communications, for example.
circuit-switched connection
A connection that is brought up on an as-needed basis. This connection is analogous to phone call, where you pick up a phone, dial a number, and a connection is established based on the number you dial.
Smart Card
A credit-card-sized device with embedded microelectronics circuitry for storing information about an individual. This is not a key or token, as used in the remote access authentication process.
terminal
A device with little (if any) of its own processing or disk capacity that depends on a host to supply it with applications and data-processing services.
DCE (data circuit-terminating equipment)
A device, such as a multiplexer or modem, that processes signals. It supplies a clock signal to synchronize transmission between DTE and DCE.
E3
A digital circuit in the same E-carrier family of standards as an E1. An E3 circuit's available bandwidth is 34.4 Mbps.
channel
A distinct communication path between two or more nodes, much like a lane is a distinct transportation path on a freeway. may be separated either logically (as in multiplexing) or physically (as when they are carried by separate wires).
electromagnetic interference (EMI)
A disturbance that can affect electrical circuits,devices, and cables due to electromagnetic conduction or radiation.
Packet Filtering
A feature incorporated into routers to limit the flow of information based on pre-determined communications such as source, destination, or type of service being provided by the network; let the administrator limit protocol specific traffic to one network segment, isolate email domains, and perform many other traffic control functions. Packet filtering as it applies to firewalls inspects each packet passing through the firewall and accepts or rejects it based on rules. Two types of packet filtering include stateless packet filters and stateful packet inspection (SPI).
Security Incident
An adverse event in a computer system or the threat of such an event occurring.
application firewall
A firewall that can control the traffic associated with specific applications. Works all the way up to the Application Layer of the OSI model.
Cat 3 (Category 3)
A form of UTP that contains four wire pairs and can carry up to 10 Mbps, with a possible bandwidth of 16 MHz.
Cat 4 (Category 4)
A form of UTP that contains four wire pairs and can support up to 16- Mbps throughput. It may be used for 16-Mbps token ring or 10-Mbps Ethernet networks.
Cat 5 (Category 5)
A form of UTP that contains four wire pairs and supports up to 100-Mbps throughput and a 100-MHz signal rate.
Data Driven Attack
A form of attack that is encoded in seemingly innocuous data which is executed by a user pr a process to implement an attack; concern for firewalls, since it may get through the firewall in data form and launch an attack against a system behind the firewall.
man-in-the-middle (MITM) attack
A form of eavesdropping that intercepts all data between a client and a server, relaying that information back and forth. Examples include: Wi-Fi Eavesdropping, Email Hijacking, IP Spoofing Attacks, IP Spoofing Attacks, HTTPS Spoofing, SSL (Secure Socket Layer) Stripping, Session Hijacking, ARP (Address Resolution Protocol) Spoofing, Man-in-the-Browser
baseband
A form of transmission in which digital signals are sent through direct current pulses applied to a wire. This direct current requires exclusive use of the wire's capacity, so this systems can transmit only one signal, or one channel, at a time.
Broadband
A form of transmission in which signals are modulated as radiofrequency analog pulses with different frequency ranges. Also, the general term used to refer to high-speed network connections; typical for connections in excess of 1 Megabit per second (Mbps) to be so named
multiplexing
A form of transmission that allows multiple signals to travel simultaneously over one medium.
Partial-mesh Topology
A hybrid of a hub-and-spoke topology and a full-mesh topology. A partial-mesh can be designed to provide an optimal route between selected sites, while avoiding the expense of interconnecting every site to every other site.
IDF (intermediate distribution frame)
A junction point between the MDF and concentrations of fewer connections—for example, those that terminate in a telecommunications closet.
RFI (radiofrequency interference)
A kind of interference that may be generated by broadcast signals from radio or TV towers.
Linear Bus Topology
A linear bus topology consists of a main run of cable with a terminator at each end. All nodes (file server,workstations, and peripherals) are connected to the linear cable.(uses ethernet & local talk network) pros - easy to connect peripherals - requires less cable than star topology cons - entire network shuts down if there is a break in the main cable - hard to find the problem - need terminators at each end - not for a large building
certificate revocation list (CRL)
A list of certificates no longer valid or that have been revoked by the issuer.
ACL (access control list)
A list of permissions attached to an object. They specify what level of access a user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that apply to a list of network names, IP addresses. and port numbers.
decibel (dB) loss
A loss of signal power. If a transmission's dB loss is too great, the transmission cannot be properly interpreted by the intended recipient.
Trojan Horse
A malicious or harmful code contained inside apparently harmless programming or data in such a way that it can get control and do its chosen from of damage, such as ruining the file allocation table on your hard disk
hash function
A mathematical procedure that converts a variable-sized amount of data into a smaller block of data.
amplitude
A measure of a signal's strength.
checksum
A method of error checking that determines if the contents of an arriving data unit match the contents of the data unit sent by the source.
penetration testing
A method of evaluating the security of a system by simulating one or more attacks on that system.
flow control
A method of gauging the appropriate rate of data transmission based on how fast the recipient can accept data.
statistical multiplexing
A method of multiplexing in which each node on a network is assigned a separate time slot for transmission, based on the node's priority and need.
TDM (time division multiplexing)
A method of multiplexing that assigns a time slot in the flow of communications to every node on the network and, in that time slot, carries data from that node.
MAC filtering
A method used to filter out which computers can access the wireless network; the WAP does this by consulting a list of MAC addresses that have been previously entered. - Feature of a wireless router which permits access based upon hardware address provided. - Can be set to allow/block specified systems.
Graphical Processing Unit (GPU)
A microprocessor designed to handle graphics operations.
OSI (Open Systems Interconnection) model
A model for understanding and developing computer-to-computer communication developed in the 1980s by ISO. It divides networking functions among seven layers: Physical, Data Link, Network, Transport, Session,Presentation, and Application.
AM (amplitude modulation)
A modulation technique in which the amplitude of the carrier signal is modified by the application of a data signal.
behavior-based monitoring
A monitoring system that looks at the previous behavior of applications, executables, and/or the operating system and compares that to current activity on the system.
WDM (wavelength division multiplexing)
A multiplexing technique in which each signal on a fiber-optic cable is assigned a different wavelength, which equates to its own subchannel. Each wavelength is modulated with a data signal. In this manner, multiple signals can be simultaneously transmitted in the same direction over a length of fiber.
DWDM (dense wavelength division multiplexing)
A multiplexing technique used over single-mode or multimode fiber-optic cable in which each signal is assigned a different wavelength for its carrier wave.
hot site
A near duplicate of the original site of the organization, complete with phones, computers, networking devices, and full backups.
Intranet
A network based on an internet belonging to an organization, usually a corporation, accessible only by the organization's members, employees, or others with authorization. Its Web sites look and act just like any other Web site, but the firewall surrounding it fends off unauthorized access.
Computer Network
A network is a system that sends and receives data and messages enabling two or more computers to communicate with each other.
populated segment
A network segment that contains end nodes, such as workstations. punch-down block A panel of data receptors into which twisted pair wire is inserted, or punched down, to complete a circuit.
unpopulated segment
A network segment that does not contain end nodes, such as workstations. Also called link segments.
Wide Area Network (WAN)
A network which connects networks in different geographical locations. For example, the school network.
Nmap
A network-vulnerability scanner.
Remote Access Service (RAS)
A networking service that allows incoming connections from remote dial-in clients. It is also used with VPNs.
token ring
A networking technology developed by IBM in the 1980s. It relies upon direct links between nodes and a ring topology, using tokens to allow nodes to transmit data.
RIR (Regional Internet Registry)
A not-for-profit agency that manages the distribution of IP addresses to private and public entities.
Network
A number of devices connected together to allow them to communicate.
frame
A package for data that includes not only the raw data, or "payload," but also the sender's and recipient's addressing and control information. Frames are generated at the Data Link layer of the OSI model and are issued to the network at the Physical layer.
Subnet
A part of a network in which all devices share the same network portion of their IP address. A logical subset of a larger network, created by an administrator to improve network performance or to provide security.
cryptanalysis attack
A password attack uses a considerable set of precalculated encrypted passwords located in a lookup table.
brute force attack
A password attack where every possible password is attempted.
remote user
A person working on a computer on a different network or in a different geographical location from the LAN's server.
hardware security module (HSM)
A physical device that deals with the encryption of authentication processes, digital signings, and payment processes.
Storage Device
A piece of computer equipment on which information can be stored.
Router
A piece of hardware responsible for transmitting data between networks.
NIC (Network Interface Controller/Card)
A piece of hardware that allows a computer to connect to a network
butt set (or lineman's handset)
A piece of test equipment typically used by telephone technicians. The clips on a butt set can connect to the tip and ring wires on a punch-down block (for example, a 66 block or a 110 block) connecting to a telephone. This allows the technician to check the line (for example, to determine if dial tone is present on the line and determine if a call can be placed from the line).
ping flood
A ping flood, also known as an ICMP flood attack, is when an attacker attempts to send many ICMP echo request packets (pings) to a host in an attempt to use up all available bandwidth.
Contingency Plan
A plan for emergency response, back up operations, and post-disaster recovery maintained by an activity as a part of its security program that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation
Disaster recovery plan
A plan that details the policies and procedures concerning the recovery and/or continuation of an organization's technology infrastructure. Includes activities the organization takes to assess, salvage, repair and restore damaged facilities or assets
Easter egg
A platonic extra added to an OS or application as a sort of joke; the harmless cousin of the logic bomb.
phase
A point or stage in a wave's progress over time.
User Account Control (UAC)
A security component of Windows Vista that keeps every user (besides the actual Administrator account) in standard user mode instead of as an administrator with full administrative rights—even if they are a member of the administrators group.
Wi-Fi Protected Access (WPA)
A security protocol created by the Wi-Fi Alliance to secure wireless computer networks, more secure than WEP.
