Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CIT292 Ch 6 and 7
CIT292 Network Security Chapters 6 and 7
| Question | Answer |
|---|---|
| MAC Flooding | Method used to filter used to filter out which computers can access the wireless network; the WAP does this by consulting a list of MAC addresses that have been previously entered. |
| Failopen mode | When switch broadcast data on all ports like hub |
| CAM table | Content Addressable Memory table also known as a MAC address table that a switch builds associating ports with MAC addresses |
| Network Address Translation | NAT, process of changing IP address while in transit across router, usually from a internal private address to a public address. |
| Static NAT | When single private IP address translates to single public IP address. Also known as one-to-one mapping. |
| Port Address Translation | PAT, like NAT, but translates both IP addresses and port numbers. |
| Demilitarized zone | Area of network that houses servers that host info accessed by clients or other networks on the Internet. Example: web server, mail server |
| 3-leg perimeter | type of DMZ where a firewall has three legs that connect to the LAN, Internet, and DMZ |
| Back-to-back perimeter | Type of DMZ where DMZ is located between the LAN and the Internet. |
| Network Access Control | NAC, Sets the rules by which connections to network are governed. |
| Cloud computing | Way of offering on-demand services that extend the capabilities of a computer or network |
| Software as a Service (SaaS) | cloud computing service where users access applications over the Internet that are provided by a third party |
| Infrastructure as a Service (IaaS) | Cloud computing service that offers computer networking, storage, load balancing, routing and VM hosting. |
| Platform as a Service (PaaS) | Cloud computing service that provides various software solutions to organizations especially the ability to develop applications without the cost or administration of a physical platform. |
| VLAN hopping | act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another. |
| Wardialing | act of searching for wireless networks by person in vehicle through the use of a device with a wireless antenna, often a particularly strong antenna. |
| TCP reset attack | Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately. |
| Implicit deny | Denies all traffic to a resource unless users generating traffic are specifically granted access to the resource. For example, when a device denies all traffic unless rule is created to open port associated with type of traffic desired to be left in. |
| TCP/IP hijacking | hacker takes over TCP/IP session between tow computers without the need of a cookie or any other type of host access. |
| Man-in-the-middle attack (MITM) | form of eavesdropping that intercepts all data between client and server , relaying that information back and forth. |
| Cross-script scripting | Type of vulnerability found in web applications used with session hijacking |
| Denial of Service (DoS) | Broad term given to many types of attacks that attempt to make computer resources unavailable. |
| Ping flood | Also known as ICMP flood attack, when attacker attempts to send many ICMP echo request packets (pings) to host in attempt to use up all available bandwidth. |
| Smurf attack | type of DoS that sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network. The header of the ICMP echo requests will have a spoofed IP address. That IP address is the target of the attack. Every computer tha |
| Fraggle | Type of DoS similar to Smurf attack, but traffic is UDP echo traffic as opposed to ICMP echo traffic |
| Permanent DoS attack | Consists of attacker exploiting security flows in routers and other networking hardware by flashing the firmware of the device and replacing it with a modified image. |
| Ping of Death | (POD) Type of DoS that sends an oversized and/or malformed packet to another computer. |
| Fork bomb | Attack that works by creating a large number of processes quickly to saturate the available processing space in the computer’s operating system. Type of wabbit. |
| SYN flood | type of DoS where an attacker sends a large amount of SYN request Packets to a server in an attempt to deny service. |
| Teardrop attack | type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine. |
| Distributed Denial of Service (DDoS) | Attack in which group of compromised systems attack single target, causing DoS to occur at host. Usually zombies that are part of botnet. |
| Spoofing | When attacker masquerades as another person by falsifying information |
| Phishing | Criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. |
| Replay attack | Attack in which valid data transmission is maliciously or fraudulently repeated or delayed. |
| Nonce | Random number generated by authentication protocol that can only be used once. |
| Null session | When used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$) |
| Domain name kiting | process of deleting domain name during 5 day grace period (AGP) and immediately reregistering for another 5 day period to keep domain name indefinitely and for free. |
| DNS poisoning | Modification of name resolution information that should be in DNS server’s cache. |
| Pharming | When attacker redirects one website’s traffic to another bogus and possibly malicious website by modifying a DNS server or hosts files. |
| ARP Poisoning | Attack that exploits Ethernet networks that may enable attacker to sniff frames of info, modify the info, or stop it from reaching destination device |
| UDP flood attack | Similar to Fraggle attack. Uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process. |
| Stateful packet inspection | Type of packet inspection that keeps track of network connections by examining the header in each packet, also known as SPI |
| Firewall | part of computer system or network designed to block unauthorized access while permitting authorized communications. Device configured to permit or deny applications, addresses, networks based on a set of rules. |
| Packet filtering | As applied to firewalls, inspects each packet passing through the firewall and accepts or rejects based on rules. Two types include stateless and stateful. |
| Application-level gateway | Applies security mechanisms to specific applications, such as FTP and/or BitTorrent. It support address and port translation and checks whether the type of application traffic is allowed. |
| Circuit-level gateway | Works at the session layer of OSI Model and applies security mechanisms when TCP or UDP connection is established; act as go between for Transport and Application layers in TCP/IP. |
| Application firewall | Firewall that can control the traffic associated with specific applications. Works up to the Application Layer of the OSI Model. |
| Implicit deny | denies all traffic to resource unless users generating traffic are specifically granted access to the resource. For example when device denies all traffic unless rule is made to open port associated with type of traffic desired to be let through. |
| Explicit allow | Administrator sets a rule that allows a specific type of traffic through a firewall, often with ACL |
| Explicit deny | Administrator sets a rules that denies specific type of traffic through a firewall, often with a ACL. |
| Proxy server | acts as intermediary for clients usually located on LAN and servers that they want to access that are usually located on the Internet. |
| IP Proxy | Secures network by keeping machines behind it anonymous; it does this through use of NAT. |
| HTTP proxy | Also known as web proxy, caches web pages from servers on the Internet for a set amount of time. |
| Internet content filter | usually applied as software at Application layer and can filter out various types of Internet activities such as websites accessed, email, instant messaging, and more. Used to disallow access to inappropriate web material. |
| Honeypot | Single computer but could also be file, group of files, area of unused IP address space used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network. |
| Honeynet | One or more computers, servers, or area of network, used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network. |
| Network intrusion detection system (NIDS) | Attempts to detect malicious traffic such as port scans and DoS attacks by constantly monitoring traffic. |
| Network intrusion prevention system (NIPS) | Designed to inspect traffic, and based on configuration or security policy, the system can remove, detain, or redirect malicious traffic |
| False positive | System authenticates user who should not be allowed access to system. For example when IDS/IPS blocks legitimate traffic on network. |
| False negative | System denies user who should be allowed access to the system. For example when IDS/IPS fails to block attack thinking it is legitimate traffic |
| Access control list | List of permissions attached to an object. Specifies what level of access a user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that apply to a list of network names, IP addresses, and port numbers. |
| Network perimeter | border of computer network, commonly secured by devices such as firewalls and NIDS/NIPS solutions |
| Promiscuous mode | In a NIC, this passes all traffic to the CPU, not just the frames addressed to it. |
Created by:
Leisac
Popular Computers sets