01- Intro to Ethical Hacking Flashcards
Active Directory
Windows based central domain controller that grants access to authorized users, storing credentials in a centralized database.
Workgroup
Contrary to Active Directory, workgroup user maintain security principals on their own systems.
LDAP
standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network, Lightweight Directory Access Protocol
SIDs
Security Identifiers: Unique ID numbers that identify security principle objects
Attack
occurs when a system is compromised based on a vulnerability by an unknown exploit
Availability
authorized personnel accessing the data at appointed times. Involves a comprehensive planning of hardware, software, facility, people, and connectivity.
Black hat
malicious hackers that try to hack systems with malicious intent
CIA Triad
a model promoted to define and practice policies related to information security; uses confidentiality, integrity, and availability
Confidentiality
keeping access to the information only to the intended audience; does two things: ensures that the right people get the intended information and prevents sensitive information from reaching the wrong people
Defense
In-depth the use of layered security mechanisms; the layers could be data, applications, host levels, Internet networks, perimeter levels, physical securities, etc.
Ethical Hacking
testing the resources for a good cause and for the betterment of technology; another term for “penetration testing.”
Exploit
written to take advantage of a vulnerability
External Testing
focused on the server’s infrastructure and underlying software pertaining to the target
Gray hat
hackers that can aid companies in informing them about any vulnerabilities they have found, but are not hired by the companies to perform such tests
Hacking
the skill of exploring various security breaches and posting unwanted content on websites, stealing data, etc.; concentrates on exploits and vulnerabilities