WEP (Wired Equivalent Privacy)
A security standard for WLANs. With WEP, an AP is configured with a static WEP key. Wireless clients needing to associate with an AP are configured with an identical key (making this a preshared key [PSK] approach to security). The IEEE 802.11 standard specifies a 40-bit WEP key, which is considered to be a relatively weak security measure. - Original wireless network encrypted security associated with 802.11 in 1997. - It is designed to emulate the same security as a wired network infrastructure. - Uses the same pre-shared key on the network and connecting devices as its form of securing a connection. - The pre-shared key is also used for encryption. - Not the most secure or recommended method.
remote access server
A server that runs communications services that enable remote users to log on to a network. Also known as an access server.
DHCP (Dynamic Host Configuration Protocol)
A service used to dynamically assign TCP/IP configuration information to clients. DHCP is often used to assign IP addresses, subnet masks, default gateways, DNS server addresses, and much more.
AWG (American Wire Gauge)
A standard rating that indicates the diameter of a wire, such as the conducting core of a coaxial cable.
incident response
A set of procedures that an investigator goes by when examining a computer security incident.
API (application programming interface)
A set of routines, protocols, and tools for building software applications. APIs specify how software components should interact, such as what data to use and what actions should be taken.
Spike
A short transient in voltage that can be due to a short circuit, tripped circuit breaker, power outage, or lightning strike.
ferrule
A short tube within a fiber-optic cable connector that encircles the fiber strand and keeps it properly aligned.
analog
A signal that uses variable voltage to create continuous waves, resulting in an inexact transmission.
UDP flood attack
A similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process.
cross talk
A type of interference caused by signals traveling on nearby wire pairs infringing on another pair's signal.
demilitarized zone (DMZ)
A special area of the network (sometimes referred to as a subnetwork) that houses servers that host information accessed by clients or other networks on the Internet.
token
A special control frame that indicates to the rest of the network that a particular node has the right to transmit data.
file server
A specialized server that enables clients to share applications and data across the network.
Open Vulnerability and Assessment Language (OVAL)
A standard and a programming language designed to standardize the transfer of secure public information across networks and the Internet utilizing any security tools and services available.
SSID (Service Set Identifier)
A string of characters that identify a WLAN. APs participating in the same WLAN can be configured with identical SSIDs. Required to connect to a wireless network. An SSID shared among multiple APs is called an extended service set identifier (ESSID).
change management
A structured way of changing the state of a computer system, network, or IT procedure.
Hash
A summary of a file or message. It is generated to verify the integrity of the file or message.
syslog
A syslog-logging solution consists of two primary components: syslog servers, which receive and store log messages sent from syslog clients, and syslog clients, which can be a variety of network devices that send logging information to a syslog server.
Firewall
A system designed to prevent unauthorized access to or from a private network; can be implemented in both hardware and software, or a combination if both; frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through this, which examines each message and blacks those that do not meet the specified security criteria
modulation
A technique for formatting signals in which one property of a simple carrier wave is modified by the addition of a data signal during transmission.
telco
A telephone company. Some countries have government-maintained telcos, while other countries have multiple telcos that compete with one another.
Distributed Tool
A tool that can be distributed to multiple hosts, which can then be coordinated to anonymously perform an attack on the target host simultaneously after some time delay
Logical Topology
A topology that describes the data-flow and IP addressing scheme of a network. The actual traffic flow of a network determines the network's Logical topology.
Point-to-Point Tunneling Protocol (PPTP)
A tunneling protocol used to support VPNs. Generally includes security mechanisms, and no additional software or protocols need to be loaded. A VPN device or server must have inbound port 1723 open to enable incoming PPTP connections.
Cat 6 (Category 6)
A twisted pair cable that contains four wire pairs, each wrapped in foil insulation. Additional foil insulation covers the bundle of wire pairs, and a fire-resistant plastic sheath covers the second foil layer. The foil insulation provides excellent resistance to cross talk and enables it to support a signaling rate of 250 MHz.
crossover cable
A twisted pair patch cable in which the termination locations of the transmit and receive wires on one end of the cable are reversed. Networking cable which is configured to use the T568A standard at one end and T568B at the other.
straight-through cable
A twisted pair patch cable in which the wire terminations in both connectors follow the same scheme.
3-leg perimeter
A type of DMZ where a firewall has three legs that connect to the LAN, Internet, and the DMZ.
back-to-back perimeter
A type of DMZ where the DMZ is located between the LAN and the Internet.
Fraggle
A type of DoS similar to the Smurf attack, but the traffic sent is UDP echo traffic as opposed to ICMP echo traffic.
Ping of Death (POD)
A type of DoS that sends an oversized and/or malformed packet to another computer.
Smurf attack
A type of DoS that sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The header of the ICMP echo requests will have a spoofed IP address. That IP address is the target of the Smurf attack. Every computer that replies to the ICMP echo requests will do so to the spoofed IP.
RG-8
A type of coaxial cable characterized by a 50-ohm impedance and a 10 AWG core.
RG-58
A type of coaxial cable characterized by a 50-ohm impedance and a 24 AWG core.
RG-59
A type of coaxial cable characterized by a 75-ohm impedance and a 20 or 22 AWG core, usually made of braided copper. Less expensive but suffering greater attenuation than the more common RG-6 coax, it is used for relatively short connections.
RG-6
A type of coaxial cable with an impedance of 75 ohms and that contains an 18 AWG core conductor. It is used for television, satellite, and broadband cable connections.
DB-9 connector
A type of connector with nine pins that's commonly used in serial communication that conforms to the RS-232 standard.
MMF (multimode fiber)
A type of fiber-optic cable that contains a core with a diameter between 50 and 100 microns, through which many pulses of light generated by a lightemitting diode (LED) travel at different angles.
SMF (single-mode fiber)
A type of fiber-optic cable with a narrow core that carries light pulses along a single path data from one end of the cable to the other end. Data can be transmitted faster and for longer distances. However, it is expensive.
FDM (frequency division multiplexing)
A type of multiplexing that assigns a unique frequency band to each communications subchannel. Signals are modulated with different carrier frequencies, then multiplexed to simultaneously travel over a single channel.
Vishing
A type of phishing attack that makes use of telephones and VoIP.
spear phishing
A type of phishing attack that targets particular individuals.
Tailgating
A type of piggybacking where an unauthorized person follows an authorized person into a secure area, without the authorized person's consent.
IV attack
A type of related-key attack, which is when an attacker observes the operation of a cipher using several different keys, and finding a mathematical relationship between them, allowing the attacker to ultimately decipher data.
Rootkit
A type of software designed to gain administrator-level control over a computer system without being detected; captures passwords and message traffic to and from a computer. A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more
host-based intrusion detection system (HIDS)
A type of system loaded on an individual computer; it analyzes and monitors what happens inside that computer, for example, if any changes have been made to file integrity.
Half Duplex
A type of transmission in which signals may travel in both directions over a medium, but in only one direction at a time. The only advantage that Half-Duplex would have is a single lane is cheaper than a double lane.
Simplex
A type of transmission in which signals may travel in only one direction over a medium. A good example would be your keyboard to your CPU.
cross-site scripting (XSS)
A type of vulnerability found in web applications used with session hijacking.
SA (Security Association)
An agreement between the two IPsec peers about the cryptographic parameters to be used in an ISAKMP session.
network address
A unique identifying number for a network node that follows a hierarchical addressing scheme and can be assigned through operating system software.
PDU (protocol data unit)
A unit of data at any layer of the OSI model.
Retro-virus
A virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state.
patch panel
A wall-mounted panel of data receptors into which cross-connect patch cables from the punch-down block are inserted.
Cloud computing
A way of offering on-demand services that extend the capabilities of a person's computer or an organization's network.
Digital Signature
A way to verify that an email message is really from the person who supposedly sent it and that it hasn't been changed. You may have received emails that have a block of letters and numbers at the bottom of the message - this mathematical algorithm is used to combine the information in the message. The result is a random-looking string of letters and numbers.
Vulnerability
A weakness in automated system security procedures, technical controls, environmental controls, administrative controls, internal controls, etc., that could be used as an entry point to gain unauthorized access to information or disrupt critical processing
Countermeasures
Action, device, procedure, technique or other measure that reduces the vulnerability of an information system
Execute
Actions occur dependent on the instruction
CSU/DSU (channel service unit/data service unit)
Acts as a digital modem, which terminates a digital circuit (for example, a T1 or an E1 circuit).
Sound Card
Additional card fitted into a PCI slot to output sound.
Networking advantages
Allows for sharing of files, Allows for peripheral devices such as printers to be shared, Allows people to communicate easily, Allowing people to use the same account on multiple devices
FHSS (Frequency-Hopping Spread Spectrum)
Allows the participants in a communication to hop between predetermined frequencies. Security is enhanced, because the participants can predict the next frequency to be used while a third party cannot easily predict the next frequency. FHSS can also provision extra bandwidth by simultaneously using more than one frequency.
client-to-site VPN
Also known as a remote access VPN, a client-to-site VPN interconnects a remote user with a site, as an alternative to dial-up or ISDN connectivity, at a reduced cost.
active interception
Also known as active inception in the CompTIA 2008 Security+ objectives; normally includes a computer placed between the sender and the receiver in an effort to capture and possibly modify information.
open mail relay
Also known as an SMTP open relay; it enables anyone on the Internet to send e-mail through an SMTP server.
failover clusters
Also known as high-availability clusters, these are designed so that a secondary server can take over in the case that the primary one fails, with limited or no downtime.
anomaly based monitoring
Also known as statistical anomaly based; establishes a performance baseline based on a set of normal network traffic evaluations.
directory traversal
Also known as the ../ (dot dot slash) attack is a method of accessing unauthorized parent directories.
MDF (main distribution frame)
Also known as the main cross-connect, the first point of interconnection between an organization's LAN or WAN and a service provider's facility.
marking
Alters bits within a frame, cell, or packet to indicate how a network should treat that traffic. Marking alone does not change how a network treats a packet. Other tools (such as queuing tools) can, however, reference markings and make decisions (for example, forwarding decisions or dropping decisions) based on those markings.
