ICTL

Port Forwarding

- Settings of the router which designates ports to be open for specific services, which then sends it on the the destination. - It allows remote computer to connect to a private computer.

FTP (File Transfer Protocol)

- TCP Port 21 (data port 20) - A format and set of rules for transferring files from a host to a remote computer - Typical usage is to upload files to a web server. - It uses a separate port for data and communications.

SMTP (Simple Mail Transfer Protocol)

- TCP Port 25 - Protocol used to transfer mail between network destinations.

Power over Ethernet

- A option in some devices to provide power to a device through the twisted pair CAT5 connection or higher. - Generally found on a switch based on hardware specifications.

connectionless

A type of Transport layer protocol that services a request without requiring a verified session and without guaranteeing delivery of data.

block cipher

A type of algorithm that encrypts a number of bits as individual units known as blocks.

stream cipher

A type of algorithm that encrypts each byte in a message on at a time.

IPsec

(IP security (IPsec) A type of VPN that provides confidentiality, integrity, and authentication.

IntServ

(Integrated Services) Often referred to as hard QoS, because IntServ can make strict bandwidth reservations. IntServ uses signaling among network devices to provide bandwidth reservations. Resource Reservation Protocol (RSVP) is an example of an IntServ approach to QoS. Because IntServ must be configured on every router along a packet's path, a primary drawback of IntServ is its lack of scalability.

AUP

(acceptable use policy) Identifies what users of a network are and are not allowed to do on that network. For example, retrieving sports scores during working hours via an organization's Internet connection might be deemed inappropriate by an AUP.

Switch

- A central network device to connect devices on the same subnet. Sends packets of data between devices within a network. Switches send packets directly to the correct machine. - Due to a system of logging MAC addresses for devices along the network, information sent from one port will only be forwarded to the receiving port. - Operates in full duplex mode since it has separate channels for sending and receiving.

SC (subscriber connector or standard connector)

- A connector used with single-mode or multimode fiber-optic cable. - Snap-in with 2.5 mm ferrule.

In virtualization, what are the host and guest?

- A guest is a virtual machine - The host is the machine that runs the virtual machines

Unix is:

- A trademark - An operating system

Dynamic IP

- IP address assigned by DHCP server. - This method insures there are no overlapping IP addresses within a network.

Linux is not Unix because:

- It hasn't undergone certification

RJ-11

- Most commonly used twisted pair connector for telephone lines and modems.

MAN (metropolitan area network)

- Much like a WAN, this is a network that covers a geographic area such as a city. - It interconnects multiple LANs for the purpose of shared network throughout the region.

Hybrid Topology

- Network topology which combines the use of multiple topology methods.

Mesh Topology

- Network topology which connects each device with one another. - This type has fault tolerance because if a path is down it can reroute through many others.

Which of the following are examples of a web server?

- Nginx - Apache

What are tradeoffs of increasing the level of privacy you have in your web browser?

- Sites may not work properly - You may have to explicitly permit some cookies to be saved

Router Channels

- Specifies portion of wireless frequencies used for a specific router in order to avoid overlapping and causing connectivity issues, especially when dealing with multiple access points.

POP3 (Post Office Protocol, v3)

- TCP Port 110 - Protocol used to retrieve emails from a mail server. - This protocol typically downloads the email and removes it from the server. It is not preferred if you plan to access the email from multiple devices.

VoIP Phones

- Telephone service that operates over an internet connection rather than through an analog signal.

Cable Internet

- Type of internet service that runs over a cable TV network. - The accepted standard for most internet connections today, as it is reliable and fast.

Which of the following are examples of text editors?

- emacs - pico - vim - nano

IMAP (Internet Message Access Protocol)

-TCP Port 143 - Protocol used to retrieve emails from a mail server. - This protocol allows you to synchronize with the mail server and have updated access from multiple devices.

Advantages of a Computer Network

1. File Sharing 2. Resource Sharing 3. Sharing a single internet connection 4. Increasing storage capacity 5. Inexpensive to operate

Class A

10.0.0.0-10.255.255.255

Kilobyte

1024 bytes

Megabyte

1024 kilobytes

Class B

172.16.0.0-172.31.255.255

Class C

192.168.0.0 - 192.168.255.255

Our responsibility to protect a citizens/soldiers private information stored on an automated information system is outlined in The Privacy Act of ___________.

1974

Byte

8 bits

Secure Sockets Layer (SSL)

A cryptographic protocol that provides secure Internet communications such as web browsing, instant messaging, e-mail, and VoIP.

point-to-point

A data transmission that involves one transmitter and one receiver.

web of trust

A decentralized model used for sharing certificates without the need for a centralized CA.

Security Specifications

A detailed description of the safeguards required to protect a system

Packet Sniffer

A device or program that monitors the data traveling between computers on a network

WAP (Wireless Access Point)

A device that connects to a wired network and provides access to that wired network for clients that wirelessly attach to the (AP) access point.

media converter

A device that enables networks or segments using different media to interconnect and exchange signals.

Power Supply

A device that provides power to a computer.

multiplexer (mux)

A device that separates a medium into multiple channels and issues signals to each of those subchannels.

demultiplexer (demux)

A device that separates multiplexed signals once they are received and regenerates them in their original form.

transceiver

A device that transmits and receives signals.

vampire tap

A device used to add computers to a 10BASE5 network. It pierces the copper conductor of a coaxial cable and can also be used for malicious purposes.

ISDN (Integrated Services Digital Network)

A digital telephony technology that supports multiple 64-kbps channels (known as bearer channels or B channels ) on a single connection. ISDN was popular back in the 1980s for connecting PBXs, which are telephone switches owned and operated by a company, to a telephone company's central office. ISDN has the ability to carry voice, video, or data over its B channels. ISDN also offers a robust set of signaling protocols: Q.921 for Layer 2 signaling and Q.931 for Layer 3 signaling. These signaling protocols run on a separate channel in an ISDN circuit (known as the delta channel , data channel , or D channel ).

hertz (Hz)

A measure of frequency equivalent to the number of amplitude cycles per second.

FM (frequency modulation)

A method of data modulation in which the frequency of the carrier signal is modified by the application of the data signal.

RSA

A public key cryptography, asymmetric encryption algorithm created by Rivest, Shamir, Adleman. It is commonly used in e-commerce. Uses the product of two very large prime numbers with an equal length of between 100 and 200 digits. Browsers use it to establish a secure connection

serial

A style of data transmission in which the pulses that represent bits follow one another along a single transmission line. In other words, they are issued sequentially, not simultaneously.

TIA (Telecommunications Industry Association)

A subgroup of the EIA that focuses on standards for information technology, wireless, satellite, fiber optics, and telephone equipment.

Tree Topology

A tree topology combines characteristics of linear bus and star topologies. It consists of groups of star-configured workstations connected to a linear bus backbone cable. Tree topologies allow for the expansion of an existing network, and enable schools to configure a network to meet their needs. pros - Point-to-point wiring for individual segments. - Supported by several hardware and software venders. cons - Overall length of each segment is limited by the type of cabling used. - If the backbone line breaks, the entire segment goes down.

Layer 2 Tunneling Protocol (L2TP)

A tunneling protocol used to connect virtual private networks. It does not include confidentiality or encryption on its own. It uses port 1701 and can be more secure than PPTP if used in conjunction with IPsec.

Cat 7 (Category 7)

A twisted pair cable that contains multiple wire pairs, each separately shielded then surrounded by another layer of shielding within the jacket. It can support up to a 1-GHz signal rate. But because of its extra layers, it is less flexible than other forms of twisted pair wiring.

Wireless Access Point (WAP)

A wireless transmitter which allows devices with a wireless NIC to connect to a network.

rollover cable

A type of cable in which the terminations on one end are exactly the reverse of the terminations on the other end. It is used for serial connections between routers and consoles or other interfaces.

Unix was originally invented at:

AT&T Bell Labs

Cat

Abbreviation for the word category when describing a type of twisted pair cable.

shutdown /a

Abort the shutdown countdown

CRC (cyclic redundancy check)

An algorithm (or mathematical routine) used to verify the accuracy of data contained in a data frame.

birthday attack

An attack on a hashing system that attempts to send two different messages with the same hash function, causing a collision.

cross-site request forgery (XSRF)

An attack that exploits the trust a website has in a user's browser in an attempt to transmit unauthorized commands to the website.

EMI (electromagnetic interference)

A type of interference that may be caused by motors, power lines, televisions, copiers, fluorescent lights, or other sources of electrical activity.

private key

A type of key that is known only to a specific user or users who keep the key a secret.

public key

A type of key that is known to all parties involved in encrypted transactions within a given group.

Cipher

An algorithm that can perform encryption or decryption.

Temporal Key Integrity Protocol (TKIP)

An algorithm used to secure wireless computer networks; meant as a replacement for WEP.

UPS (Uninterruptable Power Supply)

An appliance that provides power to networking equipment in the event of a power outage.

pop-up blocker

An application or add-on to a web browser that blocks pop-up windows that usually contain advertisements.

Mantrap

An area between two doorways, meant to hold people until they are identified and authenticated.

quantitative risk assessment

An assessment that measures risk by using exact monetary values.

Threat

Any circumstance or event with the potential to adversely impact an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service.

Output Device

Any device that presents data from the computer to the user.

Input Device

Any device used to enter raw information into a computer.

DTE (data terminal equipment)

Any end-user device, such as a workstation, terminal (essentially a monitor with little or no independent data-processing capability), or a console (for example, the user interface for a router).

Sensitive Data

Any information, the loss, misuse, modification of, or unauthorized access to, could affect the national interest or the conduct of Federal programs, or the privacy to which individuals are entitled under Section 552a of Title 5, U.S. Code, but has not been specifically authorized under criteria established by an Executive order or an act of Congress to be kept classified in the interest of national defense or foreign policy.

Replicator

Any program that acts to produce copies of itself. Examples include; a program, a worm, or virus

Five Layers of Internet Model (Protocol Stack)

Application, Transport, Network, Link, Physical

personal firewall

Applications that protect an individual computer from unwanted Internet traffic; they do so by way of a set of rules and policies.

Tier-1 ISP

Are national ISPs that connect together and exchange data at NAPs.

redundant power supply

An enclosure that contains two complete power supplies, the second of which turns on when the first fails.

Pretty Good Privacy (PGP)

An encryption program used primarily for signing, encrypting, and decrypting e-mails in an attempt to increase the security of e-mail communications.

Advanced Encryption Standard (AES)

An encryption standard used with WPA and WPA2. The successor to DES/3DES and is another symmetric key encryption standard composed of three different block ciphers: AES-128, AES-192, and AES-256.

Public Key Infrastructure

An entire system of hardware and software, policies and procedures, and people, used to create, distribute, manage, store, and revoke digital certificates.

Secondary storage

Backing storage- for when data is no longer being actively used.

vulnerability assessment

Baselining of the network to assess the current security state of computers, servers, network devices, and the entire network in general.

The Data Hierarchy Terms across the layers

Bits -> Frames -> Datagrams -> Segments -> Messages

Ports

Blocking or disabling ports of servers that are connected. Maintain the kind of data flow you want to see and close down possible entry points for hackers.

How are Trojan horses, worms, and malicious scripts spread?

By email attachments

Linux is written in:

C

Network Cabling

Cable is the medium through which information usually moves from one network device to another.

route command

Can add, modify, or delete routes in the IP routing table of Microsoft Windows ® and UNIX hosts. Additionally, the route command can be used to view the IP routing table of Microsoft Windows ® hosts.

ARP command

Can be used in either the Microsoft Windows ® or UNIX environment to see what a Layer 2 MAC address corresponds to a Layer 3 IP address.

netstat command

Can display a variety of information about IP-based connections on a Windows or UNIX host.

nslookup command

Can resolve a FQDN to an IP address on Microsoft Windows ® and UNIX hosts.

dig command

Can resolve a FQDN to an IP address on UNIX hosts.

host command

Can resolve a FQDN to an IP address on hosts.

CD

Change into directory or out of directory (aka drills down into a directory folder) example C:\Users\administrator>CD Documents example C:\Users\administrator\documents

Datagram

Chunks from the transport layer segment encapsulated within a network-layer packet

A license where you don't have access to the source code is called:

Closed source

Shared Medium

Coaxial Cable, from sender to multiple recievers

coaxial cable

Coaxial cables have a copper wire running through the middle encased in plastic insulation. - the metal braid acts as a shield against electromagnetic interference. - longer cable - hard to bend

logic bomb

Code that has, in some way, been inserted into software; it is meant to initiate some type of malicious function when specific criteria are met.

Worm

Code that runs on a computer without the user's knowledge; they self-replicate, whereas a virus does not.

xcopy

Command in the command-line interface used to copy multiple directories at once. Not only files but entire directories. -s/ means sub-directory usually used with xcopy to copy all the subdirectory folders within a root directory (along with root directory).

PPPoE (Point-to-Point Protocol over Ethernet)

Commonly used between a DSL modem in a home (or business) and a service provider. Specifically, PPPoE encapsulates PPP frames within Ethernet frames. PPP is used to leverage its features, such as authentication.

Stateful Inspection

Compares certain key parts of the packet to a database of trusted information

CISC

Complex Instruction Set Computer

Browser/ Browser Settings

Configuration strategy to manage the risk associated with active content while still enabling trusted sites

wet pipe sprinkler system

Consists of a pressurized water supply system that can deliver a high quantity of water to an entire building via a piping distribution system.

You receive an email from the Internal Revenue Service (IRS) demanding immediate payment of back taxes of which you were not aware. The email provides a website and a toll-free number where you can make payment. What action should you take?

Contact the IRS using their publicly available, official contact information.

virtual machine (VM)

Created by virtual software; they are images of operating systems or individual applications.

NEXT (near end cross talk)

Cross talk, or the impingement of the signal carried by one wire onto a nearby wire, that occurs between wire pairs near the source of a signal.

CISM (Certified Information Security Manager)

Cybersecurity specialists responsible for managing, developing and overseeing information security systems at the enterprise level

Full Duplex

Data is transmitted via pulsing light sent from a laser or light-emitting diode (LED) through the central fiber (or fibers). Full-Duplex is the two-lanes going both directions at the same time.

Flash memory

Data that is stored permanently but that can be changed.

Ubuntu is derived from which distribution?

Debian

Acceptable usage policies

Define the rules that restrict how a computer, network, or other system may be used

A Mail Transfer Agent's primary purpose is to:

Deliver mail between servers

A maintenance cycle:

Describes how long a version of software will be supported

A release cycle:

Describes how often updates to the software come out

Spear Phishing attacks commonly attempt to impersonate email from trusted entities. What security device is used in email to verify the identity of sender?

Digital Signatures

What is the best protection method for sharing Personally Identifiable Information (PII)?

Digitally sign and encrypt the email.

Certificates

Digitally signed electronic documents that bind a public key with a user identity.

End-to-end connection

Direct, dedicated connection from two end systems.

nbtstat command

Displays NetBIOS information for IP-based networks. The nbt prefix of the nbtstat command refers to NetBIOS over TCP/IP, which is called NBT (or NetBT ). This command can, for example, display a listing of NetBIOS device names learned by a Microsoft Windows ® -based PC. Nessus ® A network-vulnerability scanner available from Tenable Network Security. ®

tasklist

Displays a list of currently running processes on a local or remote machine. Will give the PID, or process ID number-Windows

Security Plan

Document that details the security controls established and planned for a particular system.

chain of custody

Documents who had custody of evidence all the way up to litigation or a court trial (if necessary) and verifies that the evidence has not been modified.

alien cross talk

EMI interference induced on one cable by signals traveling over a nearby cable.

ENTER syntax

ENTER numbytes, nestinglevel

AP (access point) isolation

Each client connected to the AP will not be able to communicate with each other, but they can each still access the Internet.

due diligence

Ensuring that IT infrastructure risks are known and managed.

Physical Medium

Examples of this include twisted-pair copper wire, coaxial cable, multimode fiber-optic cable, terrestrial radio spectrum, and satellite radio spectrum.

A generic term for Open Source and Free Software is:

FLOSS

A server is likely to be running in graphical mode. True or False?

False

To place software under an open source license, you must give up your copyright. True or False?

False

CPU Cache Memory

Fast access memory. More of this means better performance

Ciphertext

Form of cryptoghraphy in which the plaintext is made unintelligible to anyone, who intercepts it by a transformation of the information itself, based on some key

signature-based monitoring

Frames and packets of network traffic are analyzed for predetermined attack patterns. These attack patterns are known as signatures.

permanent DoS (PDoS) attack

Generally consists of an attacker exploiting security flaws in routers and other networking hardware by flashing the firmware of the device and replacing it with a modified image.

honey pot

Generally is a single computer but could also be a file, group of files, or an area of unused IP address space used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network. Specifically, a system designated as a honey pot appears to be an attractive attack target. One school of thought on the use of a honey pot is to place one or more honey-pot systems in a network to entice attackers into thinking the system is real. The attackers then use their resources attacking the honey pot, resulting in their leaving the real servers alone.

Diskpart

Gives access to configure, format or makes changes to existing volumes on PC

security template

Groups of policies that can be loaded in one procedure.

Hardening

Hardening of the operating system is the act of configuring an OS securely, updating it, creating rules and policies to help govern the system in a secure manner, and removing unnecessary applications and services.

cryptographic hash functions

Hash functions based on block ciphers.

Application backdoor

Hidden access that provides some level of control of the program

Back Door

Hidden software or hardware mechanism used to circumvent security controls

Antivirus software installed to scan and monitor malware activities on a server or workstation would be identified as a __________ based intrusion detection/prevention system.

Host

PoP (Points of Presence)

ISP access points

congestion avoidance

If an interface's output queue fills to capacity, newly arriving packet are discarded (or tail dropped ). Congestion avoidance can prevent this behavior. RED is an example of a congestion-avoidance mechanism.

warchalking

If an open WLAN (or a WLAN whose SSID and authentication credentials are known) is found in a public place, a user might write a symbol on a wall (or some other nearby structure) to let others know the characteristics of the discovered network. This practice, which is a variant of the decades-old practice of hobos leaving symbols as messages to fellow hobos, is called warchalking.

promiscuous mode

In a network adapter, this passes all traffic to the CPU, not just the frames addressed to it. When the network adapter captures all packets that it has access to regardless of the destination for those packets.

recovery time objectives (RTO)

In business impact analysis, the acceptable amount of time to restore a function.

recovery point objectives (RPO)

In business impact analysis, the acceptable latency of data.

T3

In the same T-carrier family of standards as a T1, a T3 circuit offers an increased bandwidth capacity. Although a T1 circuit combines 24 DS0s into a single physical connection to offer 1.544 Mbps of bandwidth, a T3 circuit combines 672 DS0s into a single physical connection, with a resulting bandwidth capacity of 44.7 Mbps.

client-server network

In this type of network a dedicated server (ie: file server or a print server) provides shared access to a resources (ie: files or a printer). Clients (ie: a PCs) on the network with appropriate privilege levels can gain access to those shared resources.

content filters

Individual computer programs that block external files that use JavaScript or images from loading into the browser.

personally identifiable information (PII)

Information used to uniquely identify, contact, or locate a person.

