Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CIT292 Ch 8 and 9
CIT292 Network Security chapter 8 and 9 terms
| Question | Answer |
|---|---|
| Default account | An account installed by default on a device or within an operating system with a default set of user credentials that are usually insecure |
| Privilege escalation | The act of exploiting a bug or design flaw in a software or firmware application ot gain access to resources that normally would have been protected from an application or user. |
| Backdoors | Used in computer programs to bypass normal authentication and other security mechanisms in place |
| Crosstalk | When signal transmitted on one copper wire creates an undesired effect on another wire; the signal “bleeds” over, so to speak. |
| Data Emanation | Electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversation or to steal data. |
| Vampire tape | Device used to add computers to a 10BASE5 network. It pierces the copper conductor of a coax cable and can also be used for malicious purposes. |
| Wiretapping | tapping into a network cable in an attempt to eavesdrop on a conversation or steal data. |
| Chromatic dispersion | Refraction of light as in a rainbow. If light is refracted in such a manner on fiber optic cables, the signal cannot be read by the receiver. |
| Electromagnetic interference EMI | A disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation. |
| Radio frequency interference | Interference that can come from AM/FM transmissions and cell towers. |
| TEMPEST | Refers to investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization. |
| Faraday cage | Enclosure formed by conducting material or by a mesh of such material; it blocks out external static electricity fields and can stop emanations from cell phones and other devices with the cage from leaking out. |
| Butt set | A device that looks similar to a phone but has alligator clips that can connect to the various terminals used by phone equipment, enabling a person to listen in to a conversation. |
| service set identifier SSID | The name of a wireless access point or network to which network clients will connect; it is broadcast through the air. |
| Wired equivalent Privacy WEP | A deprecated wireless network security standard, less secure that WPA. |
| Wi-Fi Protected Access WPA | a security protocol created by the Wi-Fi Alliance to secure wireless computer networks, more secure that WEP. |
| Advanced encryption Standard AES | Encryption standard used with WPA and WPA2. The successor to DES/3DES and is another symmetric key encryption standard composed of three different block ciphers: AES-128, AES-192, and AES-256 |
| Temporal Key Integrity Protocol TKIP | An algorithm used to secure wireless computer networks; meant as a replacement for WEP. |
| MAC Filtering | Method used to filter out which computer can access the wireless network; the WAP does this by consulting a list of MAC addresses that have been previously entered. |
| AP isolation | Each client connected to the AP will not be able to communicate with each other, but they can each still access the Internet. |
| Wardriving | The act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna, often a particularly strong antenna. |
| IV attack | Type of related-key attack, which is when an attacker observes the operation of a cipher using several different keys, find relationship between them and decipher the data. |
| Bluejacking | the sending of unsolicited messages to Bluetooth enabled devices such as mobile phones and PDAs |
| Bluesnarfing | The unauthorized access of information from a wireless device through a Bluetooth connection. |
| Identification | When a person is in state of being identified. Can also be described as something that identifies a person such as an ID card. |
| Authentication | When person’s identity is confirmed. Authentication is the verification of a person’s identity. |
| Authorization | When user is granted access to specific resources when authentication is complete. |
| Identity proofing | Initial validation of an identity. |
| Security tokens | Physical devices given to authorized users to help with authentication. These devices might be attached to a keychain or are part of a card system. |
| Multifactor authentication | When two or more types of authentication are used when dealing with user access control. |
| Biometrics | Science of recongnizing humans based on one or more physical characteristics |
| 802.1X | Authentication Technology used to connect devices to a LAN or WLAN. Example of Port-based NAC |
| Mantrap | an area between two doorways, meant to hold people until they are identified and authenticated. |
| Extensible Authentication Protocol EAP | Not a authentication mechanism in itself but instead defines message formats. 802.1X would be the authentication mechanism and defines how EAP is encapsulated within messages. |
| Single sign-on SSO | When a user can log in once but gain access to multiple systems without being asked to log in again. |
| False positive | When a system authenticates a user who should not be allowed access to the system. For example, when a IDS/IPS blocks legitimate traffic from passing on to the network. |
| False negative | When a system denies a user who actually should be allowed access to the system. For example, when a IDS/IPS fails to block an attack, thinking it is legitimate traffic. |
| False rejection | When a biometric system fails to recognize an authorized person and doesn’t allow that person access. |
| Lightweight directory access protocol LDAP | Application layer protocol used for accessing and modifying directory services data. |
| Kerberos | Authentication protocol that enables computers to prove their identity to each other in a secure manner. |
| Mutual authentication | When two computers, for example a client and a server, both verify each other’s identity. |
| Tickets | Part of the authentication process used by Kerberos. |
| Challenge-Handshake Authentication Protocol (CHAP) | An authentication scheme used by the Point-to-Point Protocol (PPP) that is the standard for dial-up connections. |
| Remote Access Service (RAS) | a networking service that allows incoming connections form remote dial-in clients. It is also used with VPNs. |
| Virtual Private network VPN | A connection between tow or more computers or devices that are not on the same private network. |
| Point-to-Point Tunneling Protocol (PPTP) | A tunneling protocol used to support VPNs. Generally includes security mechanisms, and no additional software or protocols need to be loaded. A VPN device or server must have inbound port 1723 open to enable PPTP connections. |
| Layer 2 Tunneling Protocol (L2TP) | A tunneling protocol used to connect virtual private networks. It does not include confidentiality or encryption on its own. It uses port 1701 and can be more secure than PPTP if used in conjunction with IPsec. |
| VPN concentrator | A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN. |
| Remote Authentication Dial-In User Service (RADIUS) | Used to provide centralized administration of dial-up, VPN, and wireless authentication. |
| Terminal Access Controller Access-Control System (TACACS) | a remote authentication protocol similar to RADIUS used more often in UNIX networks. |
Created by:
Leisac
Popular Computers sets