ANSI
American National Standards Institute
Thinnet
An IEEE Physical layer standard for achieving 10-Mbps throughput over coaxial copper cable. It is also known as 10Base-2. Its maximum segment length is 185 meters, and it relies on a bus topology.
Thicknet
An IEEE Physical layer standard for achieving a maximum of 10-Mbps throughput over coaxial copper cable. It is also known as 10Base-5. Its maximum segment length is 500 meters, and it relies on a bus topology.
S/MIME
An IETF standard that provides cryptographic security for electronic messaging such as e-mail.
AH (Authentication Header)
An IPsec protocol that provides authentication and integrity services. However, it does not provide encryption services.
ESP (Encapsulating Security Payload)
An IPsec protocol that provides authentication, integrity, and encryption services.
Internet content filter
An Internet content filter, or simply a content filter, is usually applied as software at the Application Layer and can filter out various types of Internet activities such as websites accessed, e-mail, instant messaging, and more. It is used most often to disallow access to inappropriate web material.
mandatory access control (MAC)
An access control policy determined by a computer system, not by a user or owner, as it is in DAC. restricts the actions that a subject can perform on an object. A subject can be a user or a process. An object can be a file, a port, or an input/output device. An authorization rule enforces whether or not a subject can access the object
discretionary access control (DAC)
An access control policy generally determined by the owner.
role-based access control (RBAC)
An access model that works with sets of permissions, instead of individual permissions that are label-based. So roles are created for various job functions in an organization.
default account
An account installed by default on a device or within an operating system with a default set of user credentials that are usually insecure.
Distributed Denial of Service (DDoS)
An attack in which a group of compromised systems attack a single target, causing a DoS to occur at that host, usually using a botnet.
replay attack
An attack in which valid data transmission is maliciously or fraudulently repeated or delayed.
MAC flooding
An attack that sends numerous packets to a switch, each of which has a different source MAC address, in an attempt to use up the memory on the switch. If this is successful, the switch will change state to failopen mode.
Dictionary Attack
An attack that uses a brute-force technique of successively trying all the words in some large, exhaustive list
fork bomb
An attack that works by creating a large number of processes quickly to saturate the available processing space in the computer's operating system. It is a type of wabbit.
Probe
An attempt to gather information about an information system for apparent purpose of circumventing its security controls
RADIUS (Remote Authentication Dial-In User Service)
An authentication and accounting system used by many Internet Service Providers (ISPs). A UDP-based protocol used to communicate with a AAA server. does not encrypt an entire authentication packet, but only the password. However, offers more robust accounting features than TACACS+. This is a standards-based protocol, while TACACS+ is a Cisco-proprietary protocol.
Challenge-Handshake Authentication Protocol (CHAP)
An authentication scheme used by the Point-to-Point Protocol (PPP) that is the standard for dial-up connections.
802.1X
An authentication technology used to connect devices to a LAN or WLAN. It is an example of port-based NAC.
single point of failure
An element, object, or part of a system that, if it fails, will cause the whole system to fail.
Transport-layer Segment
An encapsulated application-layer message with the attached transport layer message.
Faraday cage
An enclosure formed by conducting material or by a mesh of such material; it blocks out external static electric fields and can stop emanations from cell phones and other devices within the cage from leaking out.
secure code review
An in-depth code inspection procedure.
identity proofing
An initial validation of an identity.
WAN Link
An interconnection between two devices in a WAN.
Network Interface Controller (NIC)
An internal piece of hardware that allows a device to connect to a network. This could be wired or wireless.
Data Encryption Standard (DES)
An older type of block cipher selected by the United States federal government back in the 1970s as its encryption standard; due to its weak key, it is now considered deprecated.
CARP (Common Address Redundancy Protocol)
An open-standard variant of HSRP, which provides first-hop router redundancy.
Sag
An unexpected decrease in the amount of voltage provided.
The Linux platform that runs on mobile phones is called:
Android
Fast Ethernet
Another ethernet protocol that has increased speed of transmission that supports 100 Mbps. - more expensive hubs/concentrators/NICs - can only use fiber optics or twisted pair cables
SATA (Serial AT Attachment)
Another high speed serial bus interface for connecting hard drives, solid state drives (SSDs) and CD/DVD drives to the computer.
visibility
Attribute that indicates the procedure's visibility to other modules. Choices are PRIVATE, PUBLIC (default), and EXPORT. If the visibility is EXPORT, the linker places the procedure's name in the export table for segmented executables. EXPORT also enables PUBLIC visibility. (used with the PROC directive)
langType
Attribute that specifies the calling convention (parameter passing convention) such as C, PASCAL, or STDCALL. Overrides the language specified in the .MODEL directive. (used with the PROC directive)
application-level gateway (ALG)
Applies security mechanisms to specific applications, such as FTP and/or BitTorrent. It supports address and port translation and checks whether the type of application traffic is allowed.
DiffServ (Differentiated Services)
As its name suggests, DiffServ differentiates between multiple traffic flows. Specifically, packets are marked, and routers and switches can then make decisions (for example, dropping or forwarding decisions) based on those markings.
asset management
As related to networks, this is a formalized system of tracking network components and managing the lifecycle of those components.
password cracker
Software tool used to recover passwords from hosts or to discover weak passwords.
Adware
Any software application that displays advertising banners while the program's running. Authors may include additional code, which can be viewed thru pop-up windows or a bar that appears on the computer screen. Usually includes code that tracks a user's personal info & passes it on to 3rd parties, w/o the user's authorization or knowledge
Security Posture Assessments (SPA)
Assessments that use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems and networks.
DNS Spoofing
Assuming the name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain
Packet Fields
At each layer there is the header field; used for transmission within that layer And a payload field; used within the above layers
Wireless router
Attaches to a wired network and provides access to that wired network for wirelessly attached clients, like a wireless AP(access point). However, a wireless router is configured such that the wired interface that connects to the rest of the network (or to the Internet) is on a different IP network than the wireless clients. Typically, a wireless router performs NATing (network address translation) between these two IP address spaces.
cable modem
Attaches to the same coaxial cable (typically in a residence) that provides television programming. A cable modem can use predetermined frequency ranges to transmit and receive data over that coaxial cable.
Which email attachments are generally SAFE to open?
Attachments contained in a digitally signed email from someone known
social engineering
Attackers sometimes use social techniques (which often leverage people's desire to be helpful) to obtain confidential information. For example, an attacker might pose as a member of an IT department and ask a company employ for their login credentials in order for the "IT staff to test the connection." This type of attack is called social engineering.
port scanner
Software used to decipher which ports are open on a host.
Ethernet cable
Copper wires used to connect devices (EG. Computer to computer, or computer to switch) within a LAN.
Firmware
Software written for embedded systems.
implicit deny
Denies all traffic to a resource unless the users generating that traffic are specifically granted access to the resource. For example, when a device denies all traffic unless a rule is made to open the port associated with the type of traffic desired to be let through.
network intrusion prevention system (NIPS)
Designed to inspect traffic, and based on its configuration or security policy, the system can remove, detain, or redirect malicious traffic.
TDR (time domain reflectometer)
Detects the location of a fault in a copper cable by sending an electric signal down the copper cable and measuring the time required for the signal to bounce back from the cable fault. A TDM can then mathematically calculate the location of the fault.
OTDR (optical time domain reflectometer)
Detects the location of a fault in a fiber cable by sending light down the fiber-optic cable and measuring the time required for the light to bounce back from the cable fault. The OTDM can then mathematically calculate the location of the fault.
Cooling Device
Device that removes heat from the computer to keep the computer components within permissible heat levels.
EIA
Electronic Industries Alliance
fiber-optic cable
Fiber optic cables have a thin strand of glass in the centre that carries the light pulses. Data is transmitted via pulsing light sent from a laser or light-emitting diode (LED) through the central fiber (or fibers). The central strand is encased in glass cladding. The glass cladding may then be surrounded by strengthening wires and a plastic outer sheath. Fiber optic cables are more expensive than electrical cables but have higher bandwidths and can transmit over longer distances.
Permissions
File system permissions control what resources a person can access on the network.
E-mail Attachement
Files sent with e-mails that may contain malware.
security log files
Files that log activity of users. They show who did what and when, plus whether they succeeded or failed in their attempt.
CHKDSK /f
Fixes logical errors on the disk
Web Bugs
HTML elements, often in the form of image tags, that retrieve information from a remote web site. While the image may not be visible to the user, the act of making the request can provide information about the user. These are often embedded in web pages or HTML - enabled e-mail messages.
Redirected bombs
Hackers can use ICMP to change the path information take by sending it a different router.
According to DoD 8570.01-M, the IA (Information Assurance) technical category consists of how many levels?
I, II, & III
In accordance with AR 25-2, whose responsibility is it to ensure all users receive initial and annual IA awareness training?
IASO (Information Assurance Security/Support Officer)
INVOKE syntax
INVOKE procedureName [, argumentList]
baseline reporting
Identification of the security posture of an application, system, or network.
cable certifier
If you are working with existing cable and want to determine its category, or if you simply want to test the supported frequency range (and therefore data throughput) of the cable, you can use a cable certifier.
transmission
In networking, the application of data signals to a medium or the progress of data signals over a medium from one point to another.
Rainbow Tables
In password cracking, a set of precalculated encrypted passwords located in a lookup table.
Encapsulation
In programming: keeping details (like data and procedures) together in one part of a program so that programmers working on other parts of the program don't need to know about them. In networking: the process of wrapping one layer's PDU (protocol data unit) with protocol information so that it can be interpreted by a lower layer.
stateful firewall
Inspects traffic leaving the inside network as it goes out to the Internet. Then, when returning traffic from the same session (as identified by source and destination IP addresses and port numbers) attempts to enter the inside network, the stateful firewall permits that traffic. The process of inspecting traffic to identify unique sessions is called stateful inspection .
DSL (Digital Subscriber Line)
Internet connectivity, unlike cable modem-based service, provides the user with dedicated bandwidth. However, the maximum bandwidth available to it is usually lower than the maximum cable modem rate technologies. Also, the "dedicated bandwidth" is only dedicated between your home and the provider's central office -- the providers offer little or no guarantee of bandwidth all the way across the Internet. A DSL connection uses copper telephone lines but is able to relay data at much higher speeds than modems and does not interfere with telephone use.
