Chapter 11 Flashcards
What is a traffic anomaly detector?
A special-purpose security device that is installed in the front of the main router.
What is a virus?
Malware designed to spread from host to host and has the ability to replicate itself. They cannot reproduce and spread without programming such as a file or document.
What is a worm?
A self-replicating computer program that penetrates an operating system with the intent of spreading malicious code.
What is a DoS?
A Denial of Service is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
What is a DDoS?
A Distributed Denial of Service is when multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.
What is firewall?
A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules
What is spoofing?
A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
What is sniffer?
Software or hardware that can intercept and log traffic passing over a digital network.
What is Trojan Horse?
Any malicious computer program which misleads users of its true intent.
What is spyware?
A type of malware that is installed on a computer without the knowledge of the owner in order to collect the owner’s private information.
What is PKI?
Public Key Infrastructure Supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party.
What is SSL?
Secure Sockets Layer is a protocol developed by Netscape for transmitting private documents via the Internet. Uses a cryptographic system that uses two keys to encrypt data − a public key known to everyone and a private or secret key known only to the recipient of the message.
What is PGP?
Pretty Good Privacy is a popular program used to encrypt and decrypt email over the Internet, as well as authenticate messages with digital signatures and encrypted stored files.
What is IPSec?
Internet Protocol Security is a framework of open standards for helping to ensure private, secure communications over Internet Protocol (IP) networks through the use of cryptographic security services.
What is phishing?
A term used to describe a malicious individual or group of individuals who scam users. They do so by sending e-mails or creating web pages that are designed to collect an individual’s online bank, credit card, or other login information.
What is Triple DES?
Triple Data Encryption Standard is a type of computerized cryptography where block cipher algorithms are applied three times to each data block.
What is digital signature?
A mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
What is certificate authority?
A trusted entity that issues electronic documents that verify a digital entity’s identity on the Internet.
How can unauthorized access be prevented?
Ensuring confidentiality and integrity. Intrusion is done by either external hackers or disgruntled employees. Intrusion can be minor where attacker only looks around or major where attacker may commit industrial espionage.
What is business continuity?
Ensuring availability and integrity. Disruptions are loss or reduction in network service. Viruses, hard disk crashes, and natural or human-made disasters can destroy data. Disruptions can be minor or major.
What is a SQL injection?
A program which does not affect user directly, but attacks website to gain unauthorized access to database allowing attacker to retrieve valuable information.
How is a risk assessment conducted?
Frameworks provide strategies for analyzing and prioritizing security risks to information systems and networks. Should be simple so both technical and nontechnical readers can understand it. After reading assessment anyone should know which components are at risk and which controls have been implemented.
What are the steps of a risk assessment.
Develop measurement criteria, inventory assets, identify threats, document controls, identify improvements.
what is anti-virus software?
Software used to prevent, detect and remove malware.
What is traffic filtering and limiting?
Verifies source address of incoming messages is valid. Limits the number of incoming packets that are allowed into the network.
