01 - Flash Cards
Tunneling
- Encapsulation of protocol-deliverable message within a second protocol.
Transmission Control Protocol/Internet Protocol
- Communication protocols used to interconnect network devices on the internet. They can also be used for intranet or extranet.
IPSec
- Is is a secure network protocol suite that authenticates and encrypts the packets of data sent over an internet.
Kerberos
- It is a computer network authentication protocol developed by MIT that offers sign on solution for users and provides protection for logon credentials.
SSH
- Secure Shell is an end to end encryption technique that can be used to encrypt plaintext utilities as well as to serve as protocol encryption and VPN.
Signal Protocol
- Protocol that provides end to end encryption for voice and text messages.
Secure Remote Procedure Call
- An authentication service meant to prevent unauthorized code use on remote services.
Secure Socket Layer
- It is a cryptographic protocol designed to provide communications security over a computer network – between a web server and a web browser.
Transport Layer Security
- It is a cryptographic protocol designed to provide communications security over a computer network – between a web server and a web browser.
- It is similar to SSL but uses stronger authentication and encryption.
List Authentication Protocols
- Challenge Handshake Authentication Protocol
- Password Authentication Protocol
- Extensible Authentication Protocol
Voice Over Internet Protocol
- It is a transmission of voice and multimedia content over Internet Protocol (IP) networks.
Voice Communication Threats
- Caller ID falsification, DoS attacks, man in the middle attacks…
Social Engineering
- In the context of cybersecurity it is the use of deception to manipulate individuals into revealing confidential or personal information that may be used for fraudulent purposes.
Multimedia Collaboration
- Use of multimedia communication options to improve distance collaboration– for example a group of people working on a project remotely.
Remote Meeting Technology
- Umbrella term used for any type of technology that allows for interaction among remote parties.
Instant Messaging
- It is a technology that allows exchange of near real-time messages through a stand-alone application or embedded software.
Email Security Goals
- Provide for nonrepudiation
- Restrict access to message
- Maintain integrity of a message
- Verify source of a message
- Classify sensitive content
Email Security Solutions
- Secure Multipurpose Internet Mail Extensions
- MIME Object Security Purposes
- Privacy Enhanced Mail
- DomainKeys Identified Mail
- Pretty Good Privacy
- Sender Policy Framework
Remote Access and Telecommuting Techniques
- Service Specific
- Remote Control
- Screen Scraper
- Remote Node Operation
Issues to Consider When Planning Remote Access Security
- Remote Connectivity Technology
- Transmission Protection
- Authentication Protection
Dial-Up Protocols
- Point to Point Protocol
- Serial Line Internet Protocol
RADIUS
- Remote Authentication Dial-In User Service is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate users and authorize their access to the requested system or service.
Virtual Private Network
- It is a technology that creates a safe and encrypted connection over a less secure network, such as the internet.
Common VPN Protocols
- Point to Point Tunneling Protocol
- IP Security Protocol
- ? Authentication Header
- ? Encapsulating Security Payload Protocol
Virtual LAN
- Virtual LAN (Local Area Network) is a logical subnetwork that can group together a collection of devices from different physical LANs.
Virtualization
- Technology used to hose one or more operating systems within a memory of a single host computer.
Virtual Software
- Virtual Application
- Virtual Desktop
Virtual Application
- It is a technology where the application is separated from its underlying operating system and is streamed to an isolated environment on a target device, but is executed on the server.
Virtual Desktop
- Virtual desktops is an operating system that is a accessible through client software installed directly on an endpoint, which presents the desktop to the user and allows them to interact with it using a keyboard, mouse.
Virtual Networking
- It is a technology that enables data communication between two or more virtual machines (VM) in a virtualized computing environment.
Network Address Translation
- It is a process where a network device assigns a public address to a computer or group of computers inside a private network.
Static NAT
- Specific internal clients IP address is assigned a permanent mapping to a specific external public IP address.
Dynamic NAT
- It is a technique in which multiple public Internet Protocol (IP) addresses are mapped and used with an internal or private IP address.
Automatic Private IP Addressing
- Assignment of an IP address to a system in the event of Dynamic Host Configuration Protocol failure.
- APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client when a DHCP server is either permanently or temporarily unavailable.
Switching Technologies
- Circuit Switching
- Packet Switching
Circuit Switching
- Concept in telecommunications that refers to a communication system that involves circuit establishment, data transfer, and circuit disconnect to be fully functional.
Packet Switching
- Concept in telecommunications that refers to data transmission in which a message is broken into a number of parts which are sent independently, over whatever route is optimum for each packet, and reassembled at the destination.
Virtual Circuits
- It is a concept that refers to transporting data over a packet switched computer network so that it appears as there is a dedicated physical layer link between the source and destination end systems.
WAN Technologies
- Wide Area Network Technologies are used to connect distant networks, nodes, and individual devices together.
Integrated Services Digital Networks
- Integrated Services Digital Network (ISDN) is a set of communication standards for digital telephone connection and the transmission of voice and data over a digital line.
Basic Rate Interface
- Telecommunications interface used on an Integrated Services Digital Network (ISDN) that offers customers connection with two B channel and one D channel.
- B channel is used for data transmission while D channel is used for call establishment and management.
Primary Rate Interface
- It is a telecommunications interface standard used on an Integrated Services Digital Network (ISDN) for carrying voice and data transmissions between the network and a user.
WAN Connection Technologies
- X.25 WAN
- Frame Relay
- ATM
- SMDS
X.25 WAN Connection
- It is a standard set protocols used for packet-switched communications over a wide area network-a WAN.
- It uses permanent virtual circuits to establish point to point connection between two systems or networks.
Frame Relay Connection
- It is a data link layer, digital packet switching network protocol technology designed to connect Local Area Networks (LANs) and transfer data across Wide Area Networks (WANs).
ATM
- Asynchronous transmission mode is a cell switching WAN communication technology by fragmenting communication into 53-byte cells..
SMDS
- Switched Multimegabit Data Service is a connectionless packet switching technology. Used to connect multiple LANs.
Synchronous Digital Hierarchy and Synchronous Optical Network
- Fiber optic high speed networking standards.
Specialized Protocols
- Synchronous Data Link Control
- High Level Data Link control
Dial-Up Encapsulation Protocols
- Point to Point Protocol us an encapsulation protocol designed to support transmission of IP traffic over dial up point to point protocols.
Transparency
- Feature of a service or security control that ensures it is unseen by users.
Transmission Integrity Verification
- Done by using a checksum called a hash total.
Hash Total
- Hash total is a function that represents numerical sum of one or more fields in the file, including data not normally used in calculations.
Transmission Logging
- It is a form of communications focused auditing.
Security Boundary
- Division between one secured area and another or a division between secured and unsecured area.
Denial of Service
- It is an attack where the attackers attempt to prevent legitimate users from accessing the service.
Distributed Denial of Service
- It is an attack that occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers.
Eavesdropping Attack
- Attack where someone tries to steal information that computers, smartphones, or other devices transmit over a network.
Replay Attacks
- Network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed.
Modification Attacks
- In this type of attack, captured packets are altered and then played against a system.
Hyperlink Spoofing
- Falsifying information, including falsifying relationship between a URL and its trusted, original destination.
Phreaker
- Attack meant to breaks into the telephone network illegally to make free long-distance phone calls or to tap phone lines.
Fax Security
- Fax security is improved by using encryption and training users to counter social engineering. The goal is to prevent interception.