Diffie-Hellman (DH) key exchange
Invented in the 1970s, it was the first practical method for establishing a shared secret key over an unprotected communications channel. Provides an electronic exchange method to share the secret key. Secure protocols, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS), Secure Shell (SSH), and Internet Protocol Security (IPsec), use it
Having reviewed DoD Wireless STIG (Ver6, Release 1), Sarah learns she may only utilize SecNet 54 and ______________ for transmitting classified information up to Top Secret.
KOV-26 Talon
Email Bombs
Large quantity of bulk e-mail that overwhelms an e-mail server preventing user access
VPN (virtual private network)
Some VPNs can support secure communication between two sites over an untrusted network (for example, the Internet).
ChKDSK /r
Locates bad sectors and recovers readable information /r Implies /f so /f is redundant to do also
You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. What action should you take first?
Look for a digital signature on the email.
BIOS (basic input/output system)
Low level program to handle inputs and output operations from the keyboard and screen
ActiveX is a type of this?
Mobile code
DSSS (Direct Sequence Spread Spectrum)
Modulates data over an entire range of frequencies using a series symbols called chips . A chip is shorter in duration than a bit, meaning that chips are transmitted at a higher rate than the actual data. These chips not only represent encoded data to be transmitted, but also what appears to be random data. Because both parties involved in a DSSS communication know which chips represent actual data and which chips do not, if a third-party intercepted a DSSS transmission, it would be difficult for that party to eavesdrop on the data, because he would not easily know which chips represented valid bits. DSSS is more subject to environmental factors, as opposed to FHSS and OFDN, because it uses of an entire frequency spectrum.
F-type connector
Most common coaxial cable connector which features a screw on attaching mechanism. Used to terminate coaxial cable used for transmitting television and broadband cable signals.
Distributed Applications
Multiple end systems that exchange data with each other
local variable use (C calling convention)
MySub PROC push ebp mov ebp, esp sub esp, 8 ; create locals mov DWORD PTR [ebp - 4], 10 ; x mov DWORD PTR [ebp - 8], 20; y mov esp, ebp ; remove locals from stack pop ebp ret MySub ENDP
distance
NEAR or FAR. Attribute that indicates the type of RET instruction (RET or RETF) generated by the assembler. (used with the PROC directive)
ISAKMP (Internet Security Association and Key Management Protocol)
Negotiates parameters for an IPsec session.
Network Routers
Only work on the network-layer fields of a datagram to move it from the host to the destination across the network
Which server software would you use to create a company directory that you could search and authenticate against?
OpenLDAP (Lightweight Directory Access Protocol)
OC (optical carrier)
Optical networks often use OC levels to indicate bandwidth. As a base reference point, the speed of an OC-1 link is 51.84 Mbps. Other OC levels are multiples of an OC-1. For example, an OC-3 link has three times the bandwidth of an OC-1 link (that is, 3 * 51.84 Mbps = 155.52 Mbps).
Hotfix
Originally, a hotfix was defined as a single problem fixing patch to an individual OS or application that was installed live while the system was up and running, and without a reboot necessary. However, this term has changed over time and varies from vendor to vendor.
Networking disadvantages
Over reliance on technology, Expense of hardware, Risk of viruses and hacking, Specialist skills and expertise are required
What does a distribution provide to add and remove software from the system?
Package manager
output buffer
Packet switches have multiple links attached to them. For each attached link the packet switch has an ______ ______, which stores packets that the router is about to send into that link.
Dropped or Lost Packet
Packet that hits a full queue
service level agreement (SLA)
Part of a service contract where the level of service is formally defined.
66 block
Part of an organization's cross-connect facilities, a type of punch-down block used for many years to terminate telephone circuits. It does not meet Cat 5 or better standards, and so it is infrequently used on data networks.
100 block
Part of an organization's cross-connect facilities, a type of punch-down block designed to terminate Cat 5 or better twisted pair wires.
Tickets
Part of the authentication process used by Kerberos.
Link Layer
Passes frames (link-layer packets) between individual nodes in a network. EX: Ethernet, WiFi
security tokens
Physical devices given to authorized users to help with authentication. These devices might be attached to a keychain or are part of a card system.
Cookie
Pieces of information generated by Web server and stored in the user's computer, ready for future access; embedded in the HTML information flowing back and forth between the user's computer and the servers; were implemented to allow user-side customization of Web information.
Confidentiality
Preventing the disclosure of information to unauthorized persons.
Bootstrap Loader
Program in the BIOS to load the operating system
The implementation of an IA operational baseline will be an incremental process of doing what?
Protecting critical assets
satellite (WAN technology)
Provides WAN access to sites where terrestrial WAN solutions are unavailable. Satellite WAN connections can suffer from long round-trip delay (which can be unacceptable for latency-sensitive applications) and are susceptible to poor weather conditions.
SSL (Secure Sockets Layer)
Provides cryptography and reliability for upper layers (Layers 5-7) of the OSI model. introduced in 1995, it has largely been replaced by Transport Layer Security (TLS). However, recent versions of SSL (for example, SSL 3.3) have been enhanced to be more comparable with TLS. Both SSL and TLS are able to provide secure web browsing via HTTPS.
Underclocking
Reducing the specified performance performance of a processor
TEMPEST
Refers to the investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization.
SFC (system file checker)
Scan integrity of all protected system files
AES (Advanced Encryption Standard)
Released in 2001, this typically considered the preferred symmetric encryption algorithm. It is available in 128-bit key, 192-bit key, and 256-bit key versions. - Encryption method utilized in WPA2 - Requires compatible hardware to encrypt
Bots
Remote control agents installed on your system; often controlled remotely vie Internet Relay Chat (IRC)
Thumb drives, memory sticks, and flash drives are examples of
Removable media
DEL
Remove a file from a directory or Disk, also called "erase"
RFC
Request for Comments
TFA (two-factor authentication)
Requires two types of authentication from a user seeking admission to a network. For example, a user might need to know something (for example, a password) and have something (for example, a specific fingerprint that can be checked with a biometric authentication device).
LSR (label switch router)
Resides inside a service provider's MPLS cloud and makes frame forwarding decisions based on labels applied to frames.
Management Controls
Security methods that focus on the management of the computer security system and the management of risk for a system
remote access VPN
See client-to-site VPN . Also known as a remote access VPN, a client-to-site VPN interconnects a remote user with a site, as an alternative to dial-up or ISDN connectivity, at a reduced cost.
fox and hound
See toner probe. a toner probe allows you to place a tone generator at one end of the connection (for example, in someone's office), and use a probe on the punch-down block to audibly detect to which pair of wires the tone generator is connected.
protocol analyzer
Software tool used to capture and analyze packets.
multifactor authentication
Similar to two-factor authentication, it requires two or more types of successful authentication before granting access to a network.
Packets
Small chunks of information that have been carefully formed from larger chunks of information.
Packet
Small, equal sized units of data used to transfer files over the internet, transmitting the identities of the sending and receiving stations, error-control information, and message.
You receive a call on your work phone and you're asked to participate in a phone survey. As part of the survey the caller asks for birth date and address. What type of attack might this be?
Social Engineering
Malware
Software designed to infiltrate a computer system and possibly damage it without the user's knowledge or consent.
Mobile Code
Software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution by the recipient, Malicious types of this are designed, employed, distributed, or activated with the intention of compromising the performance or security of information systems and computers, increasing access to those systems disclosing unauthorized information, corrupting information, denying service, or stealing resources.
Smurfing
Software that mounts a denial of service attack by exploiting IP broadcast addressing and ICMP ping packets to cause flooding
toner probe
Sometimes called a fox and hound , a toner probe allows you to place a tone generator at one end of the connection (for example, in someone's office), and use a probe on the punch-down block to audibly detect to which pair of wires the tone generator is connected.
A medium secure password has at least 15 characters and one:
Special character
RAID 5
Striping with Parity. Data is striped across multiple disks; fault tolerant parity data is also written to each disk.
NTLM hash
Successor to the LM hash. A more advanced hash used to store Windows passwords, based off the RC4 algorithm.
NTLM2 hash
Successor to the NTLM hash. Based off the MD5 hashing algorithm.
Total Delay
Sum of nodal, queueing, transmission, and propagation delays
copy /y
Suppresses prompting to confirm you want to overwrite an existing destination file
data loss prevention (DLP)
Systems that are designed to protect data by way of content inspection. They are meant to stop the leakage of confidential data, often concentrating on communications.
standby generator
Systems that turn on automatically within seconds of a power outage.
Wiretapping
Tapping into a network cable in an attempt to eavesdrop on a conversation or steal data.
VLAN hopping
The act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.
information security
The act of protecting information from unauthorized access. It usually includes an in-depth plan on how to secure data, computers, and networks.
vulnerability scanning
The act of scanning for weaknesses and susceptibilities in the network and on individual systems.
Wardialing
The act of scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to computer networks.
hot and cold aisles
The aisles in a server room or data center that circulate cold air into the systems and hot air out of them. Usually, the systems and cabinets are supported by a raised floor.
Bandwidth
The amount of data that can be transmitted over a network in a given amount of time.
risk acceptance
The amount of risk an organization is willing to accept. Also known as risk retention.
Performance measure - Latency
The amount of time taken to send and receive a file.
plenum space
The area above the ceiling tile or below the subfloor in a building.
Hoax
The attempt at deceiving people into believing something that is false.
risk assessment
The attempt to determine the amount of threats or hazards that could possibly occur in a given amount of time to your computers and networks.
secure coding concepts
The best practices used during the life cycle of software development.
network perimeter
The border of a computer network, commonly secured by devices such as firewalls and NIDS/NIPS solutions.
Virtualization
The creation of a virtual entity, as opposed to a true or actual entity. A single host can be split up into multiple guests
traffic
The data transmission and processing activity taking place on a computer network at any given time.