Share Cyber Intelligence

InfraGard is an example of

input validation

Input validation or data validation is a process that ensures the correct usage of data.

traffic shaping

Instead of making a minimum amount of bandwidth available for specific traffic types, you might want to limit available bandwidth. Both policing and shaping tools can accomplish this objective. Collectively, these tools are called traffic conditioners . Traffic shaping delays excess traffic by buffering it as opposed to dropping the excess traffic.

policing

Instead of making a minimum amount of bandwidth available for specific traffic types, you might want to limit available bandwidth. Both policing and trafficshaping tools can accomplish this objective. Collectively, these tools are called traffic conditioners . Policing can drop exceeding traffic, as opposed to buffering it.

Decode

Instructions checked in the control unit.

Attack

Intentional act of attempting to bypass one or more computer security controls.

site-to-site VPN

Interconnects two sites, as an alternative to a leased line, at a reduced cost.

radio frequency interference (RFI)

Interference that can come from AM/FM transmissions and cell towers.

IAB

Internet Architecture Board

IANA

Internet Assigned Numbers Authority

IETF

Internet Engineering Task Force.

If you want to store logins and passwords for different websites in a secure manner, you could use:

KeePassX

LOCAL syntax

LOCAL varlist

traffic intensity

La/R La averages bits/sec

port address translation (PAT)

Like NAT, but it translates both IP addresses and port numbers.

CHAP (Challenge-Handshake Authentication Protocol)

Like PAP, CHAP performs one-way authentication. However, authentication is performed through a three-way handshake (challenge, response, and acceptance messages) between a server and a client. The three-way handshake allows a client to be authenticated without sending credential information across a network.

DIR

List files and directories

The bootloader's job is to:

Load the kernel after the computer is powered on

LocalTalk

LocalTalk is a network protocol that was developed by Apple Computer, Inc. for Macs. The method used by LocalTalk is called CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance).

MD

Makes a new directory

Surge

Means that there is an unexpected increase in the amount of voltage provided.

access control model

Methodologies in which admission to physical areas, and more important computer systems, is managed and organized.

MAN

Metropolitan-area network - Interconnects locations scattered throughout a metropolitan area. (ie: Chicago Public Schools)

RAID 1

Mirroring. Data is copied to two identical disks. If one disk fails, the other continues to operate.

Router layers

Network, Link, and Physical Layers

protocol

Networking: A standard method or format for communication between network devices. Protocols ensure that data are transferred whole, in sequence, and without error from one node on the network to another. Web: The set of rules the page follows for communication and provides information to the computers about how the data is formatted, transmitted, received, and acknowledged

Extensible Authentication Protocol (EAP)

Not an authentication mechanism in itself but instead defines message formats. 802.1X would be the authentication mechanism and defines how EAP is encapsulated within messages.

Two

Number of cores required to run two instructions simultaneously

DMZ (demilitarized zone)

Often contains servers that should be accessible from the Internet. This approach would, for example, allow users on the Internet to initiate an e-mail or a web session coming into an organization's e-mail or web server. However, other protocols would be blocked. Subnetwork used to separate a private sector of a network from the public portion allotted to give access to its services to an untrusted network.

ping command

One of the most commonly used command-line commands. It can check IP connectivity between two network devices. Multiple platforms (for example, routers, switches, and hosts) support the ping command.

Honeynet

One or more computers, servers, or an area of a network, used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network.

address bus

Pathway from memory to processing unit that carries the address in memory to and from which data is transferred.

first responders

People who perform preliminary analysis of the incident data and determine whether the incident is an incident or just an event, and the criticality of the incident.

Control Unit (CU)

Processor component that manages the execution of instructions during the fetch-execute cycle.

Internet Standards

RFC: Request for comments IETF: Internet Engineering Task Force

RISC

Reduced Instruction set Computer

Policy

Rules or guidelines used to guide decisions and achieve outcomes. They can be written or configured on a computer.

If Volume is locked during a chkdsk

Run during startup

If you wanted to let a Linux machine share files with Windows clients and servers, you would use:

Samba

Multi-home

Same connection for multiple ISPs to a home

redundant ISP

Secondary connections to another ISP; for example, a backup T-1 line.

IP proxy

Secures a network by keeping machines behind it anonymous; it does this through the use of NAT.

Operation Controls

Security methods that focus on mechanisms that primarily are implemented and executed by people (as opposed to systems)

Virus

Self-replicating, malicious code that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence

Controller

Sends and receives signals from all parts of the computer

Control Bus

Sends control signals to different parts of the computer

TCP reset attack

Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.

Network Access Control (NAC)

Sets the rules by which connections to a network are governed.

A type of attack where the intruder observes authentication secrets such as a combination or PIN:

Shoulder Surfing

shutdown /r /t nn

Shutdown and restart after nn seconds

Triple DES (3DES)

Similar to DES but applies the cipher algorithm three times to each cipher block.

packet-switched connection

Similar to a dedicated leased line, because this is an always on network. However, unlike a dedicated leased line, this connection allows multiple customers to share a service provider's bandwidth.

Proxy

Software agent that performs a function or operation on behalf of another application or system while hiding the details involved

Malicious Code

Software capable of performing an unauthorized process on an information system.

SNMP agent

Software deployed by the network management system that is loaded on managed devices. The software redirects the information that the NMS needs to monitor the remote managed devices.

IP Class A

Specified IP classing standard within the range of 1.0.0.0 to 126.255.255.255 with the subnet mask of 255.0.0.0

IP Class B

Specified IP classing standard within the range of 128.0.0.0 to 191.255.255.255 subnet mask of 255.255.0.0

IP Class C

Specified IP classing standard within the range of 192.0.0.0 to 223.255.255.255 subnet mask of 255.255.255.0

A type of attack where an intruder is able to forge a biometric sample:

Splicing Attack

Output Queue

Stores packets the router is about to send to a link

If your wireless device is improperly configured someone could gain control of the device? T/F

TRUE

Forwarding Table

Table that maps destination address to a routers outbound links

Fetch

Takes an address, stored in the instruction register and moves the program counter on one.

uninterruptible power supply (UPS)

Takes the functionality of a surge suppressor and combines that with a battery backup, protecting computers not only from surges and spikes, but also from sags, brownouts, and blackouts.

computer security audits

Technical assessments made of applications, systems, or networks.

Source Routing

Technique in which the originator of a packet can attempt to partially or completely control the path through the network to the destination.

Random Access Memory (RAM)

Temporary storage or working memory; a type of volatile memory that can be accessed randomly.

CIR (committed information rate)

The CIR of an interface is the average traffic rate over the period of a second.

Ethernet

The Ethernet protocol is by far the most widely used.Ethernet uses an access method called CSMA/CD(Carrier Sense Multiple Access/Collision Detection). - can use all three cables

Richard Stallman is associated with:

The Free Software Foundation

Most of the tools that are part of Linux systems come from:

The GNU (GNU's Not Unix!) project

HTTP proxy (web proxy)

The HTTP proxy, also known as a web proxy, which caches web pages from servers on the Internet for a set amount of time.

802.3

The IEEE standard for Ethernet networking devices and data handling (using the CSMA/CD access method).

802.16

The IEEE standard for broadband wireless metropolitan area networking (also known as WiMAX).

802.2

The IEEE standard for error and flow control in data frames.

802.5

The IEEE standard for token ring networking devices and data handling.

802.11

The IEEE standard for wireless networking.

Remote Access

The ability to get access to a computer or a network through wifi, phone lines, or DSL

Spim

The abuse of instant messaging systems, a derivative of spam.

privilege escalation

The act of exploiting a bug or design flaw in a software or firmware application to gain access to resources that normally would've been protected from an application or user.

Performance measure - Bandwidth

The amount of data that can be transferred on a network in a given time.

core

The central component of a cable designed to carry a signal.

unified communications

The centralized management of multiple types of network-based communications, such as voice, video, fax, and messaging services.

Certification

The comprohensive evaluation of the technical and non-technical security features of an IT and other safeguards, made in support of the accreditation process, that establishes the extent to which a particular design and implementation meet specified set of security requirements.

latency

The delay between the transmission of a signal and its receipt.

Encryption

The process of changing information using an algorithm (or cipher) into another form that is unreadable by others—unless they possess the key to that data.

risk transference

The transfer or outsourcing of risk to a third party. Also known as risk sharing.

cold site

This has tables, chairs, bathrooms, and possibly some technical setup, for example, basic phone, data, and electric lines, but will require days if not weeks to set up properly.

CSMA/CD (Carrier Sense Multiple Access with Collision Detection)

This is a system where each computer listens to the cable before sending anything through the network.

Basic QoS (quality of service)

This is simply the measured quality of an internet connection.

Fetch-Execute Cycle

This is the process of fetching the instructions from memory, decoding them and then executing them so that the CPU performs continuously.

asymmetric key encryption

This type of cipher uses a pair of different keys to encrypt and decrypt data.

time bomb

Trojans set off on a certain date.

Applications make requests to the kernel and receive resources, such as memory, CPU, and disk in return. True or False?

True

Mobile devices include fitness bands, tablets, smartphones, electronic readers, and Bluetooth- enabled devices.

True

Participating in open source projects can improve your technical skills, even if it is not your day job. True or False?

True

You can configure your computer to check for updates automatically. True or False?

True

twisted-pair cable

Twisted pair cables have pairs of insulated copper wires twisted round each other to cancel out come in two types: - unshielded twisted pair (UTP)(ex: telephone cables): prone to electromagnetic interference - shielded twisted pair (STP): has a metal sheath encasing the twisted pairs, shielding them further from outside electromagnetic interference.

Cluster

Two or more servers that work with each other.

incremental backup

Type of backup that backs up only the contents of a folder that have changed since the last full backup or the last incremental backup.

differential backup

Type of backup that backs up only the contents of a folder that have changed since the last full backup.

full backup

Type of backup where all the contents of a folder are backed up.

stateful packet inspection

Type of packet inspection that keeps track of network connections by examining the header in each packet, also known as SPI.

Flooding

Type off incident involving insertion of a large volume of data resulting in denial of service

Intrusion

Unauthorized act of bypassing the security mechanisms of a system.

Spoofing

Unauthorized use of legitimate identification and authentication data, however it was obtained, to mimic a subject different from the attacker. Impersonating, masquerading, piggybacking, and mimicking are forms of this

Hacker

Unauthorized user who attempts to or gains access to an information system.

Patches (Software Patches)

Updates that fix particular problem or vulnerability within a program. Sometimes, instead of just releasing this vendors will release an upgraded version of their software.

Which tool would be most effective for mapping a target network?

Vulnerability scanner

null session

When used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$).

Internal Memory

Where data is moved to when not actively being used

3DES

a symmetric block cipher with 64-bit block size that uses a 56-bit key, encrypts data three times and uses a different key for at least one of the three passes, giving it a cumulative key size of 112-168 bits

CAM (Content Addressable Memory) table

a table that is in a switch's memory that contains ports and their corresponding MAC addresses.

XSS (Cross Site Scripting)

allows criminals to inject scripts into the web pages viewed by users

ethical hacker

an expert at breaking into systems and can attack systems on behalf of the system's owner and with the owner's consent.

Product Key

code that you type when requested as you install the software

Complex Instruction Set Computer (CISC)

computers designed with a full set of computer instructions that range from very simple to very complex and specialized to provide needed capabilities in the most efficient way.

Methods used to ensure confidentiality

data encryption, authentication, and access control.

mySub PROC enter 0, 0

declare a procedure with no local variables using the ENTER instruction similar to: mySub PROC push ebp mov ebp, esp

Parity

detects data errors

Asynchronous Online Communication

does not require the participants to be online at the same time

type

either a standard type or a user-defined type (used with the LOCAL directive) - standard types are WORD, DWORD..... - user-defined types are Structures .....

help

gives list of commands

input-output parameter

identical to an output parameter, with one exception: The called procedure expects the variable referenced by the parameter to contain some data. The procedure is also expected to modify the variable via the pointer.

Detective Control

identify different types of unauthorized activity

Bitmapped Graphics

images composed of pixels

ENTER

instruction that automatically creates a stack frame for a called procedure. It reserves stack space for local variables and saves EBP on the stack. Specifically, it performs three actions: - Pushes EBP on the stack (puch ebp) - Sets EBP to the base of the stack frame (mov ebp, esp) - Reserves space for local variables (sub esp, numbytes)

PGP (pretty good privacy)

is a widely deployed asymmetric encryption algorithm and is often used to encrypt e-mail traffic.

NSA (National Security Agency)

is responsible for intelligence collection and surveillance activities in the U.S

While Loop

loops through a block of code while a specified condition is true

Scareware

persuades the user to take a specific action based on fear

Administrative Access Control

policies and procedures defined by organizations to implement and enforce all aspects of controlling unauthorized access. These controls focus on personnel and business practices

Giga

prefix multiplier for 1,000,000,000

Confidentiality

prevents the disclosure of information to unauthorized people, resources and processes

Methods

procedure(Action) associated with an object

Overclocking

processor being set to run faster than it's original design

Portable Apps

programs that you carry with you on a flash drive

Software Watermarking

protects software from unauthorized access or modification

Internet Service Providers

provide an access path to the Internet

Compensative Control

provide options to other controls to bolster enforcement in support of a security policy

IPv6 (Internet Protocol version 6)

provides a large number of new addresses to route Internet traffic.The IPv6 address format is much different than the IPv4 format. It contains eight sets of four hexadecimal digits and uses colons to separate each block. , such as "fe80::42:acff:feaa:1bf0".

Oversight and Development

provides for leadership, management, and direction to conduct cybersecurity work effectively

omnidirectional antenna

radiates power at relatively equal power levels in all directions (somewhat similar to the theoretical isotropic antenna). Omnidirectional antennas are popular in residential WLANs and SOHO (small office/home office) locations.

attributes

refers to distance, langType, visibility, prologue (used with the PROC directive)

Unguided Media

signals propagate freely, e.g. radio

IPFix

standard format for exporting router based information about network traffic flows to data collection devices

Preventative Control

stop unwanted or unauthorized activity from happening

Document Management System

store documents on a server or on the Web, and provide security and access to the business documents

Main Memory

stores data and information and is usually volatile; its contents are lost when electrical power is turned off. It plays a major role in a computer's performance.

Mirroring

stores duplicate data on a second drive

External Hard Drive

suitable for backing up home computer systems

Magnetic tape

suitable for backing up large commercial servers.

Flash drive

suitable for moving relatively small files

STDCALL calling convention

supply an integer parameter to the RET instruction, which in turn adds to EBP after returning to the calling procedure. Integer must equal the number of bytes of stack space consumed by the subroutine parameters. Example2 PROC push ebp mov ebp, esp ; base of stack frame mov eax, [ebp + 12] ; second parameter add eax, [ebp + 8] ; first parameter pop ebp ret 8 ; clean up the stack Example2 ENDP NOTE: requires 32-bit operands, smaller operands must be pushed with zero extend

Methods used to ensure availability

system redundancy, system backups, increased system resiliency, equipment maintenance, up-to-date operating systems and software, and plans in place to recover quickly from unforeseen disasters.

Early Warning Systems

the Honeynet project is an example of

address

the code that identifies where a piece of information is stored

IoT

the collection of technologies that enable the connection of various devices to the Internet.

epilogue

the ending of a function consisting of restoring the EBP register and returning to the caller

Transistor

the fundamental building block of modern electronic devices, which is used to control the flow of electricity in electronic circuits.

HMAC (Hash-based Message Authentication Code)

they strengthens hashing algorithms by using an additional secret key as input to the hash function

Cloud storage

third party storage of data- using someone else's servers.

Macros

tools that allow a user to program repetitive tasks into the computer's memory so that they can be quickly accomplished with the touch of a couple keys that the user has selected

Guided Media

transmission flows along physical medium

channel bonding

two wireless bands can be logically bonded together, forming a band with twice the bandwidth of an individual band. Some literature refers to channel bonding as 40 MHz mode , which refers to the bonding of two adjacent 20-MHz bands into a 40-MHz band.

VLANs (Virtual LANs)

use logical connections instead of physical connections

Routing Protocols

used to facilitate the exchange of routing information between routers, set the forwarding tables

IDEA

uses 64-bit blocks and 128-bit keys, performs eight rounds of transformations on each of the 16 blocks that results from dividing each 64-bit block

SEO Poisoning

uses SEO to make a malicious website appear higher in search result

SMiShing

uses Short Message Service to send fake text messages

Rule Based Access Control

uses access control lists (ACLs) to help determine whether to grant access

Wired networks

uses cables to transmit data

PKI (public key infrastructure)

uses digital certificates and a certificate authority to allow secure communication across a public network.

Email

uses store-and-forward technology

CIFS (Common Internet File System)

- TCP Port 445, UDP Port 137, 138, 139 - Dialect of Server Message Block (SMB) protocol. - Enables the sharing of folders/files, printers and ports over a network.

PAP (Password Authentication Protocol)

Performs one-way authentication (that is, a client authenticates with a server). However, a significant drawback to PPP, other than its unidirectional authentication, is its clear-text transmission of credentials, which could permit an eavesdropper to learn authentication credentials.

Spillage occurs when

Personal information is inadvertently posted at a website

IP address (Internet Protocol address)

The Network layer address assigned to nodes to uniquely identify them on a TCP/IP network. IP addresses consist of 32 bits divided into four octets, or bytes. is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.[1][2] An IP address serves two main functions: host or network interface identification and location addressing.

Wardriving

The act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna, often a particularly strong antenna.

Defense in depth

The building up and layering of security measures that protect data from inception, on through storage and network transfer, and lastly to final disposal.

block ID

The first set of six characters that make up the MAC address and that are unique to a particular manufacturer.

incident management

The monitoring and detection of security events on a computer network and the execution of proper responses to those security events.

data emanation (or signal emanation)

The electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversations or to steal data.

certificate authority

The entity (usually a server) that issues digital certificates to users.

Key

The essential piece of information that determines the output of a cipher.

business impact analysis

The examination of critical versus noncritical functions, it is part of a business continuity plan (BCP).

attenuation

The extent to which a signal has weakened after traveling a given distance.

FCS (frame check sequence)

The field in a frame responsible for ensuring that data carried by the frame arrives intact. It uses an algorithm, such as CRC, to accomplish this verification.

Session layer

The fifth layer in the OSI model. This layer establishes and maintains communication between two nodes on the network. It can be considered the "traffic cop" for network communications.

segmentation

The process of decreasing the size of data units when moving data from a network that can handle larger data units to a network that can handle only smaller data units.

domain name kiting

The process of deleting a domain name during the five-day grace period (known as the add grace period or AGP) and immediately reregistering it for another five-day period to keep a domain name indefinitely and for free.

license tracking

The process of determining the number of copies of a single application that are currently in use on the network and whether the number in use exceeds the authorized number of licenses

load balancing

The process of distributing data transfer activity evenly across a network so that no single device is overwhelmed.

Risk Analysis

The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards

Configuration Management

The process of keeping track of changes to the system, if needed, approving them.

Baselining

The process of measuring changes in networking, hardware, software, and so on.

reassembly

The process of reconstructing data units that have been segmented.

regeneration

The process of retransmitting a digital signal.

System Integrity

The quality that a system has when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system

bend radius

The radius of the maximum arc into which you can loop a cable before you will cause data transmission errors.

