IST 220 Chapter 9
DRDoS (distributed reflector DoS) attack
A DDoS attack bounced off of uninfected computers, called reflectors, before being directed a the target.
amplified DRDoS attack
A DRDoS attack can be amplified when conducted using small, simple requests that trigger very large responses from the target.
honeypot
A decoy system that is purposely vulnerable and filled with what appears to be sensitive (through false) content.
biometrics
A more expensive physical security solution involves bio-recognition access, in which a device scans an individual's unique physical characteristics known as?
Bot
A process that runs automatically, without requiring a person to start or stop it.
Trojan Horse
A program that disguises itself as something useful but actually harms your system.
ransomware
A program that locks a user's data or computer system until a ransom is paid.
worm
A program that runs independently of other software and travels between computers and across networks.
NDA (Non-Disclosure Agreement)
A security policy should also define what confidential and private means to the organization. This is often done through?
DLP (Data Loss Prevention)
A solution that identifies sensitive data on the network and prevents it from being copied.
posture assessment
A thorough examination of each aspect of the network to determine how it might be compromised
vulnerability
A weakness of a system, process, or architecture that could lead to compromised information or unauthorized access to a network.
gray hat hacker
Abide by a code of ethics all their own (might engage into illegal activity but their intent is to educate and assist)
port scanner
An application designed to probe a server or host for open ports which insecure service might be used to craft an attack.
phishing
An electronic communication that appears to come from a legitimate person or organization and requests access or authentication information.
unauthenticated
Attacker begins on the perimeter of the network, looking for vulnerabilities that do not require trusted user privileges
authenticated
Attacker is given same access as a trusted user would have
device hardening
Besides securing network devices from external tampering, you can take many steps to secure the device from network -or software-supported attacks as well. These practices are called?
DNS poisoning
By altering DNS records on a DNS server, an attacker can redirect Internet traffic from a legitimate web server to a phishing website.
Polymorphism
Change characteristics every time they transfer to new system
Metasploit
Combines known scanning and exploit techniques to explore potentially new attack routes
PDoS (permanent denial of service) attack
Damages a device's firmware beyond repair. This is also called "bricking" because it turns the device into a brick.
Nmap
Designed to scan large networks, provides information about network and hosts, and its free to download
stealth
Disguised as legitimate programs
black hat hacker
Groups or individuals that cause damage, steal data, or compromise privacy
dictionary attack
Hackers can use programs that try a combination of your user ID and every word in a dictionary to gain access to the network.
white hat hacker
IT security experts hired by organizations to identify security vulnerabilities
security audit
If the company is accredited by an agency that sets network security standards, the assessment qualifies as a?
DHCP snooping
In which any switch ports connected to clients are not allowed to transmit DHCP messages that should only come from a trusted DHCP server.
CCTV (closed circuit television)
Many IT departments use video surveillance systems called?
Nessus
Performs more sophisticated scans than Nmap
cipher locks
Physical or electronic locks that require a code to open the door, which can reduce the inherent risk of lost keys.
time dependence
Programmed to activate on particular date
back doors
Security flaws that allow unauthorized users to gain access to the system.
honeynet
Several honeypots connected together
hacker
Someone who masters the inner workings of computer hardware and software in an effort to better understand them.
exploit
The act of taking advantage of vulnerability is known as?
deauth (deauthentication) attack
The attacker sends these faked deauthentication framers to the AP, the client, or both to trigger the deauthentication process and knock one or more clients off the wireless network.
BYOD (bring your own device)
The practice of allowing users to use their own personal devices to connect to an organizational network.
Penetration Testing
This attack simulation uses various tools to find network vulnerabilities, as in vulnerability scanning, and then attempts to exploit those vulnerabilities.
Vulnerabilities Scanning
This technique is used to identify vulnerabilities in a network.
encryption
To prevent detection
hashing
To transform data through an algorithm that generally reduces the amount of space needed for the data
ARP poisoning
When attackers use faked ARP replied to alter ARP tables in the network.
DDoS attack (Distributed Denial of Service attack)
Whereas a DoS attack comes from one or a few sources owned by the attacker, this attack are orchestrated through many sources.
MDM (mobile device management)
Works with all common mobile platforms and their service providers, and can add or remove devices remotely.
virus
a program that replicates itself with the intent to infect more computers. either through network connects when it piggybacks on other files or through the exchange of external storage devices.
PUA (privileged user agreement)
addresses the specific concerns related to privileged access given to administrators and certain support staff.
Asset tracking tags
can be used to monitor the movement and condition of equipment, inventory, and people.
smart cards
electronic access badges
AUP (Acceptable Use Policy)
explains to users what they can and cannot do while accessing a network's resources.
Quid pro quo-free
gift or service is offered in exchange for private information or temporary access to user's computer.
FTP bounce
hackers take advantage of this insecure protocol.
Social Engineering
hackers use their social skills to trick people into revealing access credentials or other valuable information
badge
identifies the person by name and perhaps includes a photo, title, and other information.
security policy
identifies your security goals, risks, levels of authority, designated security coordinator, and team members.
baiting
malware infected file, such as music download, or USB left unguarded so malware will infect users computer
Principle of Least Privilege
meaning employees and contractors are only given enough access and privileges to do their jobs, and these privileges are terminated as soon a person no longer needs them.
Hashing
means to transform data through an algorithm that generally reduces the amount of space need for the data.
DoS attack (Denial of Service attack)
occurs when a legitimate user is unable to access normal network resources, such as a web server, because f an attacker's interventions.
zero-day exploit
one that takes advantage of a software vulnerability that hasn't yer or has only very recently become public.
key fob
provides remote control over locks and security systems.
malware
refers to any program or piece of code designed to intrude upon or harm a system or its resources.
MitM (man in the middle) attack
relies on intercepted transmissions and can take several forms.
Rogue DHCP Server
running on a clients device, however, could be used to implement a MitM attack by configuring the attacker's IP address as the victims computers' default gateway.
tamper detection
sensors on these devices can detect physical penetration, temperature extremes, input voltage variations, input frequency variations, or certain kinds of radiations.
data breach
the implications of unauthorized access or use of sensitive data.
SHA (Secure Hash Algorithm)
the most commonly used hashing algorithm today is some form of?
privileged user account
the most privileged of these account types is called?