Link-layer frame
The datagram from the network layer after the link-layer has attached another link header
account expiration
The date when users' accounts they use to log on to the network expires.
optical loss
The degradation of a light signal on a fiber-optic network.
resources
The devices, data, and data storage space provided by a computer, whether stand-alone or shared.
wavelength
The distance between corresponding points on a wave's cycle. It is inversely proportional to frequency.
Transport layer
The fourth layer of the OSI model. In this layer protocols ensure that data are transferred from point A to point B reliably and without errors. this layer services include flow control, acknowledgment, error correction, segmentation, reassembly, and sequencing. Uses TCP or UDP, to pass segments between layers. Writes destination addresses on segments when passing to the network layer
cladding
The glass or plastic shield around the core of a fiber-optic cable. It reflects light back to the core in patterns that vary depending on the transmission mode. This reflection allows fiber to bend around corners without impairing the light-based signal.
Nonrepudiation
The idea of ensuring that a person or group cannot refute the validity of your proof against them.
risk management
The identification, assessment, and prioritization of risks, and the mitigating and monitoring of those risks.
Zombie
The individual compromised computers in a botnet.
MTU (maximum transmission unit)
The largest data unit a network (for example, Ethernet or token ring) will accept for transmission.
RTT (round trip time)
The length of time it takes for a packet to go from sender to receiver, then back from receiver to sender. It is usually measured in milliseconds.
data bus
The lines on the system bus that the CPU uses to send and receive data.
MAC (Media Access Control) sublayer
The lower sublayer of the Data Link layer (layer 2). The MAC appends the physical address of the destination computer onto the frame.
Physical layer
The lowest, or first, layer of the OSI model. Protocols in this layer generate and detect signals so as to transmit and receive data over a network medium. These protocols also set the data transmission rate and monitor data error rates, but do not provide error correction. Moves the individual bits within the frame from one node to the next. EX: Fiber Optic Cable, Copper Wire
IP (Internet Protocol)
The main delivery system for information over the Internet. A core protocol in the TCP/IP suite that operates in the Network layer of the OSI model and provides information about how and where data should be delivered. IP is the subprotocol that enables TCP/IP to internetwork
transmission media
The means through which data are transmitted and received.
reliability
The measure of how error-free a network transmits packets.
volt
The measurement used to describe the degree of pressure an electrical current exerts on a conductor.
Application-layer Message
The message passed to the transport layer, where a header is added meant for the receiving side of the destination transport layer
due care
The mitigation action that an organization takes to defend against the risks that have been uncovered during due diligence.
DNS poisoning
The modification of name resolution information that should be in a DNS server's cache.
Binary Code
The most basic language a computer understands, it is composed of a series of 0s and 1s (or bits). The computer interprets the code to form numbers, letters, punctuation marks, and symbols. (1 is on, 0 is off)
service set identifier (SSID)
The name of a wireless access point (or network) to which network clients will connect; it is broadcast through the air.
overhead
The nondata information that must accompany data in order for a signal to be properly routed and interpreted by the network.
Packet Loss
The number of packets that are lost or damaged during transmission, sometimes a result of finite queue space
frequency
The number of times that a signal's amplitude changes over a fixed period of time, expressed in cycles per second, or hertz (Hz).
twist ratio
The number of twists per meter or foot in a twisted pair cable.
LANMAN hash
The original hash used to store Windows passwords, known as LM hash, based off the DES algorithm.
sheath
The outer cover, or jacket, of a cable.
SYN-ACK (synchronization-acknowledgment)
The packet a node sends to acknowledge to another node that it has received a SYN request for connection. This packet is the second of three in the three-step process of establishing a connection.
SYN (synchronization)
The packet one node sends to request a connection with another node on the network. This packet is the first of three in the three-step process of establishing a connection.
store-and-forward transmission
The packet switch must receive the entire packet before it can begin to transmit the first bit of the packet onto the outbound link
backbone
The part of a network to which segments and significant shared devices (such as routers, switches, and servers) connect.
ALU (Arithmetic Logic Unit)
The part of the central processing unit that performs arithmetic computations and logical operations.
Physical Topology
The physical arrangement of connections between computers.
topology
The physical layout of computers on a network.
network topology
The physical topology of a network refers to the configuration of cables, computers, and other peripherals.
connectors
The pieces of hardware that connect the wire to the network device, be it a file server, workstation, switch, or printer.
conduit
The pipeline used to contain and protect cabling. It is usually made from metal.
patch management
The planning, testing, implementing, and auditing of patches.
demarcation point (demarc)
The point of division between a telecommunications service carrier's network and a building's internal network. The point in a telephone network where the maintenance responsibility passes from a telephone company to a subscriber (unless the subscriber purchased an inside wiring plan). This demarc is typically a box mounted to the outside of a customer's building (for example, a residence).
Hypervisor
The portion of virtual machine software that allows multiple virtual operating systems (guests) to run at the same time on a single computer.
Risk
The possibility of a malicious attack or other threat causing damage or downtime to a computer system.
Cryptography
The practice and study of hiding information. A way to store and transmit data so only the intended recipient can read or process it
vulnerability management
The practice of finding and mitigating software vulnerabilities in computers and networks.
information assurance
The practice of managing risks that are related to computer hardware and software systems.
due process
The principle that an organization must respect and safeguard personnel's rights.
sequencing
The process of assigning a placeholder to each piece of a data block to allow the receiving node's Transport layer to reassemble the data in the correct order.
network address translation (NAT)
The process of changing an IP address while it is in transit across a router. This is usually so one larger address space (private) can be remapped to another address space, or single IP address (public). - An internet standard which connects the internet to a private network while maintaining privacy. - This is used to translate one IP addressing system with another that is not necessarily compatible.
Systems Development Life Cycle (SDLC)
The process of creating systems and applications, and the methodologies used to do so.
security posture
The risk level to which a system, or other technology element, is exposed.
residual risk
The risk that is left over after a security and disaster recovery plan have been implemented.
Steganography
The science (and art) of writing hidden messages; it is a form of security through obscurity. Conceals data (the message) in another file such as a graphic, audio, or other text file
Data Link layer
The second layer in the OSI model. This layer bridges the networking media with the Network layer. Its primary function is to divide the data it receives from the Network layer into frames that can then be transmitted by the Physical layer.
device ID
The second set of six characters that make up a network device's MAC address - contains the device's model and manufacture date.
Network-layer datagram
The segment from the transport layer after the network layer has added an additional header such as the source and destination network addresses
Bluejacking
The sending of unsolicited messages to Bluetooth-enabled devices such as mobile phones and PDAs.
Service model
The services that a layer offers to the layer above
Application layer
The seventh layer of the OSI model. This layer's protocols enable software programs to negotiate formatting, procedural, security, synchronization, and other requirements with the network. Uses messages passed between end systems.
Transport Layer Security (TLS)
The successor to SSL. Provides secure Internet communications. This is shown in a browser as HTTPS.
Presentation layer
The sixth layer of the OSI model. Protocols in this layer translate between the application and the network. Here, data are formatted in a schema that the network can understand, with the format varying according to the type of network used. This layer also manages data encryption and decryption.
Network Management System (NMS)
The software run on one or more servers that controls the monitoring of network attached devices and computers.
Transmission Rate
The speed of a link measured in bits/second. (R)
RJ-11 (registered jack 11)
The standard connector used with unshielded twisted pair cabling (usually Cat 3 or Level 1) to connect analog telephones.
Data Integrity
The state that exists when automated data is the same as that in source documents, or has been correctly computed from source data, and has not been exposed to alteration or destruction. Also refers to the accuracy, consistency, and reliability of data stored in a database
network mapping
The study of physical and logical connectivity of networks.
Network layer
The third layer in the OSI model. Protocols in this layer translate network addresses into their physical counterparts and decide how to route data from the sender to the receiver.
nodal processing delay
The time it takes to process a packet in a network node (router, switch, hub, etc.), which is dependent on the speed of the device and congestion in the network.
Accounting
The tracking of data, computer usage, and network resources, keeping account of what users do, including what they access, the amount of time they access resources, and any changes made. Often it means logging, auditing, and monitoring of the data and resources.
Bluesnarfing
The unauthorized access of information from a wireless device through a Bluetooth connection.
jitter
The uneven arrival of packets.
DDoS (distributed denial of service)
These attacks can increase the amount of traffic flooded to a target system. Specifically, an attacker compromises multiple systems, and those compromised systems, called zombies , can be instructed by the attacker to simultaneously launch a DDoS attack against a target system.
Which of the following is true of Internet hoaxes?
They can be part of a distributed denial-of-service (DDoS) attack.
Importance of Objects
They help code be more understandable They allow more code to be around them They make programming easier They can be used over and over
FTP bounce
This bounce attack uses the FTP
control bus
This bus carries command and control signals to and from every other component of a computer.
E1
This circuit contains 32 channels, in contrast to the 24 channels on a T1 circuit. Only 30 of those 32 channels, however, can transmit data (or voice or video).Specifically, the first of those 32 channels is reserved for framing and synchronization, and the 17th channel is reserved for signaling (that is, to set up, maintain, and tear down a session).
T1
This circuit were originally used in telephony networks, with the intent of one voice conversation being carried in a single channel (that is, a single DS0). This circuit is comprised of 24 DS0s, and the bandwidth of this circuit type is 1.544 Mbps.
CPE (customer premise equipment)
This device resides at a customer site. A router, as an example, can be a CPE that connects a customer with an MPLS service provider.
Separation of Duties (SoD)
This is when more than one person is required to complete a particular task or operation.
warm site
This will have computers, phones, and servers, but they might require some configuration before users can start working on them.
Fetch- Decode- Execute
Three steps to processing instructions that are being currently used
Switch
Use the SWITCH statement when many blocks of code are being executed.
Loops
Use when running the same code over and over again, each time with a different value.