Salting

The randomization of the hashing process to defend against cryptanalysis password attacks and Rainbow Tables. Used to make hashing more secure

Performance measure - Download speed

The rate at which packets can be downloaded from one computer to another.

Performance measure - Upload speed

The rate at which packets of information can be sent from one computer to another.

tip and ring

The red and green wires found in an RJ-11 wall jacks, which carry voice, ringing voltage, and signaling information between an analog device (for example, a phone or a modem) and an RJ-11 wall jack.

chromatic dispersion

The refraction of light as in a rainbow. If light is refracted in such a manner on fiber optic cables, the signal cannot be read by the receiver.

Program Counter (PC)

The register that contains the address of the next instruction to be executed

impedance

The resistance that contributes to controlling an electrical signal. It is measured in ohms.

Optical

Uses lasers to binary data

noise

The unwanted signals, or interference, from sources near network cabling, such as electrical motors, power lines, and radar.

LLC (Logical Link Control Sublayer)

The upper sublayer in the Data Link layer. The LLC provides a common interface and supplies reliability and flow control services.

convergence

The use of data networks to carry voice (or telephone), video, and other communications services in addition to data.

PSTN (public switched telephone network)

The worldwide telephony network comprised of multiple telephone carriers.

group policy

Used in Microsoft environments to govern user and computer accounts through a set of rules.

Backdoors

Used in computer programs to bypass normal authentication and other security mechanisms in place.

Magnetic

Used in hard disks and tapes

Remote Authentication Dial-In User Service (RADIUS)

Used to provide centralized administration of dial-up, VPN, and wireless authentication.

Read head

Used to read data on magnetic storage

Expand command

Used to remove files in a cabinet (.cab file)

Write head

Used to write data to magnetic storage

Hub-and-Spoke Topology

Used when interconnecting multiple sites (ie: multiple corporate locations) via WAN links, a hub-and-spoke topology has a WAN link from each remote site (a spoke site) to the main site (the hub site).

WPA2 (Wi-Fi Protected Access, v2)

Uses Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) for integrity checking and Advanced Encryption Standard (AES) for encryption. These algorithms enhance the security offered by WPA.

public key cryptography

Uses asymmetric keys alone or in addition to symmetric keys. The asymmetric key algorithm creates a secret private key and a published public key.

Entity integrity

a database integrity that state that all rows must have a unique identifier called a primary key

Circuit Switching

a dedicated connection is formed between two points and the connection remains active for the duration of the transmission

Wired Equivalent Privacy (WEP)

a deprecated security protocol that attempted to provide a wireless local area network (WLAN) with the same level of security as a wired LAN

Hashing algorithm

a tool that ensures data integrity by taking binary data and producing a fixed-length representation called the hash value or message digest

File encryption

a tool used to protect data stored in the form of files

Cache

a type of memory to store data temporarily in a computing environment often to shorten data access time, reduce latency and improve input/output (I/O).

Authorization

services that determine which resources users can access, along with the operations that users can perform, after the user is granted access once authentication is complete

WriteStackFrameName

similar to WriteStackFrame procedure, except includes additional parameter that holds the name of the procedure owning the stack frame

Freeware

you generally download the software app from the Internet for free and you can use the software for an unlimited period of time

Multimeter

- Tool used to measure the electric currents of various components of a computer. - Can be used to measure voltage (AC and DC), current (amps), resistance (ohms), capacitance and frequency.

What can be done to prevent remote people from running programs on your computer?

- Turn on a firewall - Use strong passwords on all user accounts

RJ-45

- Twisted pair connector used for network cabling. - Uses either T568A or T568B wiring configurations.

LC (local connector)

- Type of connector used in fiber optic cabling. - Uses a connector likened to RJ-45. It has a smaller form factor and uses 1.25 mm ferrule. - Preferred for single mode.

Internet Protocol Security (IPsec)

A TCP/IP protocol that authenticates and encrypts IP packets, effectively securing communications between computers and devices using the protocol.

Simple Network Management Protocol (SNMP)

A TCP/IP protocol that monitors network-attached devices and computers. It's usually incorporated as part of a network management system.

Infrastructure as a Service (IaaS)

A cloud computing service that offers computer networking, storage, load balancing, routing, and VM hosting.

node

A computer or other device connected to a network, which has a unique address and is capable of sending or receiving data

MT-RJ (mechanical transfer-registered jack)

A connector used with single-mode or multimode fiber-optic cable.

security policy

A continually changing document that dictates a set of guidelines for network use. These guidelines complement organizational objectives by specifying rules for how a network is used

Backup

A copy of data and/or applications contained in the IT stored on magnetic media outside of the IT to be used in the event IT data are lost.

GPC (GNU privacy guard)

A free variant of pretty good privacy (PGP), which is an asymmetric encryption algorithm.

Grayware

A general term used to describe applications that are behaving improperly but without serious consequences; often describes types of spyware.

The Internet

A global network connecting millions of computers; has more than 200 million users worldwide, and that number is growing rapidly; a complex WAN that connects LANs and clients around the globe

Botnet

A group of compromised computers used to distribute malware across the Internet; the members are usually zombies.

Secure Hash Algorithm (SHA)

A group of hash functions designed by the NSA and published by the NIST, widely used in government. The most common currently is SHA-1.

service pack (SP)

A group of updates, bug fixes, updated drivers, and security fixes that are installed from one downloadable package or from one disc.

VPN concentrator

A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN.

PCI (Peripheral Component Interconnect) Express

A high-speed serial bus interface made by Intel for connecting peripheral devices.

Cat 5e (Enhanced Category 5)

A higher-grade version of wiring that contains highquality copper, offers a high twist ratio, and uses advanced methods for reducing cross talk. It can support a signaling rate of up to 350 MHz

Source code refers to:

A human readable version of computer software

hardware firewall

A network appliance dedicated to the purpose of acting as a firewall. This appliance can have multiple interfaces for connecting to areas of a network requiring varying levels of security.

teardrop attack

A type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.

SYN flood

A type of DoS where an attacker sends a large amount of SYN request packets to a server in an attempt to deny service.

network intrusion detection system (NIDS)

A type of IDS that attempts to detect malicious network activities—for example, port scans and DoS attacks—by constantly monitoring network traffic.

connection oriented

A type of Transport layer protocol that requires the establishment of a connection between communicating nodes before it will transmit data.

data packet

A discrete unit of information sent from one node on a network to another.

trouble ticket

A problem report explaining the details of an issue being experienced in a network.

ISOC (Internet Society)

A professional organization with members from 90 chapters around the world that helps to establish technical standards for the Internet.

Software

A program or instructions that give directions to the computer.

Secure Shell (SSH)

A protocol that can create a secure channel between two computers or network devices.

IKE (Internet Key Exchange)

A protocol used to set up an IPsec session.

Nonce

A random number issued by an authentication protocol that can only be used once.

decibel (dB)

A ratio of radiated power to a reference value. In the case of dBi, the reference value is the signal strength (that is, the power) radiated from an isotropic antenna, which represents a theoretical antenna that radiates an equal amount of power in all directions (in a spherical pattern). An isotropic antenna is considered to have gain of 0 dBi.

Audit Trail

A record showing who has accessed a computer system and what operations he or she has performed during a given period of time. Useful both for maintaining security and for recovering lost transactions

Current Instruction Register (CIR)

A register inside the CPU which holds the current instruction (not the data)

patch cable

A relatively short section (usually between 3 and 25 feet) of cabling with connectors on both ends.

Terminal Access Controller Access-Control System (TACACS)

A remote authentication protocol similar to RADIUS used more often in UNIX networks.

ACK (acknowledgment)

A response generated at the Transport layer of the OSI model that confirms to a sender that its frame was received. The ACK packet is the third of three in the three-step process of establishing a connection.

black-hole router

A router that drops packets that cannot be fragmented and are exceeding the MTU size of an interface without notifying the sender.

Blackout

When a total loss of power for a prolonged period occurs.

single sign-on (SSO)

When a user can log in once but gain access to multiple systems without being asked to log in again.

least privilege

When a user is given only the amount of privileges needed to do his job.

time of day restriction

When a user's logon hours are configured to restrict access to the network during certain times of the day and week.

Sandbox

When a web script runs in its own environment for the express purpose of not interfering with other processes, possibly for testing.

explicit allow

When an administrator sets a rule that allows a specific type of traffic through a firewall, often within an ACL.

explicit deny

When an administrator sets a rule that denies a specific type of traffic access through a firewall, often within an ACL.

Pharming

When an attacker redirects one website's traffic to another bogus and possibly malicious website by modifying a DNS server or hosts file (domain spoofing)

one-to-one mapping

When an individual certificate is mapped to a single recipient.

risk avoidance

When an organization avoids risk because the risk factor is too great.

risk reduction

When an organization mitigates risk to an acceptable level.

Piggybacking

When an unauthorized person tags along with an authorized person to gain entry to a restricted area.

key escrow

When certificate keys are held in case third parties, such as government or other organizations, need access to encrypted communications.

Serial Transmission

When data is sent or received using serial data transmission, the data bits are organized in a specific order, since they can only be sent one after another

Parallel Transmission

When data is sent using parallel data transmission, multiple data bits are transmitted over multiple channels at the same time.

disk duplexing

When each disk is connected to a separate controller.

many-to-one mapping

When multiple certificates are mapped to a single recipient.

load-balancing clusters

When multiple computers are connected in an attempt to share resources such as CPU, RAM, and hard disks.

fuzz testing (fuzzing)

When random data is inputted into a computer program in an attempt to find vulnerabilities

Remote Login

When someone connects to a computer via the Internet

Brownout

When the voltage drops to such an extent that it typically causes the lights to dim and causes computers to shut off.

broadcast storm

When there is an accumulation of broadcast and multicast packet traffic on the LAN coming from one or more network interfaces.

BERT (bit-error rate tester)

When troubleshooting a link where you suspect a high bit-error rate (BER), you can use a piece of test equipment called a bit-error rate tester (BERT), which contains both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is synchronized with the pattern generator and can determine the number of bit errors) and can calculate a BER for the tested transmission link.

mutual authentication

When two computers, for example a client and a server, both verify each other's identity.

classification

is the process of placing traffic into different categories.

URL (Uniform Resource Locator)

is typed in the address bar of a browser to open the home page or other resource on the website

VoIP

is used to transmit calls over the Internet rather than traditional phone lines or cellular towers

Digital certificate

it enable users, hosts, and organizations to exchange information securely over the Internet

Examples of Input Devices

keyboard, mouse, microphone, camera, scanner...

PROC syntax

label PROC [attributes] [USES reglist], parameter_list

varlist form

label: type (used with the LOCAL directive)

Deterrent Control

limit or mitigate an action or behavior

WriteStackFrame

link library procedure that displays the contents of the current procedure's stack frame. It shows the procedure's stack parameters, return address, local variables, and saved registers.

Bottleneck Link

link on end-end path that constrains end-end throughput

PaaS (Platform as a Service)

makes collaboration easier and requires less programming knowledge

Browser Hijacker

malware that alters a computer's browser settings to redirect the user to websites paid for by the cyber criminals customers

Personal Information Manager

manages your email, calendar, contacts, and tasks

Gray Hat Attackers

may find a vulnerability and report it to the owners of the system if that action coincides with their agenda

Sniffing

occurs when attackers examine all network traffic as it passes through their NIC independent of whether or not the traffic is addressed to them or not

short

occurs when two copper connectors touch each other, resulting in current flowing through that short rather than the attached electrical circuit, because the short has lower resistance.

Video Graphics Array (VGA)

one of the de facto display standards for PCs, which supports analog signals rather than digital signals.

ADDR

operator that can be used to pass a pointer argument when calling a procedure using INVOKE - must be assembly time constant - call only be used in conjunction with INVOKE

argumentList

optional comma-deliminated list of arguments passed to a procedure

Database

organises facts about people, places, things, or events

parameterList syntax

paramName:type (used with the PROC directive)

by reference

passing an argument that consists of the address (OFFSET) of an object.

by value

passing an argument using a copy of the value pushed on the stack.

IDS (Intrusion Detection System)

passively monitors the traffic on a network. can recognize the signature of a well-known attack and respond to stop the attack. However, this sensor does not reside in-line with the traffic flow. Therefore, one or more malicious packets might reach an intended victim before the traffic flow is stopped by this sensor.

register

(computer science) Storage location on a CPU; the control unit of a digital computer that stores the current instruction of the program and controls the operation of the computer during the execution of that instruction

buffer

(computer science) a region of a physical memory storage used to temporarily store data while it is being moved from one place to another

interrupt

(computer science) a signal from a device attached to a computer or from a program within the computer that requires the operating system to stop and figure out what to do next

memory unit

(computer science) a unit for measuring computer memory

operating system

(computer science) software that controls the execution of computer programs and may provide various services

processor

(computer science) the part of a computer (a microprocessor chip) that does most of the data processing; "the CPU and the memory form the central part of a computer to which the peripherals are attached"

ELSR

(edge label switch router) Resides at the edge of an MPLS service provider's cloud and interconnects a service provider to one or more customers.

MTU

(maximum transmission unit) The largest packet size supported on an interface through the media of air .

The Samba application is a:

- File Server

Linux is distributed under which license?

- GPLv2

Which of the following licenses was made by the FSF?

- GPLv3

IPv6

- 128-bit hexidecimal network addressing standard - Designed as a backup system when we've run out of traditional IP addresses.

802.11b

- 2.4-GHz band and the DSSS transmission method - 11 Mbps - 300 ft maximum range - 11 total operating channels, 3 non-overlapped

IPv4

- 32-bit decimal network addressing standard - Separated by decimal into 4 octets (8-bits). - OSI Layer 3 address

Router

- A Layer 3 network device used to connect two network that have different subnets. - Destination addresses are compiled by IP so it keeps track of where to forward requests.

Hub

- A central network device to connect devices on the same subnet. - Information sent from one port will be sent out to every other port. - Operates strictly in half-duplex mode due to the limitation of only one send request permitted at a time. - Handles a data type called frames

ST (straight tip) Connector

- A connector used with single-mode or multimode fiber-optic cable. - Uses bayonet connector with 2.5 mm ceramic or polymer ferrule.

Access Point

- A device on a network which creates a position to provide access to incoming connections.

Modem

- A device that acts to convert digital information to analog to send information over telephone lines. - On the receiving end it converts the analog data back into digital.

Bridge (network hardware)

- A device to connect two network segments with the same subnet. - Compiles a list of devices by MAC address in order to know where to forward requests. Bridges connect different physical network types together, e.g. Ethernet to Fast Ethernet etc.A bridge can also separate a network into two segments.Good for when there is a lot of network traffic.

Internet appliance

- A device with an alternate primary purpose yet has the ability to use internet services. - This could be a smart TV, PDA, camera, etc.

WPS (Wi-Fi Protected Setup)

- A method of connecting to a wireless network devised to make it easier to those with less knowledge of network security. - It involves pressing of a button on the router in relation to the computer or other compatible network device, and they will securely connect the computer to the wireless network without the need of a passcode or pre-shared key.

Fiber Optic Internet

- A modern internet delivery variation from cable companies upgrading their networks with the use of high speed fiber optic cabling. - Since the data is literally delivered on beams of light it is able to travel extremely fast and far distances.

WAN (Wide Area Network)

- A network that consists of multiple LANs and covers a larger geographic area such as a town, city or county.

Port Triggering

- A setting of a router which would open a specific port only on request from a local host, to which that host is the designated recipient of communication through that port. - Ports remain closed when there is no activity.

Loopback plug

- A simple plug use to test the outgoing and incoming communication on a port. - It routes the transmit portto the receive porton the same device.

Cable tester

- A tool that validates the usability of a network cable. -It is connected to the network cable at both ends of a cable and will verify that the signals are being sent successfully and that the wiring in the connectors are in the correct position.

Which of the following is true about graphical mode?

- After login, you are provided with a desktop - You access this mode by logging into a - You have menus and tools to help you find what you are looking for

Creative Commons licenses allow you to:

- Allow or disallow commercial use Get a veto on where the work is used - Specify whether or not people may distribute changes - Specify whether or not changes must be shared

The Linux shell:

- Allows you to launch programs - Is customizable - Has a scripting language

Public IP

- An IP address issued by a network provider used to communication with hosts across the world wide web. - This is the IP address used for remote users to access a private network.

Private IP

- An internal IP address assigned to each device on a network for communication between one another. - This IP address must be within a specified group of available addresses in order to operate.

Permission-free software licenses:

- Are not approved by the FSF - Can allow software to be used inside - Don't have a copyleft provision

Which of the following are properties of a strong password?

- At least 10 characters long - Includes symbols - A mix of upper and lower case

Which are examples of permissive software licenses?

- BSD - MIT

The largest difference between the GPLv2 and BSD licenses is:

- BSD has no copyleft provision

Who founded the Open Source Initiative?

- Bruce Perens - Eric Raymond

The two main families of Linux shells are:

- C Shell - Bourne Shell

Which distributions are made by, or clones of, Red Hat?

- CentOS - Fedora

Apple's OS X is:

- Certified as UNIX compatible - Derived from FreeBSD - Only compatible with Apple hardware

Microsoft Windows

- Comes in desktop and server variants - Has powerful scripting capabilities - Has built in virtualization

Client-side DNS

- Compiles a list of frequently used domain name and IP destinations to quickly pull up a destination upon request.

When a computer boots, it can get its network information through:

- DHCP

POP and IMAP are related to:

- Email

TKIP (Temporal Key Integrity Protocol)

- Encryption method utilized in WPA

WiMAx

- High speed internet access provided through wireless signals to a larger area of subscribers. - Would require a device or antennae which would receive the signal. - Could potentially eliminate the use of cable internet due to simpler setup.

APIPA (Automatic Private IP Addressing)

- If enabled, this feature will assign a default IP address when the DHCP server is not responding. - The IP address will be assigned between 169.254.0.0 to 169.254.255.255

Cellular/Mobile Hotspot

- Internet connection shared from a device receiving a connection from mobile network towers. - This device can be used as an access point to allow those nearby with internet access. - Mobile phone tethering is also a way to share your phone connection as an access point. - Depending on the level of service this can prove to be a very fast internet connection: EDGE (400-1000 kbps), 3G (2 Mbps+), 4G (3-100+ Mbps), etc.

An interpreted programming language:

- Is converted into machine specific instructions as the program runs - Tends to offer more features than compiled languages

Software is backward compatible if:

- It still supports old file formats or applications

A package manager:

- Keeps track of which files belong to which packages - Downloads software from the Internet

The difference between the GPL and LGPL licenses are:

- LGPL allows linking to non GPLed software

One of the jobs of the kernel is to:

- Manage the system's resources

Static IP

- Manually assigned IP address

Plenum

- Material used to surround twisted pair cabling, especially when wiring above ceiling tiles.

UTP (unshielded twisted pair)

- Most commonly used networking cable. - Lower cost since it doesn't have the extra protection layer of copper grounding material. - Cable type used in networks that do not have any concerns over EMI, RFI, or cross talk. If these are a concern, STP is used.

Ring Topology

- Network topology which connects one computer to another in a continuous loop. - The signal travels in one direction as each device repeats the signal until it reaches the intended destination. - If there is a missing connection in a loop the network connection is down from that point in the setup.

