Network+ Guide to Networks (8th Ed) - Chapter 9 Key Terms

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

rogue DHCP server

A DHCP service running on a client device that could be used to implement a MitM attack by configuring the attacker's IP address as the victim computers' default gateway or DNS server.

DRDoS attack

A DoS attack bounced off of uninfected computers, called reflectors, before being directed at the target.

asset tracking tag

A barcode or wireless-enabled transmitter used to track the movement or condition of equipment, inventory, or people.

honeypot

A decoy system isolated from legitimate systems and designed to be vulnerable to security exploits for the purposes of learning more about hacking techniques or nabbing a hacker in the act.

key fob

A device or app that provides remote control over locks and security systems.

security policy

A document or plan that identifies an organization's security goals, risks, levels of authority, designated security coordinator and team members, responsibilities for each team member, and responsibilities for each employee. In addition, it specifies how to address security breaches.

badge

A form of identification that includes the person's name and perhaps a photo, title, or other information.

SHA

A hash algorithm originally designed by the NSA to eliminate the inherent weaknesses of the older MD5 hash. The most recent iteration is ___-3, developed by private designers for a public competition in 2012.

logic bomb

A malicious program designed to start when certain conditions are met.

honeynet

A network of honeypots.

cipher lock

A physical or electronic lock requiring a code to open the door.

phishing

A practice in which a person attempts to glean access or authentication information by posing as someone who needs that information.

penetration testing

A process of scanning a network for vulnerabilities and investigating potential security flaws.

malware

A program or piece of code designed to intrude upon or harm a system or its resources.

ransomware

A program that locks a user's data or computer system until a ransom is paid.

virus

A program that replicates itself to infect more computers, either through network connections when it piggybacks on other files or through exchange of external storage devices, such as USB drives, passed among users. Viruses might damage files or systems or simply annoy users.

DHCP snooping

A security feature on switches whereby DHCP messages on the network are checked and filtered.

Principle of Least Privilege

A security measure that ensures employees and contractors are only given enough access and privileges to do their jobs, and these privileges are terminated as soon as the person no longer needs them.

insider threat

A security risk associated with someone who is or was trusted by an organization, such as an employee, former employee, contractor, or other associate.

back door

A software security flaw that can allow unauthorized users to gain access to a system.

dictionary attack

A technique in which attackers run a program that tries a combination of a known user ID and, for a password, every word in a dictionary to attempt to gain access to a network.

vulnerability scanning

A technique to identify vulnerabilities in a network, with or without malicious intent.

CCTV

A video surveillance system that monitors activity in secured areas.

vulnerability

A weakness of a system, process, or architecture that could lead to compromised information or unauthorized access to a network.

privileged User Account

An administrative account on a device or network that gives high-level permissions to change configurations or access data.

security audit

An assessment of an organization's security vulnerabilities performed by an accredited network security firm.

posture assessment

An assessment of an organization's security vulnerabilities.

DoS attack

An attack in which a legitimate user is unable to access normal network resources because of an attacker's intervention. Most often, this type of attack is achieved by flooding a system with so many requests for services that it can't respond to any of them.

FTP bounce

An attack in which an FTP client specifies a different host's IP address and port for the requested data's destination. By commanding the FTP server to connect to a different computer, a hacker can scan the ports on other hosts and transmit malicious code.

ARP poisoning

An attack in which attackers use fake ARP replies to alter ARP tables in a network.

DDoS attack

An attack in which multiple hosts simultaneously flood a target host with traffic, rendering the target unable to function.

amplified DRDoS attack

An attack instigated using small, simple requests that trigger very large responses from the target. DNS, NTP, ICMP, LDAP, and SNMP lend themselves to being used in these kinds of attacks.

PDoS attack

An attack on a device that attempts to alter the device's management interface to the point where the device is irreparable.

deauth attack

An attack on a wireless network in which the attacker sends faked deauthentication frames to the AP, the client, or both (or as a broadcast to the whole wireless network) to trigger the deauthentication process and knock one or more clients off the wireless network.

DNS poisoning

An attack that alters DNS records on a DNS server, thereby redirecting Internet traffic from a legitimate web server to a phishing website.

MitM attack

An attack that relies on intercepted transmissions. It can take one of several forms, but in all cases a person redirects or captures secure data traffic while in transit.

zero-day exploit

An attack that takes advantage of a software vulnerability that hasn't yet or has only very recently become public.

smart card

An electronic access badge.

exploit

In the context of network security, the act of taking advantage of a vulnerability.

device hardening

Preventive measures that can be taken to secure a device from network- or software-supported attacks.

tamper detection

Sensors that can detect physical penetration, temperature extremes, input voltage variations, input frequency variations, or certain kinds of radiation.

MDM (mobile device management)

Software that automatically handles the process of configuring wireless clients for network access.

port scanner

Software that searches a server, switch, router, or other device for open ports, which can be vulnerable to attack.

motion detection

Technology that triggers an alarm when it detects movement within its field of view.

social engineering

The act of manipulating social relationships to circumvent network security measures and gain access to a system.

NDA

The part of a security policy that defines what confidential and private means to the organization.

AUP (acceptable use policy)

The portion of a security policy that explains to users what they can and cannot do while accessing a network's resources, and penalties for violations. It might also describe how these measures protect the network's security.

BYOD

The practice of allowing people to bring their smartphones, laptops, or other technology into a facility for the purpose of performing work or school responsibilities.

hashing

The transformation of data through an algorithm that generally reduces the amount of space needed for the data. This is mostly used to ensure data integrity—that is, to verify the data has not been altered.

hacker

Traditionally, a person who masters the inner workings of computer hardware and software in an effort to better understand them. More generally, an individual who gains unauthorized access to systems or networks with or without malicious intent.

data breach

Unauthorized access or use of sensitive data.

biometrics

Unique physical characteristics of an individual, such as the color patterns in his iris or the geometry of his hand.


Ensembles d'études connexes

Chapter 14: Monopolistic Competition Study Modules

View Set

Weight and Balance & Air Performance (From Class Handouts)

View Set

Chapter 2: The Chemical Orgin of Life

View Set

BIOLOGY - UNIT 5: GENETICS: GOD'S PLAN OF INHERITANCE

View Set

Media Influence- Reinforcement Theory (Joseph Klapper) [Effects Theory-What the media does to audiences]

View Set

chapter 8 INDEPENDENT SAMPLES t TEST

View Set