ICMP (Internet Control Message Protocol)
Used by a router to exchange information with other routers
Spam
To indiscriminately send unsolicited, unwanted, irrelevant, or inappropriate messages, especially commercial advertising in mass quantities
link efficiency
To make the most of the limited bandwidth available on slower speed links, you might choose to implement compression or link fragmentation and interleaving (LFI). These QoS mechanisms are examples of link efficiency mechanisms.
Electrostatic discharge (ESD) wrist strap
To prevent static electricity in your body from damaging electrical components on a circuit board, you can wear an ESD wrist strap. The strap is equipped with a clip that you can attach to something with a ground potential (for example, a large metal desk). While wearing the wrist strap, if you have any static buildup in your body, the static flows to the object with a ground potential to which your strap is clipped, thus avoiding damage to any electrical components that you might touch.
Authentication
To verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an information system, or to establish the validity of a transmission
ARPANET
U.S. Department of Defense Project
Which of the following is a best practice for securing your home computer?
Use antivirus software and keep it up to date.
Phishing
Use e-mail or malicious web sites to solicit personal, often financial, information. Attackers may send e-mail seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
copy /v
Verifies that new files are written correctly.
gpresult
Verify policy settings for a computer or user
false positive
When a system authenticates a user who should not be allowed access to the system. For example, when an IDS/IPS blocks legitimate traffic from passing on to the network.
App
a self contained program usually designed for a single purpose
ESS (Extended Service Set)
WLANs containing more than one AP are called ESS WLANs. Like BSS WLANs, ESS WLANs operate in infrastructure mode. When you have more than one AP, take care to prevent one AP from interfering with another. Specifically, nonoverlapping channels (that is, channels 1, 6, and 11 for the 2.4-GHz band) should be selected for adjacent wireless coverage areas.
BSS (Basic Service Set)
WLANs that have just one AP are called BSS WLANs. BSS WLANs are said to run in infrastructure mode, because wireless clients connect to an AP, which is typically connected to a wired network infrastructure. A BSS network is often used in residential and SOHO locations, where the signal strength provided by a single AP is sufficient to service all of the WLAN's wireless clients.
shutdown /s /t nn
Wait nn seconds, then shutdown
ad filtering
Ways of blocking and filtering out unwanted advertisement; popup blockers and content filters are considered to be ad filtering methods.
Algorithms
Well-defined instructions that describe computations from their initial state to their final state.
Which of the following attacks target high ranking officials and executives?
Whaling
Lost
What happens to data when power is lost to RAM
The most important consideration when choosing an operating system is:
What the computer will do
false negative
When a system denies a user who actually should be allowed access to the system. For example, when an IDS/IPS fails to block an attack, thinking it is legitimate traffic.
false rejection
When a biometric system fails to recognize an authorized person and doesn't allow that person access.
congestion management
When a device, such as a switch or router, receives traffic faster than it can be transmitted, the device attempts to buffer (or store) the extra traffic until bandwidth becomes available. This buffering process is called queuing or congestion management.
TCP/IP hijacking
When a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access.
Baiting
When a malicious individual leaves malware-infected removable media, such as a USB drive or optical disc, lying around in plain view.
nonpromiscuous mode
When a network adapter captures only the packets that are addressed to it.
Identification
When a person is in a state of being identified. It can also be described as something that identifies a person such as an ID card.
dumpster diving
When a person literally scavenges for private information (PINs, access codes, CC #s, etc) in garbage and recycling containers.
Eavesdropping
When a person uses direct observation to "listen" in to a conversation.
shoulder surfing
When a person uses direct observation to find out a target's password, PIN, or other such authentication information.
buffer overflow
When a process stores data outside the memory that the developer intended. This could cause erratic behavior in the application, especially if the memory already had other data in it.
risk mitigation
When a risk is reduced or eliminated altogether.
Crosstalk
When a signal transmitted on one copper wire creates an undesired effect on another wire; the signal "bleeds" over, so to speak.
static NAT
When a single private IP address translates to a single public IP address. This is also called one-to-one mapping.
failopen mode
When a switch broadcasts data on all ports the way a hub does.
diversion theft
When a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location.
OFDM (Orthogonal Frequency Division Multiplexing)
While DSSS used a high modulation rate for the symbols it sends, OFDM uses a relatively slow modulation rate for symbols. This slower modulation rate, combined with the simultaneous transmission of data over 52 data streams, helps OFDM support high data rates while resisting crosstalk between the various data streams.
taskkill
Will end a process by using the process id (PID) number or image name.
What is "WIMP"?
Windows, Icons, Menus, Pointer--the fundamental components of GUIs in the days of computers and mice. WIMP replaced command-line, text-input interfaces.
circuit-level gateway
Works at the Session Layer of the OSI model and applies security mechanisms when a TCP or UDP connection is established; they act as a go-between for the Transport and Application Layers in TCP/IP.
Which answer best identifies stand-alone software that does not require a user to assist in its propogation:
Worm
symbol variables
X_local EQU DWORD PTR [ebp - 4] Y_local EQU DWORD PTR [ebp - 8] mySub PROC push ebp mov ebp, esp sub esp, 8 ; reserve space for locals mov X_local, 10 ; x mov Y_local, 20 ; y mov esp, ebp ; remove locals from stack pop ebp ret mySub ENDP
A "copyleft provision" in a software license means:
You must distribute the source to any changes you make
Your company makes a hardware firewall that runs a custom Linux kernel. What are your obligations under GPLv2
You must make the source to your kernel available
constant OFFSETS
[ebp + 8] or [ebp + 12] NOTE: do not use with the PROC USES operator
ICANN (Internet Corporation for Assigned Names and Numbers)
a central organization that coordinates the Internet domain naming system
Chipset
a collection of integrated circuits that manages the data flow between the processor, memory and peripherals.
Zero day attack
a computer attack that tries to exploit software vulnerabilities that are unknown or undisclosed by the software vendor
Volatile Memory
a computer memory that can not retain the stored information when not powered.
Non-Volatile Memory
a computer memory that can retain the stored information even when not powered.
HIPS (Host-Based IPS)
a computer running intrusion prevention software for the purpose of protecting the computer from attacks.
Digital Video Interface (DVI)
a connection interface used between monitors and computers, which supports both digital and analog data or only digital data.
Hard Disk Drive (HDD)
a data storage device comprised of a set of stacked "disks," each of which has data recorded electromagnetically in tracks and sectors on it.
Solid State Drive (SSD)
a data storage device that does not use any movable parts, uses relatively little power, and consist of flash memory chips that store your data.
User defined integrity
a database integrity that state that a set of rules defined by a user which does not belong to one of the other categories
Referential integrity
a database integrity that state that a user cannot delete a record which is related to another user
Domain integrity
a database integrity that state that all data stored in a column must follow the same format and definition
High Definition Multimedia Interface (HDMI)
a digital interface for transmitting audio and video data in a single cable.
Universal Serial Bus (USB)
a fast serial bus providing a plug-and-play interface that allows a computer to communicate with peripheral and other devices.
Internet Key Exchange
a fundamental component of IPsec Virtual Private Networks (VPNs)
Proxy Server
a server that all computers on the local network have to go through before accessing information on the Internet.
MD5 algorithm
a hash function developed by Ron Rivest that produces a 128-bit hash value
varlist
a list of variable definitions, separated by commas, optionally spanning multiple lines
IXP (Internet Exchange Point)
a meeting point where multiple ISPs can peer together
NIPS (Network-Based IPS)
a network appliance dedicated to the purpose of acting as an IPS sensor.
NIDS (Network-Based IDS)
a network appliance dedicated to the purpose of acting as an IDS sensor.
An internet
a network of computer networks
PAN (Personal-area network)
a network whose scale is smaller than a LAN. (ie: a connection between a PC and a digital camera via a USB cable.
SAN (storage area network)
a network-based storage system
Creative Commons
a nonprofit organization that provides free legal tools to change the creator copyright terms from All Right Reserved to Some Rights Reserved
Object-Oriented Programming
a programming language model organized around objects rather than "actions" and data rather than logic
BIOS chip
a read-only memory in which a set of routines is stored, enabling a computer to start the operating system and to communicate with the various devices in the system, such as disk drives, keyboard, monitor, printer, and communications ports.
Repeater(network hardware)
a repeater captures the signal and rebuilds it. It then transmits the rebuilt signal. A repeater can therefore extend the the length of a network since signals from a wire worsen as the distance increases.
Computer Software
a set of instructions that directs the computer in how to complete a task
bit (binary digit)
a single pulse in the digital encoding system. It may have only one of two values: 0 or 1.
Die
a small block of semiconducting material, on which a given functional circuit is fabricated.
Keyboard Logging
a software program that records or logs the keystrokes of the user of the system
Host Intrusion Detection System
a software that runs on a host computer that monitors suspicious activity
Constructor
a special function that gets called automatically when the object of a class is created
NOS (network operating system)
a specialized operating system for a network device such as a router, switch or firewall
NAS (Network Attached Storage)
a storage device connected to a network that allows storage and retrieval of data from a centralized location by authorized network users
recursive subroutine
a subroutine that calls itself, either directly or indirectly
3DES (Triple Data Encryption Algorithm)
a symmetric block cipher with 64-bit block size that uses a 56-bit key, encrypts data three times and uses a different key for at least one of the three passes, giving it a cumulative key size of 112-168 bits
Data Masking
a technology that secures data by replacing sensitive information with a non-sensitive version
von Nuemann architecture
a theoretical design for a stored program computer that serves as the basis for almost all modern computers; consists of a central processor with an arithmetic/logic unit and a control unit, a memory, mass storage, and input and output
Printed Circuit Board (PCB)
a thin board made of fiberglass or other laminate material on which conductive pathways are "printed", connecting different components on the PCB, such as transistors, resistors, and integrated circuits.
Wafer
a thin slice of semiconductor material that serves as the substrate for microelectronic devices.
Plug-In
a third party program that allows your browser to display multimedia-rich, interactive, dynamic content
CISSP
a vendor-neutral certification for those cybersecurity specialists with a great deal of technical and managerial experience
Media
a way to interconnect devices on a network. For example, copper cabling, fiber-optic cable or wireless connections.
