500 Flashcards

1
Q

Filters that try to eliminate unwanted - unsolicited email sent in bulk

A

spam filters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A form of phishing in which the message is made to look as if it came from someone you know and trust as opposed to an informal third party

A

spear phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An attempt by someone or something to masquerade as someone/something else

A

spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Software programs that work—often actively—on behalf of a third party

A

spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A replacement for FTP that allows secure copying of files from one host to another

A

SSH File Transfer Protocol (SFTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An access point’s broadcasting of the network name

A

SSID broadcast

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Derived from policies - a standard deals with specific issues or aspects of a business

A

standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Inspections that occur at all levels of the network and provide additional security using a state table that tracks every communication channel

A

stateful inspection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A virus that attempts to avoid detection by masking itself from applications

A

stealth virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The science of hiding information within other information - such as a picture

A

steganography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A method of encryption that encrypts streams of data rather than blocks

A

stream cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A database language that allows queries to be configured in real time and passed to database servers

A

Structured Query Language (SQL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Using subnet values to divide a network into smaller segments

A

subnetting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A method of encryption in which one letter or item is substituted for another

A

substitution cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An outline of those internal to the organization who have the ability to step into positions when they open

A

succession planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A network device that can replace a router or hub in a local network and get data from a source to a destination

A

switches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The keys used when the same key encrypts and decrypts data

A

symmetrical keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A snapshot of what exists

A

system image

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

An exercise that involves individuals sitting around a table with a facilitator discussing situations that could arise and how best to respond to them

A

tabletop exercise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Following someone through an entry point

A

tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Controls that rely on technology

A

technical controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A protocol that functions at the Application layer of the OSI model - providing terminal emulation capabilities

A

Telnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A wrapper that works with wireless encryption to strengthen WEP implementations

A

Temporal Key Integrity Protocol (TKIP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

An authentication system that allows credentials to be accepted from multiple methods - including Kerberos

A

Terminal Access Controller Access-Control System (TACACS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Any perceivable risk’s area of attack

A

threat vector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A database model that effectively isolates the end user from the database by introducing a middle server

A

three-tier model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A form of trust relationship often used between domains

A

transitive access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Trust gained because one party (A) trusts another party (B) - which then trusts another party ( C ) Since (B) trusts ( C ) then a relationship can exist where the first party (A) also may trust the third (c )

A

transitive trusts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

The protocol found at the Host-to-Host layer of the Department of Defense (DoD) model

A

Transmission Control Protocol (TCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A protocol whose purpose is to verify that secure communications between a server and a client remain secure

A

Transport Layer Security (TLS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

An encryption method that involves transposing or scrambling the letters in a certain manner

A

transposition cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

A symmetric block cipher algorithm used for encryption

A

Triple-DES (3DES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A UDP-based protocol similar to FTP that doesn’t provide the security or error-checking features of FTP

A

Trivial File Transfer Protocol (TFTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Any application that masquerades as one thing in order to get past scrutiny and then does something malicious

A

Trojan horse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Any operating system that meets the government’s requirement for security

A

trusted operating system (TOS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

A method of using encryption and storing the passwords on a chip

A

Trusted Platform Module (TPM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

The act of sending data across a public network by encapsulating it into other packets

A

tunneling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Using two access methods as a part of the authentication process

A

two-factor authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

A database model in which the client workstation or system runs an application that communicates with the database that is running on a different server

A

two-tier model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Virtualization method that is independent of the operating system and boots before the OS

A

Type I hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Virtualization method that is dependent on the operating system

A

Type II hypervisor

42
Q

Creating domains that are based on the misspelling of another

A

typo squatting

43
Q

A device that can provide short-term power - usually by using batteries

A

uninterruptible power supply (UPS)

44
Q

Registering domains that are similar to those for a known entity but based on a misspelling or typographical error

A

URL hijacking

45
Q

The protocol at the Host-to-Host layer of the TCP/IP Department of Defense (DoD)model - which corresponds to the Transport layer of the OSI model

A

User Datagram Protocol (UDP)

46
Q

Eavesdropping on CRT and LCD displays by detecting their electromagnetic emissions

A

Van Eck phreaking

47
Q

A multialphabet substitution cipher

A

Vigenère cipher

48
Q

A local area network (LAN) that allows users on different switch ports to participate in their own network - separate from but still connected to the other stations on the same or a connected switch

A

virtual local area network (VLAN)

49
Q

A system that uses the public Internet as a backbone for a private interconnection (network) between locations

A

virtual private network (VPN)