Star Topology

- Network topology which requires each computer to connect to a central point such as a hub or switch. - The typical setup for LANs due to the ease of adding and removing connections.

Bus Topology

- Network topology with a trunk cable that runs the full length with a terminator at both ends to prevent repeated signals. The devices are connected with a drop cable along the trunk cable. - Broken cables prevent communication with any device on the network.

STP (Shielded twisted pair) cable

- Networking cable with extra protection against EMI. prevent loops on a network when switches interconnect via multiple paths - Copper used as grounding material around the internal wires.

The Creative Commons version of Public Domain licensing is:

- No Rights Reserved

PVC (Polyvinyl Chloride)

- Normal material used to surround twisted pair cabling. - Can be toxic when burned, therefore is not permitted for use when wiring above ceiling tiles.

Satellite Internet

- Not known as the fastest, yet reliability from anywhere in the world and not limited by wiring. - This sends and receives radio signal from satellite it is susceptible to interference from weather conditions. - Requires satellite dish setup, to send and receive signals, with a clear line of sight setup. - Can be used as a portable option and available in remote regions. - Expect latency due to distance of travel.

A permissive free software license:

- Places no restrictions on sharing modifications - Means you can use the software for anything you want

HTTPS (HTTP Secure)

- Port 443 - Protocol used to access websites on the world wide web with added SSL protection. - Any website cannot be automatically accesses with this protocol, it is authorized by certificate.

If a podcast is licensed under the CC BY-ND license, you may:

- Post it to your website - Share it as long as you give credit to the author

TCP (Transmission Control Protocol)

- Protocol for data transmission which requires a return receipt on every delivery to ensure the information reached the intended destination. - Packets that are lost or dropped are re-sent. - This system ensures a reliable transfer. - Connection-oriented protocol. - TCP is tightly linked with IP and usually seen as TCP/IP in writing.

UDP (User Datagram Protocol)

- Protocol for quicker transmission of data since there is no requirement of receipt. - Dropped or lost packets are not re-transmitted. - More reliable method to deliver audio or video due to the increased rate of transmission. - Connectionless protocol. - UDP uses a best-effort delivery mechanism.

How can you make money from open source software?

- Provide paid consulting services for users - Take payments for fixing bugs - Sell hardware that's built to work with the software

Which of the following are traits of a multiuser operating system?

- Resources are shared between users - Users can protect their information from other - Many users can log in simultaneously with a unique account

SMB (Server Message Block)

- TCP Port 445, UDP Port 137, 138, 139 - Protocol implemented in Microsoft Windows. - This system allows users to share resources across the network remotely. (ie. shared folders/files, printers)

DNS (Domain Naming Server)

- TCP Port 53 - Translates real name network commands to associated IP destinations. A protocol used to convert URLs into IP addresses when loading a webpage.

HTTP (Hyper Text Transfer Protocol)

- TCP Port 80 - Protocol used to access websites on the world wide web.

SSH (Secure Shell)

- TCP/UDP Port 22 - A secured protocol used to access and control remote systems. - Generally used in terminal mode.

SFTP (SSH File Transfer Protocol)

- TCP/UDP Port 22 - Used to access and transfer server files from a host system with a secure shell protocol.

TELNET

- TCP/UDP Port 23 - Network protocol to connect to a server and operate it as a native user in terminal mode. - This method of server control, though it has username and password as security, is unencrypted and not the most secure method.

RDP (Remote Desktop Protocol)

- TCP/UDP Port 3389 - Used to access, view and control one computer from another while connecting through a network and/or internet connection.

LDAP (Lightweight Directory Access Protocol)

- TCP/UDP port 389 (secure port 636) - Protocol used to build and share information within a network. - An Application Layer protocol used for accessing and modifying directory services data.

What is the meaning of a public domain license?

- The author has relinquished the copyright on the work

Which of the following is a tool that helps you anonymize your Internet browsing?

- The onion router (TOR)

Gateway

- The point on a network that connects all of the devices together at a central point or bridges two networks - This address is required for a private network to access a public network. - Typically the first or last IP address assigned within an available range.

Punchdown tool

- The required tool used to attach network wiring to a punchdown block.

Dial-up

- The service whereby a computer terminal can use the telephone to initiate and effect communication with a computer. - Connects a phone line to a modem to provide a rather slow internet connection. - Data transfer rates can be 28.8, 33.3, 56 Kbps based on compression rates. - Compression standards: V.24, V.32bis, V.34, V.42, V.44, V.90, and V.92. - Can be used over any telephone line, but not simultaneous to phone usage.

Subnet Mask

- This network setting dictates which portion of the IP address is available within a network addressing schematic.

Crimper

- Tool used to attach RJ-45 or RJ-11 connections to ethernet cabling by use of closing force.

Line of sight wireless internet service

- Type of internet service that would require a device to point directly to an internet providers tower without anything blocking its path. - Could be susceptible to interference due to disturbance of path by weather conditions.

SNMP (Simple Network Management Protocol)

- UDP 161, 162 - Part of the TCP/IP suite, this protocol shares information devices on a network for management purposes.

802.11g

- Uses 2.4-GHz band and either the OFDM or DSSS transmission method - 54 Mbps - 300 ft maximum range - 11 total operating channels, 3 non-overlapped - Compatible with other wireless networking standard which also operates at the same frequency.

802.11n

- Uses the 2.4-GHz and/or 5.75-GHz band and the OFDM transmission method - 150, 300 or 600 Mbps depending on network configuration - 1200 ft maximum range - Compatible with other wireless networking standards operating at 2.4-GHz and 5.75-GHz depending on specifications of the hardware

802.11a

- Uses the 5.75-GHz band and the OFDM transmission method - 54 Mbps - 150 ft maximum range - 23 total operating channels, 12 non overlapped

When choosing a distribution of Linux, you should consider:

- Which distributions are supported by the software you need to run - The maintenance cycle of the distribution - Which management tools are provided by the distribution - Whether or not the distribution is under active development - If you need support on the distribution itself

Which of the following is provided by a graphical interface that isn't normally provided to a non graphical interface?

- Windows - Menus - Popups - Desktop

T568A

- Wiring standards used for configuring twisted pair networking cable with RJ-45 connections based on a specified color order of the individual wires. - The color order for this standard is as follows: green-white, green, orange-white, blue, blue-white, orange, brown-white, brown

T568B

- Wiring standards used for configuring twisted pair networking cable with RJ-45 connections based on a specified color order of the individual wires. - The color order for this standard is as follows: orange-white, orange, green-white, blue, blue-white, green, brown-white, brown - This particular scheme is the accepted standard.

Methods used to ensure high availability

- eliminate single points of failure - design for reliability - detect failures as they occur

Two components that provide the ability to implement a firewall include:

- iptables - gufw

stack frame use

- passed arguments, if any, are pushed on the stack. - the subroutine is called, causing the subroutine return address to be pushed on the stack. - as the subroutine begins to execute, EBP is pushed on the stack - EBP is set equal to ESP. From this point on, EBP acts as a base reference for all of the subroutine parameters - If there are local variables, ESP is decremented to reserve space for the variables on the stack - If any registers need to be saved, they are pushed on the stack (this method is used frequently with API)

Queueing Delay

- time waiting at output link for transmission - depends on congestion level of router

In graphical mode, you can get to a shell by running which applications?

- xterm - terminal

Which package manager is used in Fedora, a Red Hat derived system?

- yum

MAC address

A 12-character string that uniquely identifies a network node. The manufacturer hard codes the MAC address into the NIC. This address is composed of the block ID and device ID.

Message-Digest Algorithm 5 (MD5)

A 128-bit key hash used to provide integrity of files and messages.

BRI (Basic Rate Interface)

A BRI circuit contains two 64-kbps B channels and one 16-kbps D channel. Although such a circuit can carry two simultaneous voice conversations, the two B channels can be logically bonded together into a single virtual circuit (by using PPP's multilink interface feature) to offer a 128-kbps data path.

Trusted Computer System Evaluation Criteria (TCSEC)

A DoD standard that sets basic requirements for assessing the effectiveness of computer security access policies. Also known as The Orange Book.

How do you describe the Command Line Interface?

A GUI is sometimes called a WIMP interface: Windows, Icons, Menus, Pointer

Wireless Local Area Network (WLAN)

A LAN connected using wireless protocols. For example, a network in a café.

SONET (Synchronous Optical Network)

A Layer 1 technology that uses fiber-optic cabling as its media. Because SONET is a Layer 1 technology, it an be used to transport various Layer 2 encapsulation types, such as TM. Also, because SONET uses fiber-optic cabling, it offers high data rates, typically in the 155 Mbps-10 Gbps range, and long-distance limitations, typically in the 20 km-250 km range.

Frame Relay

A Layer 2 WAN technology that interconnects sites using virtual circuits. These virtual circuits are identified by locally significant data-link connection identifiers (DLCI).

ATM (Asynchronous Transfer Mode)

A Layer 2 WAN technology that interconnects sites using virtual circuits. These virtual circuits are identified by a pair of numbers, called the VPI/VCI pair. A virtual path identifier (VPI) identifies a logical path, which can contain multiple virtual circuits. A virtual circuit identifier (VCI) identifies the unique logical circuit within a virtual path.

RRAS (Microsoft Routing and Remote Access Server)

A Microsoft Windows Server ® feature that allows Microsoft Windows ® clients to remotely access a Microsoft Windows network.

tracert command

A Microsoft Windows ® -based command that displays every router hop along the path from a source host to a destination host on an IP network. Information about a router hop can include such information as the IP address of the router hop and the round-trip delay of that router hop.

ipconfig command

A Microsoft Windows ® command that can be used to display IP address configuration parameters on a PC. Additionally, if DHCP is used by the PC, the ipconfig command can be used to release and renew a DHCP lease, which is often useful during troubleshooting.

MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol)

A Microsoft-enhanced version of CHAP, offering a collection of additional features not present with PAP or CHAP, including two-way authentication.

fragmentation

A Network layer service that subdivides segments it receives from the Transport layer into smaller packets.

POTS (plain old telephone service)

A POTS connection connects a customer device (such as a telephone) to the public switched telephone network (PSTN).

PRI (primary rate interface)

A PRI circuit is an ISDN circuit built on a T1 or E1 circuit. Recall that a T1 circuit has 24 channels. Therefore, if a PRI circuit is built on aT1 circuit, the ISDN circuit has 23 B channels and a one 64 kbps D channel. The24th channel in the T1 circuit is used as the ISDN D channel (that is, the channel used to carry the Q.921 and Q.931 signaling protocols, which are used to set up, maintain, and tear down connections).

RS-232 (Recommended Standard 232)

A Physical layer standard for serial communications, as defined by EIA/TIA.

TACACS+ (Terminal Access Controller Access-Control System Plus)

A TCP-based protocol used to communicate with a AAA server. encrypts an entire authentication packet rather than just the password. offers authentication features, but they are not as robust as the accounting features found in RADIUS. is a Cisco-proprietary protocol.

traceroute command

A UNIX command that display every router hop along the path from a source host to a destination host on an IP network. Information about the router hop can include the IP address of the router hop and the round-trip delay of that router hop.

ITU (International Telecommunication Union)

A United Nations agency that regulates international telecommunications and provides developing countries with technical expertise and equipment to advance their technological bases.

L2F (Layer 2 Forwarding)

A VPN protocol designed (by Cisco Systems ® ) with the intent of providing a tunneling protocol for PPP. Like L2TP, L2F lacks native security features.

L2TP (Layer 2 Tunneling Protocol)

A VPN protocol that lacks security features, such as encryption. However, it can still be used for a secure VPN connection if it is combined with another protocol that provides encryption.

MPLS (Multiprotocol Label Switching)

A WAN technology popular among service providers. MPLS performs labels switching to forward traffic within an MPLS cloud by inserting a 32-bit header (which contains a 20-bit label) between a frame's Layer 2 and Layer 3 headers and making forwarding decisions based on the label within an MPLS header.

IBSS (Independent Basic Service Set)

A WLAN can be created without the use of an AP. Such a configuration, called an IBSS, is said to work in an ad-hoc fashion. An ad-hoc WLAN is useful for temporary connections between wireless devices. For example, you might temporarily interconnect two laptop computers to transfer a few files.

robocopy (robust file copy)

A Windows command that is similar to and more powerful than the xcopy command, used to copy files and folders. -used to copy a lot of files and folders to a lot of different servers to a lot of different network connections. -able to resume a copy in case a session or connection is lost for whatever reason. -robocopy /s is used also for subdirectories

Towers of Hanoi

A backup rotation scheme based on the mathematics of the Towers of Hanoi puzzle. Uses three backup sets. For example, the first tape is used every second day, the second tape is used every fourth day, and the third tape is used every eighth day.

10 tape rotation

A backup rotation scheme in which ten backup tapes are used over the course of two weeks.

grandfather-father-son

A backup rotation scheme in which three sets of backup tapes must be defined—usually they are daily, weekly, and monthly, which correspond to son, father, and grandfather.

braiding

A braided metal shielding used to insulate some types of coaxial cable.

Denial of Service (DoS)

A broad term given to many different types of network attacks that attempt to make computer resources unavailable.

open

A broken strand of copper that prevents current from flowing through a circuit.

CO (central office)

A building containing a telephone company's telephone switching equipment is referred to as a central office (CO). COs are categorized into five hierarchical classes. A Class 1 CO is a long-distance office serving a regional area. A Class 2 CO is a second-level long-distance office (that is, it is subordinate to a Class 1 office). A Class 3 CO is a third-level long-distance office. A Class 4 CO is a fourth-level long-distance office, which provides telephone subscribers access to a live operator. A Class 5 CO is at the bottom of the five-layer hierarchy and physically connects to customer devices in a local area.

ISP (internet service provider )

A business that provides organizations and individuals with Internet access and often, other services, such as e-mail and Web hosting.

one-time pad

A cipher that encrypts plaintext with a secret random key that is the same length as the plaintext.

symmetric key algorithm

A class of cipher that uses identical or closely related keys for encryption and decryption.

special hazard protection system

A clean agent sprinkler system such as FM-200 used in server rooms.

Kerberos

A client-server authentication protocol that supports mutual authentication between a client and a server. Kerberos uses the concept of a trusted third party (a key distribution center ) that hands out tickets to be used instead of a username and password combination.

Platform as a Service (PaaS)

A cloud computing service that provides various software solutions to organizations especially the ability to develop applications without the cost or administration of a physical platform.

Software as a Service (SaaS)

A cloud computing service where users access applications over the Internet that are provided by a third party.

BNC (Bayonet Neill-Concelman, or British Naval Connector)

A coaxial cable connector type that uses a twist-and-lock (or bayonet) style of coupling, generally made of nickel plated brass, named after its coupling method and its inventors

baseline

A collection of data portraying the characteristics of a network under normal operating conditions. Data collected while troubleshooting can then be contrasted against baseline data.

ISO (International Organization for Standardization)

A collection of standards organizations representing 157 countries with headquarters located in Geneva, Switzerland.

PPP (Point-to-Point Protocol)

A common Layer 2 protocol offering features such as multilink interface, looped link detection, error detection, and authentication.

X.509

A common PKI standard developed by the ITU-T that incorporates the single sign-on authentication method.

CRAM-MD5 (Challenge-Response Authentication Mechanism Message Digest 5)

A common variant of HMAC frequently used in e-mail systems. Like CHAP, this only performs one-way authentication (the server authenticates the client).

nonbroadcast point-to-multipoint transmission

A communications arrangement in which a single transmitter issues signals to multiple, defined recipients.

point-to-multipoint

A communications arrangement in which one transmitter issues signals to multiple receivers. The receivers may be undefined, as in a broadcast transmission, or defined, as in a nonbroadcast transmission.

Blended Threat

A computer network attack that seeks to maximize the severity of damage and speed of contagion by combining methods, for example using characteristics of both viruses and worms, while also taking advantage of vulnerabilities in computers, networks, or other physical systems. An attack using a blended approach might send a virus via an e-mail attachment, along with a Trojan horse embedded in an HTML file that will cause damage to the recipient computer. EX. Nimba, CodeRed, Bugbear.

Server

A computer that awaits and responds to requests for data; serves up resources to a network. For example, E-mail access provided by an E-mail server, web pages provided by a web server, or data files available on a file server.

host

A computer that enables resource sharing by other computers on the same network

Web server

A computer that manages Web site services, such as supplying a Web page to multiple users on demand.

workstation

A computer that runs a desktop operating system and connects to a network.

stand-alone computer

A computer that uses applications and data only from its local disks and that is not connected to a network.

local loop

A connection between a customer premise and a local telephone company's central office.

virtual private network (VPN)

A connection between two or more computers or devices that are not on the same private network.

session

A connection for data exchange between two parties. The term session may be used in the context of Web, remote access, or terminal and mainframe communications, for example.

circuit-switched connection

A connection that is brought up on an as-needed basis. This connection is analogous to phone call, where you pick up a phone, dial a number, and a connection is established based on the number you dial.

Smart Card

A credit-card-sized device with embedded microelectronics circuitry for storing information about an individual. This is not a key or token, as used in the remote access authentication process.

terminal

A device with little (if any) of its own processing or disk capacity that depends on a host to supply it with applications and data-processing services.

DCE (data circuit-terminating equipment)

A device, such as a multiplexer or modem, that processes signals. It supplies a clock signal to synchronize transmission between DTE and DCE.

E3

A digital circuit in the same E-carrier family of standards as an E1. An E3 circuit's available bandwidth is 34.4 Mbps.

channel

A distinct communication path between two or more nodes, much like a lane is a distinct transportation path on a freeway. may be separated either logically (as in multiplexing) or physically (as when they are carried by separate wires).

electromagnetic interference (EMI)

A disturbance that can affect electrical circuits,devices, and cables due to electromagnetic conduction or radiation.

Packet Filtering

A feature incorporated into routers to limit the flow of information based on pre-determined communications such as source, destination, or type of service being provided by the network; let the administrator limit protocol specific traffic to one network segment, isolate email domains, and perform many other traffic control functions. Packet filtering as it applies to firewalls inspects each packet passing through the firewall and accepts or rejects it based on rules. Two types of packet filtering include stateless packet filters and stateful packet inspection (SPI).

Security Incident

An adverse event in a computer system or the threat of such an event occurring.

application firewall

A firewall that can control the traffic associated with specific applications. Works all the way up to the Application Layer of the OSI model.

Cat 3 (Category 3)

A form of UTP that contains four wire pairs and can carry up to 10 Mbps, with a possible bandwidth of 16 MHz.

Cat 4 (Category 4)

A form of UTP that contains four wire pairs and can support up to 16- Mbps throughput. It may be used for 16-Mbps token ring or 10-Mbps Ethernet networks.

Cat 5 (Category 5)

A form of UTP that contains four wire pairs and supports up to 100-Mbps throughput and a 100-MHz signal rate.