Rogue access point
a wireless access point installed on a secure network without explicit authorization
Site License
enables organizations to install software apps on a specific number of computers
Proprietary Software License
allows the publisher to retain ownership of the software, but grants you the right to install the software on your computer
Fair Use
allows, without the permission of the rights holder, the use of brief selections of copyright materials for purposes such as commentary and critism, news reporting, teaching, and research
Video Editors
enables you to modify your digital videos
Shareware
enables you to try out the software application prior to purchase
Open Source Software License
grants ownership of the copy to the end user, and you can redistribute the software and modify it
Physical Access Control
actual barriers deployed to prevent direct contact with systems. The goal is to prevent unauthorized users from gaining physical access to facilities, equipment, and other organizational assets
C calling convention
add a value to ESP equal to the combined sizes of the parameters. Then, ESP will point to the stack location that contains the subroutine's return address. Example1 PROC push 6 push 5 call AddTwo add esp, 8 ;remove arguments from the stack ret Example1 ENDP
reference arguments
addresses of variables
Asymmetric Algorithms
algorithms that use one key to encrypt data and a different key to decrypt data
peer-to-peer network
allow users to share resources and files located on their computers and access shared resources found on other computers. However, they do NOT have a file server or a centralized management source.All computers are considered EQUAL. pros - less initial expense - setup cons - decentralized - security
Remote Code Executions
allows a criminal to execute any command on a target machine
Short Message Service
allows business to send brief electronic text messages to mobile devices
Switch
an Ethernet switch interconnects network components.It is available with a variety of port densities. A switch learns which devices reside off of which ports. As a result, the switch learns where the traffic is destined and forwards the traffic out only the appropriate port, not out all of the other ports.
Double Data Rate (DDR)
an advanced version of SDRAM, which can transfer data twice as fast as regular SDRAM chips. This is because it can send and receive signals twice per clock cycle.
Field Programmable Gate Array (FPGA)
an integrated circuit that can be configured by the user for a specific application after being manufactured.
CAN (Campus -area network)
an interconnection of networks located in nearby buildings. (ie: buildings on a college campus)
Adware protection
antimalware program that blocks the IP addresses of known phishing websites and warns the user about suspicious sites
Antivirus protection
antimalware program that continuously monitors for viruses
Spyware protection
antimalware program that scans for keyloggers and other spyware
Propagation Delay
any delay in communications from signal transmission time through a physical medium
Spyware
any software using someone's Internet connection in the background without their knowledge or explicit permission. These applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that majority of shareware and freeware do not come with this. Once installed, this monitors user activity on the Internet and transmits that information in the background to someone else. IT can also gather information about e-mail addresses and even passwords and credit card numbers.
label
any valid identifier (used with the LOCAL directive)
Using the Command Prompt, what does a "tree" do?
graphically displays the directory structure of a drive or a path.
Peripheral
anything that will connect to the outside of the computer, they can be input and output, depending on the device.
Application resilience
application's ability to react to problems in one of its components while still functioning
paramName
arbitrary name you assign to the parameter . It's scope is current and local. (used with the PROC directive, parameterList)
Vector Graphics
are maths-based graphics
Black Hat Attackers
are unethical criminals who violate computer and network security for personal gain, or for malicious reasons, such as attacking networks
modules
assembled units of divided up programming. Each is assembled independently, so a change to one's source code only requires reassembly the single file.
Per seat license
assigns a product key to individual users
TDoS (telephony denial of service)
attack that uses phone calls against a target telephone network tying up the system and preventing legitimate calls from getting through
Biometrics
automated methods of recognizing an individual based on a physiological or behavioral characteristic
Public Domain
works that are not restricted by copyright; they are owned by the public and can be freely used
Stripping
writes data across multiple drives
Central Processing Unit (CPU)
considered the brain of a computer, which carries out the processing of tasks and instructions in the computer.
Vulnerability Brokers
grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards
Hacktivists
grey hat hackers who rally and protest against different political and social ideas
Examples of Storage Devices
hard drive, optical drive, flash drive...
symmetric encryption
both the sender and receiver of a packet use the same key (a shared key ) for encryption and decryption.
White Hat Attackers
break into networks or computer systems to discover weaknesses in order to improve the security of these systems
SMTP (Simple Mail Transfer Protocol) Session Hijacking
by gaining access to a list of e-mail addresses a person can send spam to thousands of users
File access control
consists of permissions that limit folder or file access for an individual or for a group of users
Volume licensing
you are able to purchase multiple installations of the application using the same product key
unidirectional antenna
can focus their power in a specific direction, thus avoiding potential interference with other wireless devices and perhaps reaching greater distances than those possible with omnidirectional antennas. One application for unidirectional antennas is interconnecting two nearby buildings.
IPS (Intrusion Prevention System)
can recognize the signature of a well-known attack and respond to stop the attack. This device resides in-line with the traffic flow, unlike an IDS sensor. Analyzes the contents and the payload of the packets for more sophisticated embedded attacks that might include malicious data
System resiliency
capability to maintain availability of data and operational processing despite attacks or disrupting event
Cat 6e (Enhanced Category 6)
capable of a 550-MHz signaling rate and can reliably transmit data at multi-gigabit per second rates.
read operation
capable of being displayed (read); operating systems also allow you to protect objects with a read-only attribute that prevents other users from modifying the object
write operation
capable of being modified (written to)
Reduced Instruction Set Computer (RISC)
computers designed with a reduced set of computer instructions that includes only the most frequently used instructions so that the computer would get more work done in a shorter amount of time for most applications.
terminating condition
condition that terminates a recursive routine when it becomes true
DB-25
connector A type of connector with 25 pins that's commonly used in serial communication that conforms to the RS-232 standard.
Multimedia
content that integrates text and media
Software License
contract that gives you the right to install and use a software application on one or more computers
Database Management System
controls how collections of data are stored, organized, retrieved, and secured
copy
copy's dir/folder into new location
NIST (National Institute of Standards and Technology)
created a framework for companies and organizations in need of cybersecurity professionals
output parameter
created when a calling program passes the address of a variable to a procedure. The procedure uses the address to locate and assign data to the variable.
merge PROC LOCAL pArray: PTR WORD
declare a procedure named merge that contains a local variable, pArray, of type PTR WORD using the LOCAL directive
merge PROC LOCAL tempArray[10]: DWORD
declare a procedure named merge that contains a local variable, tempArray, of type DWORD using the LOCAL directive
mySub PROC LOCAL var1: BYTE
declare a procedure named mySUb that contains a local variable named var1 of type BYTE using the LOCAL directive
mySub PROC enter 8, 0
declare a procedure that reserves 8 bytes of stack space for local variables using the ENTER instruction and returns to the caller similar to: mySub PROC push ebp mov ebp, esp sub esp, 8 mov esp, ebp pop ebp ret mySub ENDP
input parameter
data passed by a calling program to a procedure. The called procedure is not expected to modify the corresponding parameter variable, and even if it does, the modification is confined to the procedure itself.
CRM (Customer relationship management)
database system that tracks interactions with with a customer and is valuable to gain information about marketing, sales, and customer service
bubbleSort PROC LOCAL temp: DWORD, swapFlag: BYTE
declare a procedure named bubbleSort that contains two local variables, temp and swapFlag, of types, DWORD and BYTE, using the LOCAL directive
Example3 PROC LOCAL temp:DWORD mov eax, temp ret Example3 ENDP
declare a procedure named example3 using the LOCAL directive and dword variable named temp similar to: Example3 PROC push ebp mov ebp, esp add esp, OFFFFFFFCh ; add -4 to ESP mov eax, [ebp - 5] leave ret Example3 ENDP
read_File PROC USES eax ebx, pBuffer:PTR BYTE LOCAL fileHandle:DWORD mov esi, pBuffer mov fileHandle, eax ret read_File ENDP
declare a procedure the simplifies the following code (there may be more than one way to perform this task, only one can be exampled here): read_File PROC push ebp mov ebp, esp add esp, 0FFFFFFCh ; create fileHandle push eax ; save EAX push ebx ; save EBX mov esi, dword ptr [ebp+8] ; pBuffer mov dword ptr [ebp-4], eax ; fileHandle pop ebx pop eax leave ret 4 read_File ENDP
ArraySum PROTO, ptrArray:PTR DWORD, szArray:DWORD
declare the PROTO statement for the following PROC statement: ArraySum PROC USES esi ecx, ptrArray: PTR DWORD, szArray: DWORD
dedicated leased line
dedicated leased line A logical connection interconnecting two sites. This logical connection might physically connect through a service provider's facility or a telephone company's central office. The expense of this line is typically higher than other WAN technologies offering similar data rates, because with this line, a customer does not have to share bandwidth with other customers.
INVOKE swap, ADDR array, ADDR [array + 4]
define an INVOKE instruction to replace the following lines of code: push OFFSET array+4 push OFFSET array call swap
INVOKE DumpArray, OFFSET array, LENGTHOF array, TYPE array
define an INVOKE instruction to replace the following lines of code: push TYPE array push LENGTHOF array push OFFSET array call DumpArray
Client
defines the device an end-user uses to access a network or request data stored on a server. (ie: a workstation, laptop, smartphone, with wireless capabilities, a tablet, or a variety of other end-user terminal devices.)
State Sponsored Hackers
depending on a person's perspective, these are either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks
Shuffling
derives a substitution set from the same column of data that a user wants to mask. This technique works well for financial information in a test database, for example
LOCAL
directive to substitute for the ENTER instruction. Declares one or more local variables by name, assigning them size attributes. If used, must appear on the line immediately following the PROC directive.
STACK
directive used to reserve space for the runtime stack (Irvine32.inc library file)
Full-mesh Topology
directly connects every site to every other site in the network.
nestinglevel
determines the number of stack fram pointers copied into the current stack frame from the stack frame of the calling procedure.