50
Q

Emulating one or more physical computers on the same host

A

virtualization

51
Q

A program intended to damage a computer system

A

virus

52
Q

Combining phishing with Voice over IP (VoIP)

A

vishing

53
Q

The amount of time that you have to collect certain data before a window of opportunity is gone

A

volatility

54
Q

Identifying specific vulnerabilities in your network

A

vulnerability scanning

55
Q

Markings left - often written in chalk - by those who discover a vulnerability that provides a way into the wireless network

A

war chalking

56
Q

Driving around with a laptop looking for open wireless access points with which to communicate

A

war driving

57
Q

A site that provides some capabilities in the event of a disaster

A

warm site

58
Q

Identifying a site that is visited by those that they are targeting -

A

watering hole attack

59
Q

A firewall that can look at every request between a web client and a web server and identify possible attacks

A

web application firewall (WAF)

60
Q

Another term for social engineering

A

wetware

61
Q

Phishing only large accounts

A

whaling

62
Q

A wireless network operating in the 2.4 GHz or 5 GHz range

A

Wi-Fi

63
Q

The second version of WPA

A

Wi-Fi Protected Access 2 (WPA2)

64
Q

An authentication process that requires the user to do something in order to complete the enrollment process

A

Wi-Fi Protected Setup (WPS)

65
Q

A Microsoft API used to interact with TCP/IP

A

Windows Sockets (Winsock) API

66
Q

A security protocol for 802.11b (wireless) networks that attempts to establish the same security for them as would be present in a wired network

A

Wired Equivalent Privacy (WEP)

67
Q

A connection device used for clients in a radio frequency (RF) network

A

wireless access point

68
Q

Technology designed for use with wireless devices

A

Wireless Application Protocol (WAP)

69
Q

Language used for Internet displays WAP-enabled devices can also respond to script

A

Wireless Markup Language (WML)

70
Q

The security layer of the Wireless Applications Protocol (WAP) WTLS provides authentication - encryption - and data integrity for wireless devices

A

Wireless Transport Layer Security (WTLS)

71
Q

The copy of the data currently in use on a network

A

working copy backup

72
Q

An association concerned with interoperability - growth - and standardization of the World Wide Web (WWW) This group is the primary sponsor of XM: and other web-enabled technologies

A

World Wide Web Consortium (W3C)

73
Q

The working group formed by the IETF to develop standards and models for the PKI environment

A

X.509

74
Q

An advanced attack that tries to get around detection and send a packet with every single option enabled

A

Xmas attack

75
Q

A specification designed to allow XMLbased programs access to PKI services

A

XML Key Management Specification (XKMS)

76
Q

An attack that begins the very day an exploit is discovered

A

zero-day exploit

77
Q

Any system taking directions from a master control computer

A

zombie

78
Q

Port 23

A

Telnet

79
Q

Port: 20 - 21

A

FTP – File Transport Protocol

80
Q

Port: 22

A

SSH – Secure Shell

81
Q

Port: 23

A

Telnet

82
Q

Port: 25

A

SMTP – Simple Mail Transport Protocol

83
Q

Port: 53

A

DNS – Domain Name System

84
Q

Port: 67 - 68

A

DHCP – Dynamic Host Configuration Protocol

85
Q

Port: 69

A

TFTP – Trivial File Transport Protocol

86
Q

Port: 80

A

HTTP – Hypertext Transfer Protocol

87
Q

Port: 443

A

HTTPS – Hypertext Transfer Protocol Secure

88
Q

Port: 443

A

SSL VPN – Secure Sockets Layer virtual private network

89
Q

Port: 110

A

POP3 – Post Office Protocol version 3

90
Q

Port: 123

A

NTP – Network Time Protocol

91
Q

Port: 143

A

IMAP4 – Internet message access protocol version 4

92
Q

Port: 161

A

SNMP – Simple Network Management Protocol

93
Q

Port: 500

A

IPsec – Internet Protocol security (through the use of ISAKMP – Internet Security Association and Key Management Protocol)

94
Q

Port: 3389

A

RDP – Remote Desktop Protocol

95
Q

Secure file transfers via SSL?

A

FTPS (via 990)

96
Q

Backdoor port

A

1337

97
Q

Port 88

A

kerberos

98
Q

Name 3 block cipher algorithms

A

3des - aes - blowfish

99
Q

Use low bandwidth connections to direct botnets to DDoS users

A

Smurf

100
Q

Uses the Diffie-Hellman algorithm as its required (and currently - its only defined) key-exchange method.

A

SSH-2