Data Driven Attack

A form of attack that is encoded in seemingly innocuous data which is executed by a user pr a process to implement an attack; concern for firewalls, since it may get through the firewall in data form and launch an attack against a system behind the firewall.

man-in-the-middle (MITM) attack

A form of eavesdropping that intercepts all data between a client and a server, relaying that information back and forth. Examples include: Wi-Fi Eavesdropping, Email Hijacking, IP Spoofing Attacks, IP Spoofing Attacks, HTTPS Spoofing, SSL (Secure Socket Layer) Stripping, Session Hijacking, ARP (Address Resolution Protocol) Spoofing, Man-in-the-Browser

baseband

A form of transmission in which digital signals are sent through direct current pulses applied to a wire. This direct current requires exclusive use of the wire's capacity, so this systems can transmit only one signal, or one channel, at a time.

Broadband

A form of transmission in which signals are modulated as radiofrequency analog pulses with different frequency ranges. Also, the general term used to refer to high-speed network connections; typical for connections in excess of 1 Megabit per second (Mbps) to be so named

multiplexing

A form of transmission that allows multiple signals to travel simultaneously over one medium.

Partial-mesh Topology

A hybrid of a hub-and-spoke topology and a full-mesh topology. A partial-mesh can be designed to provide an optimal route between selected sites, while avoiding the expense of interconnecting every site to every other site.

IDF (intermediate distribution frame)

A junction point between the MDF and concentrations of fewer connections—for example, those that terminate in a telecommunications closet.

RFI (radiofrequency interference)

A kind of interference that may be generated by broadcast signals from radio or TV towers.

Linear Bus Topology

A linear bus topology consists of a main run of cable with a terminator at each end. All nodes (file server,workstations, and peripherals) are connected to the linear cable.(uses ethernet & local talk network) pros - easy to connect peripherals - requires less cable than star topology cons - entire network shuts down if there is a break in the main cable - hard to find the problem - need terminators at each end - not for a large building

certificate revocation list (CRL)

A list of certificates no longer valid or that have been revoked by the issuer.

ACL (access control list)

A list of permissions attached to an object. They specify what level of access a user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that apply to a list of network names, IP addresses. and port numbers.

decibel (dB) loss

A loss of signal power. If a transmission's dB loss is too great, the transmission cannot be properly interpreted by the intended recipient.

Trojan Horse

A malicious or harmful code contained inside apparently harmless programming or data in such a way that it can get control and do its chosen from of damage, such as ruining the file allocation table on your hard disk

hash function

A mathematical procedure that converts a variable-sized amount of data into a smaller block of data.

amplitude

A measure of a signal's strength.

checksum

A method of error checking that determines if the contents of an arriving data unit match the contents of the data unit sent by the source.

penetration testing

A method of evaluating the security of a system by simulating one or more attacks on that system.

flow control

A method of gauging the appropriate rate of data transmission based on how fast the recipient can accept data.

statistical multiplexing

A method of multiplexing in which each node on a network is assigned a separate time slot for transmission, based on the node's priority and need.

TDM (time division multiplexing)

A method of multiplexing that assigns a time slot in the flow of communications to every node on the network and, in that time slot, carries data from that node.

MAC filtering

A method used to filter out which computers can access the wireless network; the WAP does this by consulting a list of MAC addresses that have been previously entered. - Feature of a wireless router which permits access based upon hardware address provided. - Can be set to allow/block specified systems.

Graphical Processing Unit (GPU)

A microprocessor designed to handle graphics operations.

OSI (Open Systems Interconnection) model

A model for understanding and developing computer-to-computer communication developed in the 1980s by ISO. It divides networking functions among seven layers: Physical, Data Link, Network, Transport, Session,Presentation, and Application.

AM (amplitude modulation)

A modulation technique in which the amplitude of the carrier signal is modified by the application of a data signal.

behavior-based monitoring

A monitoring system that looks at the previous behavior of applications, executables, and/or the operating system and compares that to current activity on the system.

WDM (wavelength division multiplexing)

A multiplexing technique in which each signal on a fiber-optic cable is assigned a different wavelength, which equates to its own subchannel. Each wavelength is modulated with a data signal. In this manner, multiple signals can be simultaneously transmitted in the same direction over a length of fiber.

DWDM (dense wavelength division multiplexing)

A multiplexing technique used over single-mode or multimode fiber-optic cable in which each signal is assigned a different wavelength for its carrier wave.

hot site

A near duplicate of the original site of the organization, complete with phones, computers, networking devices, and full backups.

Intranet

A network based on an internet belonging to an organization, usually a corporation, accessible only by the organization's members, employees, or others with authorization. Its Web sites look and act just like any other Web site, but the firewall surrounding it fends off unauthorized access.

Computer Network

A network is a system that sends and receives data and messages enabling two or more computers to communicate with each other.

populated segment

A network segment that contains end nodes, such as workstations. punch-down block A panel of data receptors into which twisted pair wire is inserted, or punched down, to complete a circuit.

unpopulated segment

A network segment that does not contain end nodes, such as workstations. Also called link segments.

Wide Area Network (WAN)

A network which connects networks in different geographical locations. For example, the school network.

Nmap

A network-vulnerability scanner.

Remote Access Service (RAS)

A networking service that allows incoming connections from remote dial-in clients. It is also used with VPNs.

token ring

A networking technology developed by IBM in the 1980s. It relies upon direct links between nodes and a ring topology, using tokens to allow nodes to transmit data.

RIR (Regional Internet Registry)

A not-for-profit agency that manages the distribution of IP addresses to private and public entities.

Network

A number of devices connected together to allow them to communicate.

frame

A package for data that includes not only the raw data, or "payload," but also the sender's and recipient's addressing and control information. Frames are generated at the Data Link layer of the OSI model and are issued to the network at the Physical layer.

Subnet

A part of a network in which all devices share the same network portion of their IP address. A logical subset of a larger network, created by an administrator to improve network performance or to provide security.

cryptanalysis attack

A password attack uses a considerable set of precalculated encrypted passwords located in a lookup table.

brute force attack

A password attack where every possible password is attempted.

remote user

A person working on a computer on a different network or in a different geographical location from the LAN's server.

hardware security module (HSM)

A physical device that deals with the encryption of authentication processes, digital signings, and payment processes.

Storage Device

A piece of computer equipment on which information can be stored.

Router

A piece of hardware responsible for transmitting data between networks.

NIC (Network Interface Controller/Card)

A piece of hardware that allows a computer to connect to a network

butt set (or lineman's handset)

A piece of test equipment typically used by telephone technicians. The clips on a butt set can connect to the tip and ring wires on a punch-down block (for example, a 66 block or a 110 block) connecting to a telephone. This allows the technician to check the line (for example, to determine if dial tone is present on the line and determine if a call can be placed from the line).

ping flood

A ping flood, also known as an ICMP flood attack, is when an attacker attempts to send many ICMP echo request packets (pings) to a host in an attempt to use up all available bandwidth.

Contingency Plan

A plan for emergency response, back up operations, and post-disaster recovery maintained by an activity as a part of its security program that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation

Disaster recovery plan

A plan that details the policies and procedures concerning the recovery and/or continuation of an organization's technology infrastructure. Includes activities the organization takes to assess, salvage, repair and restore damaged facilities or assets

Easter egg

A platonic extra added to an OS or application as a sort of joke; the harmless cousin of the logic bomb.

phase

A point or stage in a wave's progress over time.

User Account Control (UAC)

A security component of Windows Vista that keeps every user (besides the actual Administrator account) in standard user mode instead of as an administrator with full administrative rights—even if they are a member of the administrators group.

Wi-Fi Protected Access (WPA)

A security protocol created by the Wi-Fi Alliance to secure wireless computer networks, more secure than WEP.

WEP (Wired Equivalent Privacy)

A security standard for WLANs. With WEP, an AP is configured with a static WEP key. Wireless clients needing to associate with an AP are configured with an identical key (making this a preshared key [PSK] approach to security). The IEEE 802.11 standard specifies a 40-bit WEP key, which is considered to be a relatively weak security measure. - Original wireless network encrypted security associated with 802.11 in 1997. - It is designed to emulate the same security as a wired network infrastructure. - Uses the same pre-shared key on the network and connecting devices as its form of securing a connection. - The pre-shared key is also used for encryption. - Not the most secure or recommended method.

remote access server

A server that runs communications services that enable remote users to log on to a network. Also known as an access server.

DHCP (Dynamic Host Configuration Protocol)

A service used to dynamically assign TCP/IP configuration information to clients. DHCP is often used to assign IP addresses, subnet masks, default gateways, DNS server addresses, and much more.

AWG (American Wire Gauge)

A standard rating that indicates the diameter of a wire, such as the conducting core of a coaxial cable.

incident response

A set of procedures that an investigator goes by when examining a computer security incident.

API (application programming interface)

A set of routines, protocols, and tools for building software applications. APIs specify how software components should interact, such as what data to use and what actions should be taken.

Spike

A short transient in voltage that can be due to a short circuit, tripped circuit breaker, power outage, or lightning strike.

ferrule

A short tube within a fiber-optic cable connector that encircles the fiber strand and keeps it properly aligned.

analog

A signal that uses variable voltage to create continuous waves, resulting in an inexact transmission.

UDP flood attack

A similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process.

cross talk

A type of interference caused by signals traveling on nearby wire pairs infringing on another pair's signal.

demilitarized zone (DMZ)

A special area of the network (sometimes referred to as a subnetwork) that houses servers that host information accessed by clients or other networks on the Internet.

token

A special control frame that indicates to the rest of the network that a particular node has the right to transmit data.

file server

A specialized server that enables clients to share applications and data across the network.

Open Vulnerability and Assessment Language (OVAL)

A standard and a programming language designed to standardize the transfer of secure public information across networks and the Internet utilizing any security tools and services available.

SSID (Service Set Identifier)

A string of characters that identify a WLAN. APs participating in the same WLAN can be configured with identical SSIDs. Required to connect to a wireless network. An SSID shared among multiple APs is called an extended service set identifier (ESSID).

change management

A structured way of changing the state of a computer system, network, or IT procedure.

Hash

A summary of a file or message. It is generated to verify the integrity of the file or message.

syslog

A syslog-logging solution consists of two primary components: syslog servers, which receive and store log messages sent from syslog clients, and syslog clients, which can be a variety of network devices that send logging information to a syslog server.

Firewall

A system designed to prevent unauthorized access to or from a private network; can be implemented in both hardware and software, or a combination if both; frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through this, which examines each message and blacks those that do not meet the specified security criteria

modulation

A technique for formatting signals in which one property of a simple carrier wave is modified by the addition of a data signal during transmission.

telco

A telephone company. Some countries have government-maintained telcos, while other countries have multiple telcos that compete with one another.

Distributed Tool

A tool that can be distributed to multiple hosts, which can then be coordinated to anonymously perform an attack on the target host simultaneously after some time delay

Logical Topology

A topology that describes the data-flow and IP addressing scheme of a network. The actual traffic flow of a network determines the network's Logical topology.

Point-to-Point Tunneling Protocol (PPTP)

A tunneling protocol used to support VPNs. Generally includes security mechanisms, and no additional software or protocols need to be loaded. A VPN device or server must have inbound port 1723 open to enable incoming PPTP connections.

Cat 6 (Category 6)

A twisted pair cable that contains four wire pairs, each wrapped in foil insulation. Additional foil insulation covers the bundle of wire pairs, and a fire-resistant plastic sheath covers the second foil layer. The foil insulation provides excellent resistance to cross talk and enables it to support a signaling rate of 250 MHz.

crossover cable

A twisted pair patch cable in which the termination locations of the transmit and receive wires on one end of the cable are reversed. Networking cable which is configured to use the T568A standard at one end and T568B at the other.

straight-through cable

A twisted pair patch cable in which the wire terminations in both connectors follow the same scheme.

3-leg perimeter

A type of DMZ where a firewall has three legs that connect to the LAN, Internet, and the DMZ.

back-to-back perimeter

A type of DMZ where the DMZ is located between the LAN and the Internet.

Fraggle

A type of DoS similar to the Smurf attack, but the traffic sent is UDP echo traffic as opposed to ICMP echo traffic.

Ping of Death (POD)

A type of DoS that sends an oversized and/or malformed packet to another computer.

Smurf attack

A type of DoS that sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The header of the ICMP echo requests will have a spoofed IP address. That IP address is the target of the Smurf attack. Every computer that replies to the ICMP echo requests will do so to the spoofed IP.

RG-8

A type of coaxial cable characterized by a 50-ohm impedance and a 10 AWG core.

RG-58

A type of coaxial cable characterized by a 50-ohm impedance and a 24 AWG core.

RG-59

A type of coaxial cable characterized by a 75-ohm impedance and a 20 or 22 AWG core, usually made of braided copper. Less expensive but suffering greater attenuation than the more common RG-6 coax, it is used for relatively short connections.

RG-6

A type of coaxial cable with an impedance of 75 ohms and that contains an 18 AWG core conductor. It is used for television, satellite, and broadband cable connections.

DB-9 connector

A type of connector with nine pins that's commonly used in serial communication that conforms to the RS-232 standard.

MMF (multimode fiber)

A type of fiber-optic cable that contains a core with a diameter between 50 and 100 microns, through which many pulses of light generated by a lightemitting diode (LED) travel at different angles.

SMF (single-mode fiber)

A type of fiber-optic cable with a narrow core that carries light pulses along a single path data from one end of the cable to the other end. Data can be transmitted faster and for longer distances. However, it is expensive.

FDM (frequency division multiplexing)

A type of multiplexing that assigns a unique frequency band to each communications subchannel. Signals are modulated with different carrier frequencies, then multiplexed to simultaneously travel over a single channel.

Vishing

A type of phishing attack that makes use of telephones and VoIP.

spear phishing

A type of phishing attack that targets particular individuals.

Tailgating

A type of piggybacking where an unauthorized person follows an authorized person into a secure area, without the authorized person's consent.

IV attack

A type of related-key attack, which is when an attacker observes the operation of a cipher using several different keys, and finding a mathematical relationship between them, allowing the attacker to ultimately decipher data.

Rootkit

A type of software designed to gain administrator-level control over a computer system without being detected; captures passwords and message traffic to and from a computer. A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more

host-based intrusion detection system (HIDS)

A type of system loaded on an individual computer; it analyzes and monitors what happens inside that computer, for example, if any changes have been made to file integrity.

Half Duplex

A type of transmission in which signals may travel in both directions over a medium, but in only one direction at a time. The only advantage that Half-Duplex would have is a single lane is cheaper than a double lane.

Simplex

A type of transmission in which signals may travel in only one direction over a medium. A good example would be your keyboard to your CPU.

cross-site scripting (XSS)

A type of vulnerability found in web applications used with session hijacking.

SA (Security Association)

An agreement between the two IPsec peers about the cryptographic parameters to be used in an ISAKMP session.

network address

A unique identifying number for a network node that follows a hierarchical addressing scheme and can be assigned through operating system software.

PDU (protocol data unit)

A unit of data at any layer of the OSI model.

Retro-virus

A virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state.

patch panel

A wall-mounted panel of data receptors into which cross-connect patch cables from the punch-down block are inserted.

Cloud computing

A way of offering on-demand services that extend the capabilities of a person's computer or an organization's network.

Digital Signature

A way to verify that an email message is really from the person who supposedly sent it and that it hasn't been changed. You may have received emails that have a block of letters and numbers at the bottom of the message - this mathematical algorithm is used to combine the information in the message. The result is a random-looking string of letters and numbers.

Vulnerability

A weakness in automated system security procedures, technical controls, environmental controls, administrative controls, internal controls, etc., that could be used as an entry point to gain unauthorized access to information or disrupt critical processing

Countermeasures

Action, device, procedure, technique or other measure that reduces the vulnerability of an information system

Execute

Actions occur dependent on the instruction

CSU/DSU (channel service unit/data service unit)

Acts as a digital modem, which terminates a digital circuit (for example, a T1 or an E1 circuit).

Sound Card

Additional card fitted into a PCI slot to output sound.

Networking advantages

Allows for sharing of files, Allows for peripheral devices such as printers to be shared, Allows people to communicate easily, Allowing people to use the same account on multiple devices

FHSS (Frequency-Hopping Spread Spectrum)

Allows the participants in a communication to hop between predetermined frequencies. Security is enhanced, because the participants can predict the next frequency to be used while a third party cannot easily predict the next frequency. FHSS can also provision extra bandwidth by simultaneously using more than one frequency.

client-to-site VPN

Also known as a remote access VPN, a client-to-site VPN interconnects a remote user with a site, as an alternative to dial-up or ISDN connectivity, at a reduced cost.

active interception

Also known as active inception in the CompTIA 2008 Security+ objectives; normally includes a computer placed between the sender and the receiver in an effort to capture and possibly modify information.

open mail relay

Also known as an SMTP open relay; it enables anyone on the Internet to send e-mail through an SMTP server.

failover clusters

Also known as high-availability clusters, these are designed so that a secondary server can take over in the case that the primary one fails, with limited or no downtime.

anomaly based monitoring

Also known as statistical anomaly based; establishes a performance baseline based on a set of normal network traffic evaluations.

directory traversal

Also known as the ../ (dot dot slash) attack is a method of accessing unauthorized parent directories.

MDF (main distribution frame)

Also known as the main cross-connect, the first point of interconnection between an organization's LAN or WAN and a service provider's facility.

marking

Alters bits within a frame, cell, or packet to indicate how a network should treat that traffic. Marking alone does not change how a network treats a packet. Other tools (such as queuing tools) can, however, reference markings and make decisions (for example, forwarding decisions or dropping decisions) based on those markings.

ANSI

American National Standards Institute

Thinnet

An IEEE Physical layer standard for achieving 10-Mbps throughput over coaxial copper cable. It is also known as 10Base-2. Its maximum segment length is 185 meters, and it relies on a bus topology.

Thicknet

An IEEE Physical layer standard for achieving a maximum of 10-Mbps throughput over coaxial copper cable. It is also known as 10Base-5. Its maximum segment length is 500 meters, and it relies on a bus topology.

S/MIME

An IETF standard that provides cryptographic security for electronic messaging such as e-mail.

AH (Authentication Header)

An IPsec protocol that provides authentication and integrity services. However, it does not provide encryption services.

ESP (Encapsulating Security Payload)

An IPsec protocol that provides authentication, integrity, and encryption services.

Internet content filter

An Internet content filter, or simply a content filter, is usually applied as software at the Application Layer and can filter out various types of Internet activities such as websites accessed, e-mail, instant messaging, and more. It is used most often to disallow access to inappropriate web material.

mandatory access control (MAC)

An access control policy determined by a computer system, not by a user or owner, as it is in DAC. restricts the actions that a subject can perform on an object. A subject can be a user or a process. An object can be a file, a port, or an input/output device. An authorization rule enforces whether or not a subject can access the object

discretionary access control (DAC)

An access control policy generally determined by the owner.

role-based access control (RBAC)

An access model that works with sets of permissions, instead of individual permissions that are label-based. So roles are created for various job functions in an organization.

default account

An account installed by default on a device or within an operating system with a default set of user credentials that are usually insecure.

Distributed Denial of Service (DDoS)

An attack in which a group of compromised systems attack a single target, causing a DoS to occur at that host, usually using a botnet.

replay attack

An attack in which valid data transmission is maliciously or fraudulently repeated or delayed.

MAC flooding

An attack that sends numerous packets to a switch, each of which has a different source MAC address, in an attempt to use up the memory on the switch. If this is successful, the switch will change state to failopen mode.

