Chapter 10 Security Flashcards
What are two types of Security Threats?
10.0.1.1
Internal threats - Users and employees who have access to data, equipment, and the network
External threats - Users outside of an organization who do not have authorized access to the network or resources
What are two types of attacks?
10.0.1.1
Physical - Events or attacks that steal, damage, or destroy equipment, such as servers, switches, and wiring
Data - Events or attacks that remove, corrupt, deny access to authorized users, allow access to unauthorized users, or steal information
What are four types of security threats that infect your computer?
10.1.1.1
Adware
Spyware
Grayware
Phishing
What is Adware?
10.1.1.1
Adware is a software program that displays advertising on your computer. Adware is usually distributed with downloaded software.
What is Spyware?
10.1.1.1
Spyware is installed and running, it monitors activity on the computer. The spyware then sends this information to the individual or organization responsible for launching the spyware.
What is Grayware?
10.1.1.1
Grayware may be malicious and is sometimes installed with the user’s consent. For example, a free software program may require the installation of a toolbar that displays advertising or tracks a user’s website history.
What is Phishing?
10.1.1.1
Phishing is where the attacker pretends to represent a legitimate outside organization, such as a bank. A potential victim is contacted via email, telephone, or text message.
What is Denial of Service (DoS)?
10.1.1.6
DoS works by sending so many requests for a system resource that the requested service is overloaded and ceases to operate
What is Distributed DoS (DDoS)?
10.1.1.6
A DDoS attack uses many infected computers, called zombies or botnets, to launch an attack. The intent is to obstruct or overwhelm access to the targeted server
What is a SYN Flood?
10.1.1.6
A SYN request is the initial communication sent to establish a TCP connection. A SYN flood attack randomly opens TCP ports at the source of the attack and ties up the network equipment or computer.
What is Spoofing?
10.1.1.6
In a spoofing attack, a computer pretends to be a trusted computer to gain access to resources. The computer uses a forged IP or MAC address
What is Man-in-the-Middle?
10.1.1.6
An attacker performs a Man-in-the-middle attack by intercepting communications between computers to steal information transiting through the network. A Man-in-the-middle attack could also be used to manipulate messages and relay false information between hosts
What is Replay?
10.1.1.6
To perform a replay attack, data transmissions are intercepted and recorded by an attacker. These transmissions are then replayed to the destination computer. The destination computer handles these replayed transmissions as authentic and sent by the original source.
What is DNS Poisoning?
10.1.1.6
DNS records on a system are changed to point to imposter servers. The user attempts to access a legitimate site, but traffic is diverted to an imposter site. The imposter site is used to capture confidential information
What is Social Engineering?
10.1.2.1
Social engineering occurs when an attacker tries to gain access to equipment or a network by tricking people into providing the necessary access information
What is Data wiping?
10.1.2.2
Data wiping, also known as secure erase, is a procedure performed to permanently delete data from a hard drive.
What is Degaussing?
10.1.2.2.
Degaussing disrupts or eliminates the magnetic field on a hard drive that allow for the storage of data. An electromagnet is a magnet, that when a current is applied, its magnetic.
What is a security Policy?
10.2.1.1
A security policy is a collection of rules, guidelines, and checklists. Network technicians and managers of an organization work together to develop the rules and guidelines for the security needs of computer equipment.
What is Principle of Least Privilege?
10.2.1.6
Users should be limited to only the resources they need in a computer system or on a network.
What is EFS?
10.2.2.4
Encrypting File System
What is Hash Encoding?
10.2.4.1
Hash encoding, or hashing, ensures that messages are not corrupted or tampered with during transmission. Hashing uses a mathematical function to create a numeric value that is unique to the data.
What are Three Types of Hashing?
10.2.4.1
Secure Hash Algorithm (SHA)
Message Digest 5 (MD5)
Data Encryption Standard (DES)
What is Symmetric Encryption?
10.2.4.1
Symmetric Encryption requires both sides of an encrypted conversation to use an encryption key to encode and decode the data. The sender and receiver must use identical keys.
What is Asymmetric Encryption?
10.2.4.1
Asymmetric encryption requires two keys, a private key and a public key. The public key can be widely distributed, including emailing in cleartext or posting on the web.
What is SSID stand for?
10.2.4.2
Service Set Identifier (SSID)
What is Service Set Identifier (SSID)?
Service Set Identifier (SSID) is the name of the wireless network. A wireless router or access point broadcasts the SSID by default so that wireless devices can detect the wireless network.
What does WEP stand for?
10.2.4.4
Wired Equivalent Privacy (WEP)
What is Wired Equivalent Privacy (WEP)
10.2.4.4.
The first generation security standard for wireless. Attackers quickly discovered that WEP encryption was easy to break.
What does (WPA) stand for? 10.2.4.4
Wi-Fi Protected Access (WPA)
What is Wi-Fi Protected Access (WPA)
An improved version of WEP, WPA covers the entire 802.11i standard (a security layer for wireless systems). WPA uses much stronger encryption than WEP encryption.
What does WPA2 stand for?
10.2.4.4
Wi-Fi Protected Access 2 (WPA2)
What is Wi-Fi Protected Access 2 (WPA2)
10.2.4.4
An improved version of WPA. This protocol introduces higher levels of security than WPA. WPA2 supports robust encryption, providing government-grade security. WPA2 has two versions: Personal (password authentication) and Enterprise (server authentication).
What is Temporal Key Integrity Protocol (TKIP)
10.2.4.4
This technology changes the encryption key on a per packet basis and provides a method to check the integrity of messages.
What is Extensible Authentication Protocol (EAP)
10.2.4.4
Uses a centralized authentication server to increase security.
What is Protected Extensible Authentication Protocol (PEAP)
10.2.4.4
A protocol that does not use a certificate server.
Advanced Encryption Standard (AES)
10.2.4.4
A symmetric key encryption method added to WPA2 only.
What is a Hardware firewall?
10.2.4.7
Hardware firewall is a physical filtering component that inspects data packets from the network before they reach computers and other devices on a network. A hardware firewall is a freestanding unit that does not use the resources of the computers it is protecting
