CSC-285 Exam #1
Evil Twin
An attack in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit.
Logging the Event
A passive method of threat response, acknowledges the threat but does nothing to stop it.
RFC (Request For Comment)
A document used to propose a new standard.
DLP (Data Loss Prevention)
Attempts to detect exfiltration of data.
Brute Force
Method of code breaking that tries every possible combination of characters in an attempt to 'guess' the password or key.
Quantum Cryptography
Method of cryptography that uses a sequence of photons to represent the encrypted data.
Dual-Homed
Servers or computers that have two NIC cards, each connected to separate networks.
MAC (Message Authentication Code)
The MAC is derived from the message itself using an algorithm.
Attack Surface
The area of an application that is available to users.
Hardening
The process of making a computing environment more secure from attacks and intruders.
IEEE 802.11
The standard that Wireless Ethernet conforms to.
NSA (National Security Agency)
U.S. government agency responsible for creating and breaking codes.
IDS (Intrusion Detection System)
Used to monitor a network for suspect activity.
ISMS (Information Security Management System)
A broad term that applies to a wide range of systems used to manage information security.
SHA (Secure Hash Algorithm)
A hashing algorithm that uses a 160-bit hash value.
Whitelist
A list of applications that are allowed on a given computer or network.
Hotfix
A repair made while the system being repaired remains in operation.
Shibboleth
A single sign-on system used widely on the internet.
MAC (Mandatory Access Control)
A static model that uses predefined access privileges for resources that are assigned by the administrator.
3DES
A symmetric key encryption algorithm, uses same key for encryption and decryption.
Honey Pot
A system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the 'victim' will learn their attack methods without compromising a live system.
Spoofing
A type of attack that occurs when an attacker pretends to be a legitimate client, using information it has gained from a legitimate client.
SDN (Software-Defined Network)
When the entire network, including all security devices, is virtualized.
DAC (Discretionary Access Control)
Allows the owner of a resource to grant privileges to information they own.
ESP (Encapsulating Security Payload)
An IPsec header used to provide a mix of security services in IPv4 and IPv6.
APT (Advanced Persistent Threat)
Any sophisticated series of related attacks taking place over an extended period of time.
Kerberos
Uses a key distribution center (KCD).
Clickjacking
Uses multiple transparent or opaque layers to trick a user into clicking a button or link on another page when they had intended to click on the top page.
AES (Advanced Encryption Standard)
Based on the Rijndael encryption algorithm.
Substitution Cipher
Cryptographic method that replaces one character with another from a 'match-up list' to produce the ciphertext.
Host
Any device on a network with an IP address.
Disassociation
An attack in which the intruder sends a frame to the AP with a spoofed address to make it look like it came from the victim and disconnects them from the network.
IETF (Internet Engineering Task Force)
An organization tasked with developing standards for, and tries to improve, the internet.
CA (Certificate Authority)
An organization that is responsible for issuing, revoking, and distributing certificates.
CAST
Encryption algorithm that uses a 40- to 128-bit key and is used on many products from Microsoft and IBM.
Operational Security Issue
Concerned with the ability of the operating system to perform a specified function.
VPN (Virtual Private Network)
Connects two private networks together securely.
PKI (Public Key Infrastructure)
Contains 4 components: certificate authority (CA), registration authority (RA), RSA, and digital certificates.
Packet Filter
Examine each incoming (and usually outgoing) packet then pass or discard it based on a defined list of applications or TCP or UDP port numbers.
Firewalls
Front-line defense devices for networks that are connected to the internet.
RBAC (Role-Based Access Control)
Grants rights or privileges to a user based on their job function or position held.
Stateful Inspection
Inspections that occur at all levels of the network and provide additional security using a state table that tracks every communications channel.
Type II Hypervisor Model
Needs the operating system to be up and cannot boot until it is.
4 Cloud Delivery Models
Private, public, community, and hybrid.
Backdoor
Programs or services that system designers use to bypass security.
Routing Protocols
RIP, OSPF, IGRP, EIGRP, BGP
3 Cloud Service Models
SaaS, PaaS, and IaaS.
Application
The layer of the TCP/IP model that HTTP functions at.
Host-to-Host
The layer of the TCP/IP model that the TCP protocol functions.
NIST (National Institute of Standards and Technology)
U.S. government agency that publishes lists of known vulnerabilities in operating systems.
ICMP
Used for carrying error, control, and informational packets between hosts. It is not a routing protocol.
Secure MIME
Used to encrypt e-mail communications.
SSL (Secure Socket Layer)
Encryption method that allows a secure TCP-level connection between two machines.