Dictionary Attack

An attack that uses a brute-force technique of successively trying all the words in some large, exhaustive list

fork bomb

An attack that works by creating a large number of processes quickly to saturate the available processing space in the computer's operating system. It is a type of wabbit.

Probe

An attempt to gather information about an information system for apparent purpose of circumventing its security controls

RADIUS (Remote Authentication Dial-In User Service)

An authentication and accounting system used by many Internet Service Providers (ISPs). A UDP-based protocol used to communicate with a AAA server. does not encrypt an entire authentication packet, but only the password. However, offers more robust accounting features than TACACS+. This is a standards-based protocol, while TACACS+ is a Cisco-proprietary protocol.

Challenge-Handshake Authentication Protocol (CHAP)

An authentication scheme used by the Point-to-Point Protocol (PPP) that is the standard for dial-up connections.

802.1X

An authentication technology used to connect devices to a LAN or WLAN. It is an example of port-based NAC.

single point of failure

An element, object, or part of a system that, if it fails, will cause the whole system to fail.

Transport-layer Segment

An encapsulated application-layer message with the attached transport layer message.

Faraday cage

An enclosure formed by conducting material or by a mesh of such material; it blocks out external static electric fields and can stop emanations from cell phones and other devices within the cage from leaking out.

secure code review

An in-depth code inspection procedure.

identity proofing

An initial validation of an identity.

WAN Link

An interconnection between two devices in a WAN.

Network Interface Controller (NIC)

An internal piece of hardware that allows a device to connect to a network. This could be wired or wireless.

Data Encryption Standard (DES)

An older type of block cipher selected by the United States federal government back in the 1970s as its encryption standard; due to its weak key, it is now considered deprecated.

CARP (Common Address Redundancy Protocol)

An open-standard variant of HSRP, which provides first-hop router redundancy.

Sag

An unexpected decrease in the amount of voltage provided.

The Linux platform that runs on mobile phones is called:

Android

Fast Ethernet

Another ethernet protocol that has increased speed of transmission that supports 100 Mbps. - more expensive hubs/concentrators/NICs - can only use fiber optics or twisted pair cables

SATA (Serial AT Attachment)

Another high speed serial bus interface for connecting hard drives, solid state drives (SSDs) and CD/DVD drives to the computer.

visibility

Attribute that indicates the procedure's visibility to other modules. Choices are PRIVATE, PUBLIC (default), and EXPORT. If the visibility is EXPORT, the linker places the procedure's name in the export table for segmented executables. EXPORT also enables PUBLIC visibility. (used with the PROC directive)

langType

Attribute that specifies the calling convention (parameter passing convention) such as C, PASCAL, or STDCALL. Overrides the language specified in the .MODEL directive. (used with the PROC directive)

application-level gateway (ALG)

Applies security mechanisms to specific applications, such as FTP and/or BitTorrent. It supports address and port translation and checks whether the type of application traffic is allowed.

DiffServ (Differentiated Services)

As its name suggests, DiffServ differentiates between multiple traffic flows. Specifically, packets are marked, and routers and switches can then make decisions (for example, dropping or forwarding decisions) based on those markings.

asset management

As related to networks, this is a formalized system of tracking network components and managing the lifecycle of those components.

password cracker

Software tool used to recover passwords from hosts or to discover weak passwords.

Adware

Any software application that displays advertising banners while the program's running. Authors may include additional code, which can be viewed thru pop-up windows or a bar that appears on the computer screen. Usually includes code that tracks a user's personal info & passes it on to 3rd parties, w/o the user's authorization or knowledge

Security Posture Assessments (SPA)

Assessments that use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems and networks.

DNS Spoofing

Assuming the name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain

Packet Fields

At each layer there is the header field; used for transmission within that layer And a payload field; used within the above layers

Wireless router

Attaches to a wired network and provides access to that wired network for wirelessly attached clients, like a wireless AP(access point). However, a wireless router is configured such that the wired interface that connects to the rest of the network (or to the Internet) is on a different IP network than the wireless clients. Typically, a wireless router performs NATing (network address translation) between these two IP address spaces.

cable modem

Attaches to the same coaxial cable (typically in a residence) that provides television programming. A cable modem can use predetermined frequency ranges to transmit and receive data over that coaxial cable.

Which email attachments are generally SAFE to open?

Attachments contained in a digitally signed email from someone known

social engineering

Attackers sometimes use social techniques (which often leverage people's desire to be helpful) to obtain confidential information. For example, an attacker might pose as a member of an IT department and ask a company employ for their login credentials in order for the "IT staff to test the connection." This type of attack is called social engineering.

port scanner

Software used to decipher which ports are open on a host.

Ethernet cable

Copper wires used to connect devices (EG. Computer to computer, or computer to switch) within a LAN.

Firmware

Software written for embedded systems.

implicit deny

Denies all traffic to a resource unless the users generating that traffic are specifically granted access to the resource. For example, when a device denies all traffic unless a rule is made to open the port associated with the type of traffic desired to be let through.

network intrusion prevention system (NIPS)

Designed to inspect traffic, and based on its configuration or security policy, the system can remove, detain, or redirect malicious traffic.

TDR (time domain reflectometer)

Detects the location of a fault in a copper cable by sending an electric signal down the copper cable and measuring the time required for the signal to bounce back from the cable fault. A TDM can then mathematically calculate the location of the fault.

OTDR (optical time domain reflectometer)

Detects the location of a fault in a fiber cable by sending light down the fiber-optic cable and measuring the time required for the light to bounce back from the cable fault. The OTDM can then mathematically calculate the location of the fault.

Cooling Device

Device that removes heat from the computer to keep the computer components within permissible heat levels.

EIA

Electronic Industries Alliance

fiber-optic cable

Fiber optic cables have a thin strand of glass in the centre that carries the light pulses. Data is transmitted via pulsing light sent from a laser or light-emitting diode (LED) through the central fiber (or fibers). The central strand is encased in glass cladding. The glass cladding may then be surrounded by strengthening wires and a plastic outer sheath. Fiber optic cables are more expensive than electrical cables but have higher bandwidths and can transmit over longer distances.

Permissions

File system permissions control what resources a person can access on the network.

E-mail Attachement

Files sent with e-mails that may contain malware.

security log files

Files that log activity of users. They show who did what and when, plus whether they succeeded or failed in their attempt.

CHKDSK /f

Fixes logical errors on the disk

Web Bugs

HTML elements, often in the form of image tags, that retrieve information from a remote web site. While the image may not be visible to the user, the act of making the request can provide information about the user. These are often embedded in web pages or HTML - enabled e-mail messages.

Redirected bombs

Hackers can use ICMP to change the path information take by sending it a different router.

According to DoD 8570.01-M, the IA (Information Assurance) technical category consists of how many levels?

I, II, & III

In accordance with AR 25-2, whose responsibility is it to ensure all users receive initial and annual IA awareness training?

IASO (Information Assurance Security/Support Officer)

INVOKE syntax

INVOKE procedureName [, argumentList]

baseline reporting

Identification of the security posture of an application, system, or network.

cable certifier

If you are working with existing cable and want to determine its category, or if you simply want to test the supported frequency range (and therefore data throughput) of the cable, you can use a cable certifier.

transmission

In networking, the application of data signals to a medium or the progress of data signals over a medium from one point to another.

Rainbow Tables

In password cracking, a set of precalculated encrypted passwords located in a lookup table.

Encapsulation

In programming: keeping details (like data and procedures) together in one part of a program so that programmers working on other parts of the program don't need to know about them. In networking: the process of wrapping one layer's PDU (protocol data unit) with protocol information so that it can be interpreted by a lower layer.

stateful firewall

Inspects traffic leaving the inside network as it goes out to the Internet. Then, when returning traffic from the same session (as identified by source and destination IP addresses and port numbers) attempts to enter the inside network, the stateful firewall permits that traffic. The process of inspecting traffic to identify unique sessions is called stateful inspection .

DSL (Digital Subscriber Line)

Internet connectivity, unlike cable modem-based service, provides the user with dedicated bandwidth. However, the maximum bandwidth available to it is usually lower than the maximum cable modem rate technologies. Also, the "dedicated bandwidth" is only dedicated between your home and the provider's central office -- the providers offer little or no guarantee of bandwidth all the way across the Internet. A DSL connection uses copper telephone lines but is able to relay data at much higher speeds than modems and does not interfere with telephone use.

Diffie-Hellman (DH) key exchange

Invented in the 1970s, it was the first practical method for establishing a shared secret key over an unprotected communications channel. Provides an electronic exchange method to share the secret key. Secure protocols, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS), Secure Shell (SSH), and Internet Protocol Security (IPsec), use it

Having reviewed DoD Wireless STIG (Ver6, Release 1), Sarah learns she may only utilize SecNet 54 and ______________ for transmitting classified information up to Top Secret.

KOV-26 Talon

Email Bombs

Large quantity of bulk e-mail that overwhelms an e-mail server preventing user access

VPN (virtual private network)

Some VPNs can support secure communication between two sites over an untrusted network (for example, the Internet).

ChKDSK /r

Locates bad sectors and recovers readable information /r Implies /f so /f is redundant to do also

You receive an email at your official Government email address from an individual at the Office of Personnel Management (OPM). The email provides a link to a personnel portal where you must enter your personal information as part of an effort to standardize recordkeeping. What action should you take first?

Look for a digital signature on the email.

BIOS (basic input/output system)

Low level program to handle inputs and output operations from the keyboard and screen

ActiveX is a type of this?

Mobile code

DSSS (Direct Sequence Spread Spectrum)

Modulates data over an entire range of frequencies using a series symbols called chips . A chip is shorter in duration than a bit, meaning that chips are transmitted at a higher rate than the actual data. These chips not only represent encoded data to be transmitted, but also what appears to be random data. Because both parties involved in a DSSS communication know which chips represent actual data and which chips do not, if a third-party intercepted a DSSS transmission, it would be difficult for that party to eavesdrop on the data, because he would not easily know which chips represented valid bits. DSSS is more subject to environmental factors, as opposed to FHSS and OFDN, because it uses of an entire frequency spectrum.

F-type connector

Most common coaxial cable connector which features a screw on attaching mechanism. Used to terminate coaxial cable used for transmitting television and broadband cable signals.

Distributed Applications

Multiple end systems that exchange data with each other

local variable use (C calling convention)

MySub PROC push ebp mov ebp, esp sub esp, 8 ; create locals mov DWORD PTR [ebp - 4], 10 ; x mov DWORD PTR [ebp - 8], 20; y mov esp, ebp ; remove locals from stack pop ebp ret MySub ENDP

distance

NEAR or FAR. Attribute that indicates the type of RET instruction (RET or RETF) generated by the assembler. (used with the PROC directive)

ISAKMP (Internet Security Association and Key Management Protocol)

Negotiates parameters for an IPsec session.

Network Routers

Only work on the network-layer fields of a datagram to move it from the host to the destination across the network

Which server software would you use to create a company directory that you could search and authenticate against?

OpenLDAP (Lightweight Directory Access Protocol)

OC (optical carrier)

Optical networks often use OC levels to indicate bandwidth. As a base reference point, the speed of an OC-1 link is 51.84 Mbps. Other OC levels are multiples of an OC-1. For example, an OC-3 link has three times the bandwidth of an OC-1 link (that is, 3 * 51.84 Mbps = 155.52 Mbps).

Hotfix

Originally, a hotfix was defined as a single problem fixing patch to an individual OS or application that was installed live while the system was up and running, and without a reboot necessary. However, this term has changed over time and varies from vendor to vendor.

Networking disadvantages

Over reliance on technology, Expense of hardware, Risk of viruses and hacking, Specialist skills and expertise are required

What does a distribution provide to add and remove software from the system?

Package manager

output buffer

Packet switches have multiple links attached to them. For each attached link the packet switch has an ______ ______, which stores packets that the router is about to send into that link.

Dropped or Lost Packet

Packet that hits a full queue

service level agreement (SLA)

Part of a service contract where the level of service is formally defined.

66 block

Part of an organization's cross-connect facilities, a type of punch-down block used for many years to terminate telephone circuits. It does not meet Cat 5 or better standards, and so it is infrequently used on data networks.

100 block

Part of an organization's cross-connect facilities, a type of punch-down block designed to terminate Cat 5 or better twisted pair wires.

Tickets

Part of the authentication process used by Kerberos.

Link Layer

Passes frames (link-layer packets) between individual nodes in a network. EX: Ethernet, WiFi

security tokens

Physical devices given to authorized users to help with authentication. These devices might be attached to a keychain or are part of a card system.

Cookie

Pieces of information generated by Web server and stored in the user's computer, ready for future access; embedded in the HTML information flowing back and forth between the user's computer and the servers; were implemented to allow user-side customization of Web information.

Confidentiality

Preventing the disclosure of information to unauthorized persons.

Bootstrap Loader

Program in the BIOS to load the operating system

The implementation of an IA operational baseline will be an incremental process of doing what?

Protecting critical assets

satellite (WAN technology)

Provides WAN access to sites where terrestrial WAN solutions are unavailable. Satellite WAN connections can suffer from long round-trip delay (which can be unacceptable for latency-sensitive applications) and are susceptible to poor weather conditions.

SSL (Secure Sockets Layer)

Provides cryptography and reliability for upper layers (Layers 5-7) of the OSI model. introduced in 1995, it has largely been replaced by Transport Layer Security (TLS). However, recent versions of SSL (for example, SSL 3.3) have been enhanced to be more comparable with TLS. Both SSL and TLS are able to provide secure web browsing via HTTPS.

Underclocking

Reducing the specified performance performance of a processor

TEMPEST

Refers to the investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization.

SFC (system file checker)

Scan integrity of all protected system files

AES (Advanced Encryption Standard)

Released in 2001, this typically considered the preferred symmetric encryption algorithm. It is available in 128-bit key, 192-bit key, and 256-bit key versions. - Encryption method utilized in WPA2 - Requires compatible hardware to encrypt

Bots

Remote control agents installed on your system; often controlled remotely vie Internet Relay Chat (IRC)

Thumb drives, memory sticks, and flash drives are examples of

Removable media

DEL

Remove a file from a directory or Disk, also called "erase"

RFC

Request for Comments

TFA (two-factor authentication)

Requires two types of authentication from a user seeking admission to a network. For example, a user might need to know something (for example, a password) and have something (for example, a specific fingerprint that can be checked with a biometric authentication device).

LSR (label switch router)

Resides inside a service provider's MPLS cloud and makes frame forwarding decisions based on labels applied to frames.

Management Controls

Security methods that focus on the management of the computer security system and the management of risk for a system

remote access VPN

See client-to-site VPN . Also known as a remote access VPN, a client-to-site VPN interconnects a remote user with a site, as an alternative to dial-up or ISDN connectivity, at a reduced cost.

fox and hound

See toner probe. a toner probe allows you to place a tone generator at one end of the connection (for example, in someone's office), and use a probe on the punch-down block to audibly detect to which pair of wires the tone generator is connected.

protocol analyzer

Software tool used to capture and analyze packets.

multifactor authentication

Similar to two-factor authentication, it requires two or more types of successful authentication before granting access to a network.

Packets

Small chunks of information that have been carefully formed from larger chunks of information.

Packet

Small, equal sized units of data used to transfer files over the internet, transmitting the identities of the sending and receiving stations, error-control information, and message.

You receive a call on your work phone and you're asked to participate in a phone survey. As part of the survey the caller asks for birth date and address. What type of attack might this be?

Social Engineering

Malware

Software designed to infiltrate a computer system and possibly damage it without the user's knowledge or consent.

Mobile Code

Software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution by the recipient, Malicious types of this are designed, employed, distributed, or activated with the intention of compromising the performance or security of information systems and computers, increasing access to those systems disclosing unauthorized information, corrupting information, denying service, or stealing resources.

Smurfing

Software that mounts a denial of service attack by exploiting IP broadcast addressing and ICMP ping packets to cause flooding

toner probe

Sometimes called a fox and hound , a toner probe allows you to place a tone generator at one end of the connection (for example, in someone's office), and use a probe on the punch-down block to audibly detect to which pair of wires the tone generator is connected.

A medium secure password has at least 15 characters and one:

Special character

RAID 5

Striping with Parity. Data is striped across multiple disks; fault tolerant parity data is also written to each disk.

NTLM hash

Successor to the LM hash. A more advanced hash used to store Windows passwords, based off the RC4 algorithm.

NTLM2 hash

Successor to the NTLM hash. Based off the MD5 hashing algorithm.

Total Delay

Sum of nodal, queueing, transmission, and propagation delays

copy /y

Suppresses prompting to confirm you want to overwrite an existing destination file

data loss prevention (DLP)

Systems that are designed to protect data by way of content inspection. They are meant to stop the leakage of confidential data, often concentrating on communications.

standby generator

Systems that turn on automatically within seconds of a power outage.

Wiretapping

Tapping into a network cable in an attempt to eavesdrop on a conversation or steal data.

VLAN hopping

The act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.

information security

The act of protecting information from unauthorized access. It usually includes an in-depth plan on how to secure data, computers, and networks.

vulnerability scanning

The act of scanning for weaknesses and susceptibilities in the network and on individual systems.

Wardialing

The act of scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to computer networks.

hot and cold aisles

The aisles in a server room or data center that circulate cold air into the systems and hot air out of them. Usually, the systems and cabinets are supported by a raised floor.

Bandwidth

The amount of data that can be transmitted over a network in a given amount of time.

risk acceptance

The amount of risk an organization is willing to accept. Also known as risk retention.

Performance measure - Latency

The amount of time taken to send and receive a file.

plenum space

The area above the ceiling tile or below the subfloor in a building.

Hoax

The attempt at deceiving people into believing something that is false.

risk assessment

The attempt to determine the amount of threats or hazards that could possibly occur in a given amount of time to your computers and networks.

secure coding concepts

The best practices used during the life cycle of software development.

network perimeter

The border of a computer network, commonly secured by devices such as firewalls and NIDS/NIPS solutions.

Virtualization

The creation of a virtual entity, as opposed to a true or actual entity. A single host can be split up into multiple guests

traffic

The data transmission and processing activity taking place on a computer network at any given time.

Link-layer frame

The datagram from the network layer after the link-layer has attached another link header

account expiration

The date when users' accounts they use to log on to the network expires.

optical loss

The degradation of a light signal on a fiber-optic network.

resources

The devices, data, and data storage space provided by a computer, whether stand-alone or shared.

wavelength

The distance between corresponding points on a wave's cycle. It is inversely proportional to frequency.

Transport layer

The fourth layer of the OSI model. In this layer protocols ensure that data are transferred from point A to point B reliably and without errors. this layer services include flow control, acknowledgment, error correction, segmentation, reassembly, and sequencing. Uses TCP or UDP, to pass segments between layers. Writes destination addresses on segments when passing to the network layer

cladding

The glass or plastic shield around the core of a fiber-optic cable. It reflects light back to the core in patterns that vary depending on the transmission mode. This reflection allows fiber to bend around corners without impairing the light-based signal.

Nonrepudiation

The idea of ensuring that a person or group cannot refute the validity of your proof against them.

risk management

The identification, assessment, and prioritization of risks, and the mitigating and monitoring of those risks.

Zombie

The individual compromised computers in a botnet.