WPA (Wi-Fi Protected Access)
developed its own security standard to address the weaknesses of Wired Equivalent Privacy (WEP). This new security standard was called Wi-Fi Protected Access (WPA) version 1. Secure communication that provides message integrity checks (MIC). - Provides encryption via TKIP. - Can use both pre-shared key or 802.1x for authenticating connection.
PROTO
directive that creates a prototype for an existing procedure. Declares a procedure's name and parameter list. It allows you to call a procedure before defining it and to verify that the number and types of arguments match the procedure definition. Must be used to utilize the INVOKE directive. - use the PROC statement to create - Change the word PROC - Remove the USES operator if any, along with its register list.
INVOKE
directive that pushes arguments on the stack (in the order specified by the MODEL directive's language specifier) and calls a procedure. Replaces the call instructions and allows you to pass multiple arguments using a single line of code. - passing arguments smaller than 32 bits to frequently causes the assembler to overwrite EAX and EDX when it widens the arguments before pushing them on the stack. - avoid proceeding behavior by saving and restoring EAX and EDX before and after the procedure call.
Sound Files
enables delivery of software applications over the Internet rather than storing them on your local computer
3D Spreadsheets
enable you to link multiple worksheets together
Fault tolerance
enables a system to continue to operate if one or more components fail
N+1 Redundancy
ensures system availability in the event of a component failure
Domain Name
follows the protocol and represents the company, product, or person represented by the webpage
gpupdate
force a group policy update
Help and Command (Dir or Chkdsk)
gives information about command
Top Level Domain
gives you an idea of what type of site you are accessing
Discretionary Access Control
grants or restricts object access determined by the object's owner
Logical Access Control
hardware and software solutions used to manage access to resources and systems. These technology-based solutions include tools and protocols that computer systems use for identification, authentication, authorization, and accountability
plugs
has an insulated case and is used to connect the cable from an appliance to a socket.
Methods used to ensure data integrity
hashing, data validation checks, data consistency checks, and access controls
Advanced threat intelligence
helps organizations detect attacks during one of the stages of the cyber attacks and sometimes before with the right information
Ransomware
holds a computer system or the data it contains captive until the target makes a payment
Utilities disruptions
human caused disaster that include power failures, communication outages, fuel shortages, and radioactive fallout
numbytes
immediate value, always rounded up to a multiple of 4 to keep EXP on a doubleword boundary
argument types used with INVOKE
immediate value, integer expression, variable, address expression, register, ADDR name, OFFSET name
Containment Eradication and Recovery
include the intermediate actions performed such as disconnecting a system from the network to stop the information leak
Securely Provision
includes conceptualizing, designing, and building secure IT systems
Collect and Operate
includes specialized denial and deception operations and the collection of cybersecurity information
Protect and Defend
includes the identification, analysis, and mitigation of threats to internal systems and networks
Format
initialize or erase everything on a partition, put brand new file system on a partition.
LEA (Load Effective Address)
instruction that returns the effective address of an indirect operand.
LEAVE
instruction that terminates the stack frame for a procedure. It reverses the action of a previous ENTER instruction by restoring ESP and EBP to the values they were assigned when the procedure was called
LAN (Local-area network)
interconnects network components within a local region. (ie: within a building.) Generally a home of office network
Web Browsers
interpret the HTML that is stored on webpage and display the contents
Mitigation
involves reducing the severity of the loss or the likelihood of the loss from occurring
Synchronous Online Communication
involves two or more people who are communicating simultaneously in real time
ARP (Address Resolution Protocol) poisoning
is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets
CSMA/CA (Carrier Sense Multiple Access / Collision Avoidance)
is needed for WLAN connections, because of their half-duplex operation. A WLAN device listens for a transmission on a wireless channel to determine if it is safe to transmit. Additionally, the collision-avoidance part of the CSMA/CA algorithm causes wireless devices to wait for a random back-off time before transmitting.
Add-On
is specific to a type of browser and adds functionality to the browser
Simplicity
mitigation strategy that includes a secure solution which should be simple on the inside, but complex outside
Diversity
mitigation strategy that includes an organization using different encryption algorithms or authentication systems to protect data in different states
Obscurity
mitigation strategy that includes concealing certain type of information by making it more difficult for cyber criminals to attack a system
Layering
mitigation strategy that includes creating a barrier of multiple defenses that coordinates together to prevent attacks
Limiting
mitigation strategy that includes limiting access to data and information by reducing the possibility of a threat
Examples of Output Devices
monitor, printer, speakers, headphones
.. - shortcut to CD and path
moves back one directory from where you currently are.
RD
remove directory example: C:\Users\administrator>rd temp
Substitution
replaces data with authentic-looking values to apply anonymity to the data records
IOS resilience
resilient design that allows for faster recovery if someone maliciously or unintentionally reformats flash memory or erases the startup configuration file
Recovery Control
restore resources, functions, and capabilities after a violation of a security policy. These controls can repair damage, in addition to stopping any further damage. These controls have more advanced capabilities over corrective access controls.
Corrective Control
restore the system back to a state of confidentiality, integrity, and availability. They can also restore systems to normal after unauthorized activity occurs
Qualitative risk analysis
risk analysis approach that uses opinions and scenarios
Gateway Load Balancing Protocol (GLBP)
router redundancy option that protects data traffic from a failed router or circuit while also allowing load balancing/sharing between a group of redundant routers
HSRP
router redundancy option that provides high network availability by providing first hop routing redundancy
VRRP (Virtual Router Redundancy Protocol)
router redundancy option when the elected router is the virtual router master, and the other routers acts as backups, in case the virtual router master fails
Web Apps
run in business, so they are platform-neutral, and will run on any device with a supported browser and Internet access
SCP (secure copy protocol)
securely transfers computer files between two remote systems
Packet Switches
takes a packet arriving on one of its incoming communication links and forwards that packet on one of its outgoing communication links. EX Routers, Link-layer switches
Script Kiddies
teenagers or hobbyists mostly limited to pranks and vandalism, have little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
New Laws
the ISACA (Information Systems Audit and Control Association) group track law enacted related to cyber security
Vulnerability Database
the National Common Vulnerabilities and Exposures (CVE) database is an example of
Integrity
the accuracy, consistency, and trustworthiness of data during its entire life cycle
Throughput
the actual speed of data transfer that is achieved
Transmission Delay
the amount of time required to push all of the packet's bits into the link (L/R)
prologue
the beginning of a function consisting of statements that save the EBP register and point EBP to the top of the stack, OR push certain registers on the stack whose values will be restored when the function returns.
Integrated Circuits (IC)
the integration of large numbers of tiny electronic circuits into a small chip.
Motherboard
the main circuit board of your computer which hosts the CPU, the chipset, BIOS chip, RAM expansion slots, PCI slots, and USB ports etc.
Access Network
the network that physically connects an end system to the first router (also known as the "edge router") on a path from the end system to any other distant end system.
Clock Speed
the operating speed of a computer or its microprocessor. It is measured in a unit called Hertz (Hz), which is the number of clock cycles per second.
Read Only Memory (ROM)
the portion of a computer's primary storage that does not lose its contents when one switches off the power; a type of non-volatile memory on which data can only be read but not written to.
Cybersecurity Threat
the possibility that a harmful event, such as an attack, will occur
recursion
the practice of calling recursive subroutines. - linked lists - connected graphs - careful not to create endless loop
Availability
the principle used to describe the need to maintain availability of information systems and services at all times, so that data is obtainable regardless of how information is stored, accessed, or protected
telecommunications closet Also known as a "telco room,"
the space that contains connectivity for groups of workstations in a defined area, plus cross-connections to IDFs or, in smaller organizations, an MDF. Large organizations may have several of it per floor, but the TIA/EIA standard specifies at least one per floor.
NetFlow
the standard for collecting operational data from networks
Cryptology
the study of codes, or the art of writing and solving them
Clock Cycle
the time between two adjacent pulses of the oscillator, during which a CPU can perform a basic operation such as fetching an instruction, accessing memory, or writing data.
Data Obfuscation
the use and practice of data masking and steganography techniques in the cybersecurity and cyber intelligence profession. the art of making the message confusing, ambiguous, or harder to understand
Symmetric Algorithms
these algorithms use the same pre-shared key, sometimes called a secret key pair, to encrypt and decrypt data
Elliptic Curve Cryptography (ECC)
uses elliptic curves as part of the algorithm. In the U.S., the National Security Agency uses it for digital signature generation and key exchange
Boolean Search
uses logical operators such as AND, OR, and NOT to link the words you are searching for
MIMO (Multiple Input Multiple Output)
uses multiple antennas for transmission and reception. These antennas do not interfere with one another, thanks to MIMO's use of spatial multiplexing, which encodes data based on the antenna from which the data will be transmitted. Both reliability and throughput can be increased with MIMO's simultaneous use of multiple antennas.
RAID (Redundant Array of Independent Disks)
uses multiple hard drives in an array which is a method of combining multiple disks so that the operating system sees them as a single disk
Sneaker net
uses removable media to physically move data from one computer to another
ElGamal
uses the U.S. government standard for digital signatures. This encryption algorithm is free to use because no one holds the patent
Wireless networks
uses the airwaves to transmit data
Database validation
validation rule checks that data falls within the parameters defined by the database designer
Consistency
validation rule that checks for the consistency of codes in related data items
Range
validation rule that checks that data lies within a minimum and maximum value
Size
validation rule that checks the number of characters in a data item
Check digit
validation rule that provides for an extra calculation to generate a check digit for error detection
value arguments
values of variables and constants
local variables
variables created, used, and destroyed within a single subroutine - only statements within a local variable's enclosing subroutine can view or modify the variable, preventing program bugs caused by modifying variables - storage space used by local variables is released when the subroutine ends - local variables from different subroutines can have the same name without a name clash - essential when writing recursive subroutines, as well as subroutines executed by multiple execution threads.
Five nines
when the system and services are available 99,999% of the time
Pretexting
when an attacker calls an individual and lies to them in an attempt to gain access to privileged data
Something for something
when an attacker requests personal information from a party in exchange for something like a gift
Domain Name System
works like a directory, looking up the IP address when you type a domain name