CH.19 Protecting the Network

Ace your homework & exams now with Quizwiz!

Trojan horse

a program that appears desirable but actually contains something harmful and does catastrophic damage to the hosts machine

Unified Threat Management (UTM)

comprehensive security management tool that combines multiple security tools, including firewalls, virtual private networks, intrusion detection systems, and web content filtering and anti-spam software

firewalls

devices or software that protect an internal network from unauthorized access by acting as a filter.

Social Engineering

hackers use their social skills to trick people into revealing access credentials or other valuable information

malicious users

hosts on a network that consciously attempt to access, steal, or damage resources.

fault tolerance

the ability for a system to respond to unexpected failures or system crashes as the backup system immediately and automatically takes over with no loss of service

changing default credentials

this is the first hardware hardening sequence when allocating a new device to be used on the network.

unencrypted channels

tunnels over the internet that could be easily sniffed and read by malicious users

access control list (ACL)

A clearly defined list of permissions that specifies what actions an authenticated user may perform on a shared resource.

zombie

A computer compromised with malware to support a botnet is called a _______________.

logic bomb

A computer program or part of a program that lies dormant until it is triggered by a specific logical event.

worm

A destructive computer program that bores its way through a computer's files or through a computer's network.

next-generation firewall (NGFW)

A firewall that combines firewall software with anti-malware software and other software that protects resources on a network at different layers and more.

man-in-the-middle attack

A form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.

spoofing

A hacker who sends an e-mail but replaces his return e-mail address with a fake one is _______________ the e-mail address.

virus

A piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data

Dynamic ARP Inspection (DAI)

A security feature on a switch that monitors ARP messages in order to detect faked ARP messages.

Honeypot

A security tool used to lure attackers away from the actual network components. Also called a decoy or sacrificial lamb.

Adware

A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

Domain Name System Security Extensions (DNSSEC)

A suite of extensions that adds security to the Domain Name System (DNS) protocol by enabling DNS responses to be validated. Specifically, ______ provides origin authority, data integrity, and authenticated denial of existence.

posture assessment

A thorough examination of each aspect of the network to determine how it might be compromised or how vulnerable it is to attacks.

Ransomware

A user's machine is locked to a screen telling her she must call a number to unlock her system. What kind of attack is this?

session hijacking

An attack in which an attacker attempts to impersonate the user by using his session token.

ARP cache poisoning

An attack in which attackers use fake ARP replies to alter ARP tables in a network.

brute force attack

An attack on passwords or encryption that tries every possible password or encryption key.

packet sniffing

An attack on wireless networks where an attacker captures data and registers data flows in order to analyze what data is contained in a packet.

phishing

An attack that sends an email or displays a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information

distributed denial of service (DDoS)

An attack that uses multiple zombie computers (even hundreds or thousands) in a botnet to flood a device with requests.

brute force

An attack where someone tries to hack a password using every possible password permutation is called what?

DNS cache poisoning

An exploit in which the DNS database is changed in such as way that a URL no longer connects to the correct Web site

Cleartext Credentials

Any login process conducted over a network where account names, passwords, or other authentication elements are sent from the client or server in an unencrypted fashion.

Protocol Abuse

Anytime you do things with a protocol that it wasn't meant to do and that abuse ends up creating a threat

Cloud-based

Bob is told by his administrator to go to www.runthisantimalware.com and click the "Run the program" button on that site to check for malware. What form of anti-malware delivery is this called?

deauthentication attack

Denial-of-service (DoS) strike that disconnects a wireless host from WAP, so that the victim is forced to reconnect and exchange the wireless key multiple times; an attacker can then perform an offline brute-force cracking of the password.`

banner grabbing

Gathering information from messages that a service transmits when another program connects to it.

Stateful Inspection

Keep track of each communication, maintain a table that contains data about each connection

insider threats

Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident

crypto-ransomware

Malware that encrypts all the files on the device so that they cannot be opened unless paying a certain fine within a short period of time

Crypto-malware

Malware that encrypts all the files on the device so that they cannot be opened.

zero day attacks

New attacks using vulnerabilities that haven't yet been identified (and fixed)

RF emanation

The NSA's TEMPEST security standards are used to combat which risk?

VLAN hopping

The act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.

amplification

The goal of this aspect of a DoS attack is to make the attacked system process each request for as long as possible.

video surveillance

The use of video cameras to monitor activities of individuals, such as employees or individuals in public locations, for work-related or crime-prevention purposes.

netstat

Which Windows utility displays open ports on a host?

Cisco Dynamic ARP Inspection (DAI)

Which of the following is a tool to prevent ARP cache poisoning?

POP3

Which of the following protocols are notorious for cleartext passwords?

Telnet

Which of the following protocols are notorious for cleartext passwords?

bastion host

a machine that is fully exposed to the Internet. It sits outside any firewalls, or in a DMZ that is configured to provide no filtering of Internet traffic.

demilitarized zone (DMZ)

a separate network located outside the organization's internal information system that permits controlled access from the internet

Spoofing

a technique intruders use to make their network or internet transmission appear legitimate to a victim computer or network

network hardening

applying security hardware, software, and processes to your network to prevent bad things from happening.

Denial of Service (DoS)

attack floods a network or server with service requests to prevent legitimate users' access to the system

malformed packets

inject unwanted information into packets in an attempt to break another system

Tamper Detection

modern server or computer chassis will log the time and date when it senses it's structure opening without approval.

switch port protection

network hardening technique used to detect/block spoofed or malicious packet's being sent out to the network from unauthorized identities

Spyware

software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.

malware

software that is intended to damage or disable computers and computer systems.

vulnerability

potential weakness in the infrastructure of a network

Rootkit

program that hides in a computer and allows someone from a remote location to take full control of the computer

macro

programming within an application that enables you to control aspects of the application.


Related study sets

Chapter 2 Quiz - Electrophysiology

View Set

Raines Semester 2 Exam Quotations (please correct if my answers are wrong)

View Set

Medical Terminology - Module 11: Cardiovascular System

View Set

Chapter 16: Introduction to IP Multicasting

View Set

PA Pediatric EOR, Pediatrics all q

View Set

MKT 300 Ch 15-17 MindTap Practices

View Set

A History of the Atom: Theories and Models

View Set