MTU (maximum transmission unit)

The largest data unit a network (for example, Ethernet or token ring) will accept for transmission.

RTT (round trip time)

The length of time it takes for a packet to go from sender to receiver, then back from receiver to sender. It is usually measured in milliseconds.

data bus

The lines on the system bus that the CPU uses to send and receive data.

MAC (Media Access Control) sublayer

The lower sublayer of the Data Link layer (layer 2). The MAC appends the physical address of the destination computer onto the frame.

Physical layer

The lowest, or first, layer of the OSI model. Protocols in this layer generate and detect signals so as to transmit and receive data over a network medium. These protocols also set the data transmission rate and monitor data error rates, but do not provide error correction. Moves the individual bits within the frame from one node to the next. EX: Fiber Optic Cable, Copper Wire

IP (Internet Protocol)

The main delivery system for information over the Internet. A core protocol in the TCP/IP suite that operates in the Network layer of the OSI model and provides information about how and where data should be delivered. IP is the subprotocol that enables TCP/IP to internetwork

transmission media

The means through which data are transmitted and received.

reliability

The measure of how error-free a network transmits packets.

volt

The measurement used to describe the degree of pressure an electrical current exerts on a conductor.

Application-layer Message

The message passed to the transport layer, where a header is added meant for the receiving side of the destination transport layer

due care

The mitigation action that an organization takes to defend against the risks that have been uncovered during due diligence.

DNS poisoning

The modification of name resolution information that should be in a DNS server's cache.

Binary Code

The most basic language a computer understands, it is composed of a series of 0s and 1s (or bits). The computer interprets the code to form numbers, letters, punctuation marks, and symbols. (1 is on, 0 is off)

service set identifier (SSID)

The name of a wireless access point (or network) to which network clients will connect; it is broadcast through the air.

overhead

The nondata information that must accompany data in order for a signal to be properly routed and interpreted by the network.

Packet Loss

The number of packets that are lost or damaged during transmission, sometimes a result of finite queue space

frequency

The number of times that a signal's amplitude changes over a fixed period of time, expressed in cycles per second, or hertz (Hz).

twist ratio

The number of twists per meter or foot in a twisted pair cable.

LANMAN hash

The original hash used to store Windows passwords, known as LM hash, based off the DES algorithm.

sheath

The outer cover, or jacket, of a cable.

SYN-ACK (synchronization-acknowledgment)

The packet a node sends to acknowledge to another node that it has received a SYN request for connection. This packet is the second of three in the three-step process of establishing a connection.

SYN (synchronization)

The packet one node sends to request a connection with another node on the network. This packet is the first of three in the three-step process of establishing a connection.

store-and-forward transmission

The packet switch must receive the entire packet before it can begin to transmit the first bit of the packet onto the outbound link

backbone

The part of a network to which segments and significant shared devices (such as routers, switches, and servers) connect.

ALU (Arithmetic Logic Unit)

The part of the central processing unit that performs arithmetic computations and logical operations.

Physical Topology

The physical arrangement of connections between computers.

topology

The physical layout of computers on a network.

network topology

The physical topology of a network refers to the configuration of cables, computers, and other peripherals.

connectors

The pieces of hardware that connect the wire to the network device, be it a file server, workstation, switch, or printer.

conduit

The pipeline used to contain and protect cabling. It is usually made from metal.

patch management

The planning, testing, implementing, and auditing of patches.

demarcation point (demarc)

The point of division between a telecommunications service carrier's network and a building's internal network. The point in a telephone network where the maintenance responsibility passes from a telephone company to a subscriber (unless the subscriber purchased an inside wiring plan). This demarc is typically a box mounted to the outside of a customer's building (for example, a residence).

Hypervisor

The portion of virtual machine software that allows multiple virtual operating systems (guests) to run at the same time on a single computer.

Risk

The possibility of a malicious attack or other threat causing damage or downtime to a computer system.

Cryptography

The practice and study of hiding information. A way to store and transmit data so only the intended recipient can read or process it

vulnerability management

The practice of finding and mitigating software vulnerabilities in computers and networks.

information assurance

The practice of managing risks that are related to computer hardware and software systems.

due process

The principle that an organization must respect and safeguard personnel's rights.

sequencing

The process of assigning a placeholder to each piece of a data block to allow the receiving node's Transport layer to reassemble the data in the correct order.

network address translation (NAT)

The process of changing an IP address while it is in transit across a router. This is usually so one larger address space (private) can be remapped to another address space, or single IP address (public). - An internet standard which connects the internet to a private network while maintaining privacy. - This is used to translate one IP addressing system with another that is not necessarily compatible.

Systems Development Life Cycle (SDLC)

The process of creating systems and applications, and the methodologies used to do so.

security posture

The risk level to which a system, or other technology element, is exposed.

residual risk

The risk that is left over after a security and disaster recovery plan have been implemented.

Steganography

The science (and art) of writing hidden messages; it is a form of security through obscurity. Conceals data (the message) in another file such as a graphic, audio, or other text file

Data Link layer

The second layer in the OSI model. This layer bridges the networking media with the Network layer. Its primary function is to divide the data it receives from the Network layer into frames that can then be transmitted by the Physical layer.

device ID

The second set of six characters that make up a network device's MAC address - contains the device's model and manufacture date.

Network-layer datagram

The segment from the transport layer after the network layer has added an additional header such as the source and destination network addresses

Bluejacking

The sending of unsolicited messages to Bluetooth-enabled devices such as mobile phones and PDAs.

Service model

The services that a layer offers to the layer above

Application layer

The seventh layer of the OSI model. This layer's protocols enable software programs to negotiate formatting, procedural, security, synchronization, and other requirements with the network. Uses messages passed between end systems.

Transport Layer Security (TLS)

The successor to SSL. Provides secure Internet communications. This is shown in a browser as HTTPS.

Presentation layer

The sixth layer of the OSI model. Protocols in this layer translate between the application and the network. Here, data are formatted in a schema that the network can understand, with the format varying according to the type of network used. This layer also manages data encryption and decryption.

Network Management System (NMS)

The software run on one or more servers that controls the monitoring of network attached devices and computers.

Transmission Rate

The speed of a link measured in bits/second. (R)

RJ-11 (registered jack 11)

The standard connector used with unshielded twisted pair cabling (usually Cat 3 or Level 1) to connect analog telephones.

Data Integrity

The state that exists when automated data is the same as that in source documents, or has been correctly computed from source data, and has not been exposed to alteration or destruction. Also refers to the accuracy, consistency, and reliability of data stored in a database

network mapping

The study of physical and logical connectivity of networks.

Network layer

The third layer in the OSI model. Protocols in this layer translate network addresses into their physical counterparts and decide how to route data from the sender to the receiver.

nodal processing delay

The time it takes to process a packet in a network node (router, switch, hub, etc.), which is dependent on the speed of the device and congestion in the network.

Accounting

The tracking of data, computer usage, and network resources, keeping account of what users do, including what they access, the amount of time they access resources, and any changes made. Often it means logging, auditing, and monitoring of the data and resources.

Bluesnarfing

The unauthorized access of information from a wireless device through a Bluetooth connection.

jitter

The uneven arrival of packets.

DDoS (distributed denial of service)

These attacks can increase the amount of traffic flooded to a target system. Specifically, an attacker compromises multiple systems, and those compromised systems, called zombies , can be instructed by the attacker to simultaneously launch a DDoS attack against a target system.

Which of the following is true of Internet hoaxes?

They can be part of a distributed denial-of-service (DDoS) attack.

Importance of Objects

They help code be more understandable They allow more code to be around them They make programming easier They can be used over and over

FTP bounce

This bounce attack uses the FTP

control bus

This bus carries command and control signals to and from every other component of a computer.

E1

This circuit contains 32 channels, in contrast to the 24 channels on a T1 circuit. Only 30 of those 32 channels, however, can transmit data (or voice or video).Specifically, the first of those 32 channels is reserved for framing and synchronization, and the 17th channel is reserved for signaling (that is, to set up, maintain, and tear down a session).

T1

This circuit were originally used in telephony networks, with the intent of one voice conversation being carried in a single channel (that is, a single DS0). This circuit is comprised of 24 DS0s, and the bandwidth of this circuit type is 1.544 Mbps.

CPE (customer premise equipment)

This device resides at a customer site. A router, as an example, can be a CPE that connects a customer with an MPLS service provider.

Separation of Duties (SoD)

This is when more than one person is required to complete a particular task or operation.

warm site

This will have computers, phones, and servers, but they might require some configuration before users can start working on them.

Fetch- Decode- Execute

Three steps to processing instructions that are being currently used

Switch

Use the SWITCH statement when many blocks of code are being executed.

Loops

Use when running the same code over and over again, each time with a different value.

ICMP (Internet Control Message Protocol)

Used by a router to exchange information with other routers

Spam

To indiscriminately send unsolicited, unwanted, irrelevant, or inappropriate messages, especially commercial advertising in mass quantities

link efficiency

To make the most of the limited bandwidth available on slower speed links, you might choose to implement compression or link fragmentation and interleaving (LFI). These QoS mechanisms are examples of link efficiency mechanisms.

Electrostatic discharge (ESD) wrist strap

To prevent static electricity in your body from damaging electrical components on a circuit board, you can wear an ESD wrist strap. The strap is equipped with a clip that you can attach to something with a ground potential (for example, a large metal desk). While wearing the wrist strap, if you have any static buildup in your body, the static flows to the object with a ground potential to which your strap is clipped, thus avoiding damage to any electrical components that you might touch.

Authentication

To verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an information system, or to establish the validity of a transmission

ARPANET

U.S. Department of Defense Project

Which of the following is a best practice for securing your home computer?

Use antivirus software and keep it up to date.

Phishing

Use e-mail or malicious web sites to solicit personal, often financial, information. Attackers may send e-mail seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.

copy /v

Verifies that new files are written correctly.

gpresult

Verify policy settings for a computer or user

false positive

When a system authenticates a user who should not be allowed access to the system. For example, when an IDS/IPS blocks legitimate traffic from passing on to the network.

App

a self contained program usually designed for a single purpose

ESS (Extended Service Set)

WLANs containing more than one AP are called ESS WLANs. Like BSS WLANs, ESS WLANs operate in infrastructure mode. When you have more than one AP, take care to prevent one AP from interfering with another. Specifically, nonoverlapping channels (that is, channels 1, 6, and 11 for the 2.4-GHz band) should be selected for adjacent wireless coverage areas.

BSS (Basic Service Set)

WLANs that have just one AP are called BSS WLANs. BSS WLANs are said to run in infrastructure mode, because wireless clients connect to an AP, which is typically connected to a wired network infrastructure. A BSS network is often used in residential and SOHO locations, where the signal strength provided by a single AP is sufficient to service all of the WLAN's wireless clients.

shutdown /s /t nn

Wait nn seconds, then shutdown

ad filtering

Ways of blocking and filtering out unwanted advertisement; popup blockers and content filters are considered to be ad filtering methods.

Algorithms

Well-defined instructions that describe computations from their initial state to their final state.

Which of the following attacks target high ranking officials and executives?

Whaling

Lost

What happens to data when power is lost to RAM

The most important consideration when choosing an operating system is:

What the computer will do

false negative

When a system denies a user who actually should be allowed access to the system. For example, when an IDS/IPS fails to block an attack, thinking it is legitimate traffic.

false rejection

When a biometric system fails to recognize an authorized person and doesn't allow that person access.

congestion management

When a device, such as a switch or router, receives traffic faster than it can be transmitted, the device attempts to buffer (or store) the extra traffic until bandwidth becomes available. This buffering process is called queuing or congestion management.

TCP/IP hijacking

When a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access.

Baiting

When a malicious individual leaves malware-infected removable media, such as a USB drive or optical disc, lying around in plain view.

nonpromiscuous mode

When a network adapter captures only the packets that are addressed to it.

Identification

When a person is in a state of being identified. It can also be described as something that identifies a person such as an ID card.

dumpster diving

When a person literally scavenges for private information (PINs, access codes, CC #s, etc) in garbage and recycling containers.

Eavesdropping

When a person uses direct observation to "listen" in to a conversation.

shoulder surfing

When a person uses direct observation to find out a target's password, PIN, or other such authentication information.

buffer overflow

When a process stores data outside the memory that the developer intended. This could cause erratic behavior in the application, especially if the memory already had other data in it.

risk mitigation

When a risk is reduced or eliminated altogether.

Crosstalk

When a signal transmitted on one copper wire creates an undesired effect on another wire; the signal "bleeds" over, so to speak.

static NAT

When a single private IP address translates to a single public IP address. This is also called one-to-one mapping.

failopen mode

When a switch broadcasts data on all ports the way a hub does.

diversion theft

When a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location.

OFDM (Orthogonal Frequency Division Multiplexing)

While DSSS used a high modulation rate for the symbols it sends, OFDM uses a relatively slow modulation rate for symbols. This slower modulation rate, combined with the simultaneous transmission of data over 52 data streams, helps OFDM support high data rates while resisting crosstalk between the various data streams.

taskkill

Will end a process by using the process id (PID) number or image name.

What is "WIMP"?

Windows, Icons, Menus, Pointer--the fundamental components of GUIs in the days of computers and mice. WIMP replaced command-line, text-input interfaces.

circuit-level gateway

Works at the Session Layer of the OSI model and applies security mechanisms when a TCP or UDP connection is established; they act as a go-between for the Transport and Application Layers in TCP/IP.

Which answer best identifies stand-alone software that does not require a user to assist in its propogation:

Worm

symbol variables

X_local EQU DWORD PTR [ebp - 4] Y_local EQU DWORD PTR [ebp - 8] mySub PROC push ebp mov ebp, esp sub esp, 8 ; reserve space for locals mov X_local, 10 ; x mov Y_local, 20 ; y mov esp, ebp ; remove locals from stack pop ebp ret mySub ENDP

A "copyleft provision" in a software license means:

You must distribute the source to any changes you make

Your company makes a hardware firewall that runs a custom Linux kernel. What are your obligations under GPLv2

You must make the source to your kernel available

constant OFFSETS

[ebp + 8] or [ebp + 12] NOTE: do not use with the PROC USES operator

ICANN (Internet Corporation for Assigned Names and Numbers)

a central organization that coordinates the Internet domain naming system

Chipset

a collection of integrated circuits that manages the data flow between the processor, memory and peripherals.

Zero day attack

a computer attack that tries to exploit software vulnerabilities that are unknown or undisclosed by the software vendor

Volatile Memory

a computer memory that can not retain the stored information when not powered.

Non-Volatile Memory

a computer memory that can retain the stored information even when not powered.

HIPS (Host-Based IPS)

a computer running intrusion prevention software for the purpose of protecting the computer from attacks.

Digital Video Interface (DVI)

a connection interface used between monitors and computers, which supports both digital and analog data or only digital data.

Hard Disk Drive (HDD)

a data storage device comprised of a set of stacked "disks," each of which has data recorded electromagnetically in tracks and sectors on it.

Solid State Drive (SSD)

a data storage device that does not use any movable parts, uses relatively little power, and consist of flash memory chips that store your data.

User defined integrity

a database integrity that state that a set of rules defined by a user which does not belong to one of the other categories

Referential integrity

a database integrity that state that a user cannot delete a record which is related to another user

Domain integrity

a database integrity that state that all data stored in a column must follow the same format and definition

High Definition Multimedia Interface (HDMI)

a digital interface for transmitting audio and video data in a single cable.

Universal Serial Bus (USB)

a fast serial bus providing a plug-and-play interface that allows a computer to communicate with peripheral and other devices.

Internet Key Exchange

a fundamental component of IPsec Virtual Private Networks (VPNs)

Proxy Server

a server that all computers on the local network have to go through before accessing information on the Internet.

MD5 algorithm

a hash function developed by Ron Rivest that produces a 128-bit hash value

varlist

a list of variable definitions, separated by commas, optionally spanning multiple lines

IXP (Internet Exchange Point)

a meeting point where multiple ISPs can peer together

NIPS (Network-Based IPS)

a network appliance dedicated to the purpose of acting as an IPS sensor.

NIDS (Network-Based IDS)

a network appliance dedicated to the purpose of acting as an IDS sensor.

An internet

a network of computer networks

PAN (Personal-area network)

a network whose scale is smaller than a LAN. (ie: a connection between a PC and a digital camera via a USB cable.

SAN (storage area network)

a network-based storage system

Creative Commons

a nonprofit organization that provides free legal tools to change the creator copyright terms from All Right Reserved to Some Rights Reserved

Object-Oriented Programming

a programming language model organized around objects rather than "actions" and data rather than logic

BIOS chip

a read-only memory in which a set of routines is stored, enabling a computer to start the operating system and to communicate with the various devices in the system, such as disk drives, keyboard, monitor, printer, and communications ports.

Repeater(network hardware)

a repeater captures the signal and rebuilds it. It then transmits the rebuilt signal. A repeater can therefore extend the the length of a network since signals from a wire worsen as the distance increases.

Computer Software

a set of instructions that directs the computer in how to complete a task

bit (binary digit)

a single pulse in the digital encoding system. It may have only one of two values: 0 or 1.

Die

a small block of semiconducting material, on which a given functional circuit is fabricated.

Keyboard Logging

a software program that records or logs the keystrokes of the user of the system

Host Intrusion Detection System

a software that runs on a host computer that monitors suspicious activity

Constructor

a special function that gets called automatically when the object of a class is created

NOS (network operating system)

a specialized operating system for a network device such as a router, switch or firewall

NAS (Network Attached Storage)

a storage device connected to a network that allows storage and retrieval of data from a centralized location by authorized network users

recursive subroutine

a subroutine that calls itself, either directly or indirectly

3DES (Triple Data Encryption Algorithm)

a symmetric block cipher with 64-bit block size that uses a 56-bit key, encrypts data three times and uses a different key for at least one of the three passes, giving it a cumulative key size of 112-168 bits

Data Masking

a technology that secures data by replacing sensitive information with a non-sensitive version

von Nuemann architecture

a theoretical design for a stored program computer that serves as the basis for almost all modern computers; consists of a central processor with an arithmetic/logic unit and a control unit, a memory, mass storage, and input and output

Printed Circuit Board (PCB)

a thin board made of fiberglass or other laminate material on which conductive pathways are "printed", connecting different components on the PCB, such as transistors, resistors, and integrated circuits.

Wafer

a thin slice of semiconductor material that serves as the substrate for microelectronic devices.

Plug-In

a third party program that allows your browser to display multimedia-rich, interactive, dynamic content

CISSP

a vendor-neutral certification for those cybersecurity specialists with a great deal of technical and managerial experience

Media

a way to interconnect devices on a network. For example, copper cabling, fiber-optic cable or wireless connections.

Rogue access point

a wireless access point installed on a secure network without explicit authorization

Site License

enables organizations to install software apps on a specific number of computers

Proprietary Software License

allows the publisher to retain ownership of the software, but grants you the right to install the software on your computer

Fair Use

allows, without the permission of the rights holder, the use of brief selections of copyright materials for purposes such as commentary and critism, news reporting, teaching, and research

Video Editors

enables you to modify your digital videos

Shareware

enables you to try out the software application prior to purchase

Open Source Software License

grants ownership of the copy to the end user, and you can redistribute the software and modify it

Physical Access Control

actual barriers deployed to prevent direct contact with systems. The goal is to prevent unauthorized users from gaining physical access to facilities, equipment, and other organizational assets

C calling convention

add a value to ESP equal to the combined sizes of the parameters. Then, ESP will point to the stack location that contains the subroutine's return address. Example1 PROC push 6 push 5 call AddTwo add esp, 8 ;remove arguments from the stack ret Example1 ENDP

reference arguments

addresses of variables

Asymmetric Algorithms

algorithms that use one key to encrypt data and a different key to decrypt data

peer-to-peer network

allow users to share resources and files located on their computers and access shared resources found on other computers. However, they do NOT have a file server or a centralized management source.All computers are considered EQUAL. pros - less initial expense - setup cons - decentralized - security

Remote Code Executions

allows a criminal to execute any command on a target machine

Short Message Service

allows business to send brief electronic text messages to mobile devices

Switch

an Ethernet switch interconnects network components.It is available with a variety of port densities. A switch learns which devices reside off of which ports. As a result, the switch learns where the traffic is destined and forwards the traffic out only the appropriate port, not out all of the other ports.

Double Data Rate (DDR)

an advanced version of SDRAM, which can transfer data twice as fast as regular SDRAM chips. This is because it can send and receive signals twice per clock cycle.

Field Programmable Gate Array (FPGA)

an integrated circuit that can be configured by the user for a specific application after being manufactured.

CAN (Campus -area network)

an interconnection of networks located in nearby buildings. (ie: buildings on a college campus)

Adware protection

antimalware program that blocks the IP addresses of known phishing websites and warns the user about suspicious sites

Antivirus protection

antimalware program that continuously monitors for viruses

Spyware protection

antimalware program that scans for keyloggers and other spyware

Propagation Delay

any delay in communications from signal transmission time through a physical medium

Spyware

any software using someone's Internet connection in the background without their knowledge or explicit permission. These applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that majority of shareware and freeware do not come with this. Once installed, this monitors user activity on the Internet and transmits that information in the background to someone else. IT can also gather information about e-mail addresses and even passwords and credit card numbers.

label

any valid identifier (used with the LOCAL directive)

Using the Command Prompt, what does a "tree" do?

graphically displays the directory structure of a drive or a path.

Peripheral

anything that will connect to the outside of the computer, they can be input and output, depending on the device.

Application resilience

application's ability to react to problems in one of its components while still functioning

paramName

arbitrary name you assign to the parameter . It's scope is current and local. (used with the PROC directive, parameterList)

Vector Graphics

are maths-based graphics

Black Hat Attackers

are unethical criminals who violate computer and network security for personal gain, or for malicious reasons, such as attacking networks

modules

assembled units of divided up programming. Each is assembled independently, so a change to one's source code only requires reassembly the single file.

Per seat license

assigns a product key to individual users

TDoS (telephony denial of service)

attack that uses phone calls against a target telephone network tying up the system and preventing legitimate calls from getting through

Biometrics

automated methods of recognizing an individual based on a physiological or behavioral characteristic

Public Domain

works that are not restricted by copyright; they are owned by the public and can be freely used

Stripping

writes data across multiple drives

Central Processing Unit (CPU)

considered the brain of a computer, which carries out the processing of tasks and instructions in the computer.

Vulnerability Brokers

grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards

Hacktivists

grey hat hackers who rally and protest against different political and social ideas

Examples of Storage Devices

hard drive, optical drive, flash drive...

symmetric encryption

both the sender and receiver of a packet use the same key (a shared key ) for encryption and decryption.

White Hat Attackers

break into networks or computer systems to discover weaknesses in order to improve the security of these systems

SMTP (Simple Mail Transfer Protocol) Session Hijacking

by gaining access to a list of e-mail addresses a person can send spam to thousands of users

File access control

consists of permissions that limit folder or file access for an individual or for a group of users

Volume licensing

you are able to purchase multiple installations of the application using the same product key

unidirectional antenna

can focus their power in a specific direction, thus avoiding potential interference with other wireless devices and perhaps reaching greater distances than those possible with omnidirectional antennas. One application for unidirectional antennas is interconnecting two nearby buildings.

IPS (Intrusion Prevention System)

can recognize the signature of a well-known attack and respond to stop the attack. This device resides in-line with the traffic flow, unlike an IDS sensor. Analyzes the contents and the payload of the packets for more sophisticated embedded attacks that might include malicious data

System resiliency

capability to maintain availability of data and operational processing despite attacks or disrupting event

Cat 6e (Enhanced Category 6)

capable of a 550-MHz signaling rate and can reliably transmit data at multi-gigabit per second rates.

read operation

capable of being displayed (read); operating systems also allow you to protect objects with a read-only attribute that prevents other users from modifying the object

write operation

capable of being modified (written to)

Reduced Instruction Set Computer (RISC)

computers designed with a reduced set of computer instructions that includes only the most frequently used instructions so that the computer would get more work done in a shorter amount of time for most applications.

terminating condition

condition that terminates a recursive routine when it becomes true

DB-25

connector A type of connector with 25 pins that's commonly used in serial communication that conforms to the RS-232 standard.

Multimedia

content that integrates text and media

Software License

contract that gives you the right to install and use a software application on one or more computers

Database Management System

controls how collections of data are stored, organized, retrieved, and secured

copy

copy's dir/folder into new location

NIST (National Institute of Standards and Technology)

created a framework for companies and organizations in need of cybersecurity professionals

output parameter

created when a calling program passes the address of a variable to a procedure. The procedure uses the address to locate and assign data to the variable.

merge PROC LOCAL pArray: PTR WORD

declare a procedure named merge that contains a local variable, pArray, of type PTR WORD using the LOCAL directive

merge PROC LOCAL tempArray[10]: DWORD

declare a procedure named merge that contains a local variable, tempArray, of type DWORD using the LOCAL directive

mySub PROC LOCAL var1: BYTE

declare a procedure named mySUb that contains a local variable named var1 of type BYTE using the LOCAL directive

mySub PROC enter 8, 0

declare a procedure that reserves 8 bytes of stack space for local variables using the ENTER instruction and returns to the caller similar to: mySub PROC push ebp mov ebp, esp sub esp, 8 mov esp, ebp pop ebp ret mySub ENDP

input parameter

data passed by a calling program to a procedure. The called procedure is not expected to modify the corresponding parameter variable, and even if it does, the modification is confined to the procedure itself.

CRM (Customer relationship management)

database system that tracks interactions with with a customer and is valuable to gain information about marketing, sales, and customer service

bubbleSort PROC LOCAL temp: DWORD, swapFlag: BYTE

declare a procedure named bubbleSort that contains two local variables, temp and swapFlag, of types, DWORD and BYTE, using the LOCAL directive

Example3 PROC LOCAL temp:DWORD mov eax, temp ret Example3 ENDP

declare a procedure named example3 using the LOCAL directive and dword variable named temp similar to: Example3 PROC push ebp mov ebp, esp add esp, OFFFFFFFCh ; add -4 to ESP mov eax, [ebp - 5] leave ret Example3 ENDP

read_File PROC USES eax ebx, pBuffer:PTR BYTE LOCAL fileHandle:DWORD mov esi, pBuffer mov fileHandle, eax ret read_File ENDP

declare a procedure the simplifies the following code (there may be more than one way to perform this task, only one can be exampled here): read_File PROC push ebp mov ebp, esp add esp, 0FFFFFFCh ; create fileHandle push eax ; save EAX push ebx ; save EBX mov esi, dword ptr [ebp+8] ; pBuffer mov dword ptr [ebp-4], eax ; fileHandle pop ebx pop eax leave ret 4 read_File ENDP

ArraySum PROTO, ptrArray:PTR DWORD, szArray:DWORD

declare the PROTO statement for the following PROC statement: ArraySum PROC USES esi ecx, ptrArray: PTR DWORD, szArray: DWORD

dedicated leased line

dedicated leased line A logical connection interconnecting two sites. This logical connection might physically connect through a service provider's facility or a telephone company's central office. The expense of this line is typically higher than other WAN technologies offering similar data rates, because with this line, a customer does not have to share bandwidth with other customers.

INVOKE swap, ADDR array, ADDR [array + 4]

define an INVOKE instruction to replace the following lines of code: push OFFSET array+4 push OFFSET array call swap

INVOKE DumpArray, OFFSET array, LENGTHOF array, TYPE array

define an INVOKE instruction to replace the following lines of code: push TYPE array push LENGTHOF array push OFFSET array call DumpArray

Client

defines the device an end-user uses to access a network or request data stored on a server. (ie: a workstation, laptop, smartphone, with wireless capabilities, a tablet, or a variety of other end-user terminal devices.)

State Sponsored Hackers

depending on a person's perspective, these are either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks

Shuffling

derives a substitution set from the same column of data that a user wants to mask. This technique works well for financial information in a test database, for example

LOCAL

directive to substitute for the ENTER instruction. Declares one or more local variables by name, assigning them size attributes. If used, must appear on the line immediately following the PROC directive.

STACK

directive used to reserve space for the runtime stack (Irvine32.inc library file)

Full-mesh Topology

directly connects every site to every other site in the network.

nestinglevel

determines the number of stack fram pointers copied into the current stack frame from the stack frame of the calling procedure.

WPA (Wi-Fi Protected Access)

developed its own security standard to address the weaknesses of Wired Equivalent Privacy (WEP). This new security standard was called Wi-Fi Protected Access (WPA) version 1. Secure communication that provides message integrity checks (MIC). - Provides encryption via TKIP. - Can use both pre-shared key or 802.1x for authenticating connection.

PROTO

directive that creates a prototype for an existing procedure. Declares a procedure's name and parameter list. It allows you to call a procedure before defining it and to verify that the number and types of arguments match the procedure definition. Must be used to utilize the INVOKE directive. - use the PROC statement to create - Change the word PROC - Remove the USES operator if any, along with its register list.

INVOKE

directive that pushes arguments on the stack (in the order specified by the MODEL directive's language specifier) and calls a procedure. Replaces the call instructions and allows you to pass multiple arguments using a single line of code. - passing arguments smaller than 32 bits to frequently causes the assembler to overwrite EAX and EDX when it widens the arguments before pushing them on the stack. - avoid proceeding behavior by saving and restoring EAX and EDX before and after the procedure call.

Sound Files

enables delivery of software applications over the Internet rather than storing them on your local computer

3D Spreadsheets

enable you to link multiple worksheets together

Fault tolerance

enables a system to continue to operate if one or more components fail

N+1 Redundancy

ensures system availability in the event of a component failure

Domain Name

follows the protocol and represents the company, product, or person represented by the webpage

gpupdate

force a group policy update

Help and Command (Dir or Chkdsk)

gives information about command

Top Level Domain

gives you an idea of what type of site you are accessing

Discretionary Access Control

grants or restricts object access determined by the object's owner

Logical Access Control

hardware and software solutions used to manage access to resources and systems. These technology-based solutions include tools and protocols that computer systems use for identification, authentication, authorization, and accountability

plugs

has an insulated case and is used to connect the cable from an appliance to a socket.

Methods used to ensure data integrity

hashing, data validation checks, data consistency checks, and access controls

Advanced threat intelligence

helps organizations detect attacks during one of the stages of the cyber attacks and sometimes before with the right information

Ransomware

holds a computer system or the data it contains captive until the target makes a payment

Utilities disruptions

human caused disaster that include power failures, communication outages, fuel shortages, and radioactive fallout

numbytes

immediate value, always rounded up to a multiple of 4 to keep EXP on a doubleword boundary

argument types used with INVOKE

immediate value, integer expression, variable, address expression, register, ADDR name, OFFSET name

Containment Eradication and Recovery

include the intermediate actions performed such as disconnecting a system from the network to stop the information leak

Securely Provision

includes conceptualizing, designing, and building secure IT systems

Collect and Operate

includes specialized denial and deception operations and the collection of cybersecurity information

Protect and Defend

includes the identification, analysis, and mitigation of threats to internal systems and networks

Format

initialize or erase everything on a partition, put brand new file system on a partition.

LEA (Load Effective Address)

instruction that returns the effective address of an indirect operand.

LEAVE

instruction that terminates the stack frame for a procedure. It reverses the action of a previous ENTER instruction by restoring ESP and EBP to the values they were assigned when the procedure was called

LAN (Local-area network)

interconnects network components within a local region. (ie: within a building.) Generally a home of office network

Web Browsers

interpret the HTML that is stored on webpage and display the contents

Mitigation

involves reducing the severity of the loss or the likelihood of the loss from occurring

Synchronous Online Communication

involves two or more people who are communicating simultaneously in real time

ARP (Address Resolution Protocol) poisoning

is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets

CSMA/CA (Carrier Sense Multiple Access / Collision Avoidance)

is needed for WLAN connections, because of their half-duplex operation. A WLAN device listens for a transmission on a wireless channel to determine if it is safe to transmit. Additionally, the collision-avoidance part of the CSMA/CA algorithm causes wireless devices to wait for a random back-off time before transmitting.

Add-On

is specific to a type of browser and adds functionality to the browser

Simplicity

mitigation strategy that includes a secure solution which should be simple on the inside, but complex outside

Diversity

mitigation strategy that includes an organization using different encryption algorithms or authentication systems to protect data in different states

Obscurity

mitigation strategy that includes concealing certain type of information by making it more difficult for cyber criminals to attack a system

Layering

mitigation strategy that includes creating a barrier of multiple defenses that coordinates together to prevent attacks

Limiting

mitigation strategy that includes limiting access to data and information by reducing the possibility of a threat

Examples of Output Devices

monitor, printer, speakers, headphones

.. - shortcut to CD and path

moves back one directory from where you currently are.

RD

remove directory example: C:\Users\administrator>rd temp

Substitution

replaces data with authentic-looking values to apply anonymity to the data records

IOS resilience

resilient design that allows for faster recovery if someone maliciously or unintentionally reformats flash memory or erases the startup configuration file

Recovery Control

restore resources, functions, and capabilities after a violation of a security policy. These controls can repair damage, in addition to stopping any further damage. These controls have more advanced capabilities over corrective access controls.

Corrective Control

restore the system back to a state of confidentiality, integrity, and availability. They can also restore systems to normal after unauthorized activity occurs

Qualitative risk analysis

risk analysis approach that uses opinions and scenarios

Gateway Load Balancing Protocol (GLBP)

router redundancy option that protects data traffic from a failed router or circuit while also allowing load balancing/sharing between a group of redundant routers

HSRP

router redundancy option that provides high network availability by providing first hop routing redundancy

VRRP (Virtual Router Redundancy Protocol)

router redundancy option when the elected router is the virtual router master, and the other routers acts as backups, in case the virtual router master fails

Web Apps

run in business, so they are platform-neutral, and will run on any device with a supported browser and Internet access

SCP (secure copy protocol)

securely transfers computer files between two remote systems

Packet Switches

takes a packet arriving on one of its incoming communication links and forwards that packet on one of its outgoing communication links. EX Routers, Link-layer switches

Script Kiddies

teenagers or hobbyists mostly limited to pranks and vandalism, have little or no skill, often using existing tools or instructions found on the Internet to launch attacks.

New Laws

the ISACA (Information Systems Audit and Control Association) group track law enacted related to cyber security

Vulnerability Database

the National Common Vulnerabilities and Exposures (CVE) database is an example of

Integrity

the accuracy, consistency, and trustworthiness of data during its entire life cycle

Throughput

the actual speed of data transfer that is achieved

Transmission Delay

the amount of time required to push all of the packet's bits into the link (L/R)

prologue

the beginning of a function consisting of statements that save the EBP register and point EBP to the top of the stack, OR push certain registers on the stack whose values will be restored when the function returns.

Integrated Circuits (IC)

the integration of large numbers of tiny electronic circuits into a small chip.

Motherboard

the main circuit board of your computer which hosts the CPU, the chipset, BIOS chip, RAM expansion slots, PCI slots, and USB ports etc.

Access Network

the network that physically connects an end system to the first router (also known as the "edge router") on a path from the end system to any other distant end system.

Clock Speed

the operating speed of a computer or its microprocessor. It is measured in a unit called Hertz (Hz), which is the number of clock cycles per second.

Read Only Memory (ROM)

the portion of a computer's primary storage that does not lose its contents when one switches off the power; a type of non-volatile memory on which data can only be read but not written to.

Cybersecurity Threat

the possibility that a harmful event, such as an attack, will occur

recursion

the practice of calling recursive subroutines. - linked lists - connected graphs - careful not to create endless loop

Availability

the principle used to describe the need to maintain availability of information systems and services at all times, so that data is obtainable regardless of how information is stored, accessed, or protected

telecommunications closet Also known as a "telco room,"

the space that contains connectivity for groups of workstations in a defined area, plus cross-connections to IDFs or, in smaller organizations, an MDF. Large organizations may have several of it per floor, but the TIA/EIA standard specifies at least one per floor.

NetFlow

the standard for collecting operational data from networks

Cryptology

the study of codes, or the art of writing and solving them

Clock Cycle

the time between two adjacent pulses of the oscillator, during which a CPU can perform a basic operation such as fetching an instruction, accessing memory, or writing data.

Data Obfuscation

the use and practice of data masking and steganography techniques in the cybersecurity and cyber intelligence profession. the art of making the message confusing, ambiguous, or harder to understand

Symmetric Algorithms

these algorithms use the same pre-shared key, sometimes called a secret key pair, to encrypt and decrypt data

Elliptic Curve Cryptography (ECC)

uses elliptic curves as part of the algorithm. In the U.S., the National Security Agency uses it for digital signature generation and key exchange

Boolean Search

uses logical operators such as AND, OR, and NOT to link the words you are searching for

MIMO (Multiple Input Multiple Output)

uses multiple antennas for transmission and reception. These antennas do not interfere with one another, thanks to MIMO's use of spatial multiplexing, which encodes data based on the antenna from which the data will be transmitted. Both reliability and throughput can be increased with MIMO's simultaneous use of multiple antennas.

RAID (Redundant Array of Independent Disks)

uses multiple hard drives in an array which is a method of combining multiple disks so that the operating system sees them as a single disk

Sneaker net

uses removable media to physically move data from one computer to another

ElGamal

uses the U.S. government standard for digital signatures. This encryption algorithm is free to use because no one holds the patent

Wireless networks

uses the airwaves to transmit data

Database validation

validation rule checks that data falls within the parameters defined by the database designer

Consistency

validation rule that checks for the consistency of codes in related data items

Range

validation rule that checks that data lies within a minimum and maximum value

Size

validation rule that checks the number of characters in a data item

Check digit

validation rule that provides for an extra calculation to generate a check digit for error detection

value arguments

values of variables and constants

local variables

variables created, used, and destroyed within a single subroutine - only statements within a local variable's enclosing subroutine can view or modify the variable, preventing program bugs caused by modifying variables - storage space used by local variables is released when the subroutine ends - local variables from different subroutines can have the same name without a name clash - essential when writing recursive subroutines, as well as subroutines executed by multiple execution threads.

Five nines

when the system and services are available 99,999% of the time

Pretexting

when an attacker calls an individual and lies to them in an attempt to gain access to privileged data

Something for something

when an attacker requests personal information from a party in exchange for something like a gift

Domain Name System

works like a directory, looking up the IP address when you type a domain name