CompTIA Flash Cards
What is WAP?
Wireless Application Protocol (WAP) is a security protocol for mobile devices (such as cell phones and PDAs) that employs Wireless Transport Layer Security (WTLS).
What is discretionary access control (DAC)?
DAC is based on user identity. Users granted access through access control lists (ACLs) on objects at the discretion of the object’s owner or creator.
What is WEP?
Wired Equivalent Privacy (WEP) was designed to provide security and encryption on wireless networks. WEP is a security protocol for 802.11b (wireless) networks that attempts to establish the same security for them as would be present in a wired network.
What is network hardening?
Network hardening takes the concept of operating system hardening and applies it to the network.
What is operating system hardening?
Operating system hardening is the process of reducing vulnerabilities, managing risk, and improving the security provided by or for an operating system.
What is a multifactor authentication?
Multifactor authentication is the requirement that a user must provide two or more authentication factors in order to prove their identity.
What is mutual authentication?
Mutual authentication is two-way authentication. The subject (user) authenticates to the object (server), and the object (server) authenticates back to the subject (user).
What are certificates used for?
Certificates serve a single purpose: proving the identity of a user or the source of an object.
What is a certificate?
A certificate is an electronic means of proving subject and object identity. Certificates are issued by certificate authorities (CAs).
What is a digital signature?
A digital signature is an electronic mechanism to prove that a message was sent from a specific user (nonrepudiation) and that the message wasn’t changed while in transit (integrity).
What is mandatory access control (MAC)?
MAC is based on hierarchical classification rules. Objects are assigned sensitivity labels, and subjects are assigned clearance labels.
What is role-based access control (RBAC)?
Role-based access control (RBAC) is based on job description. Users are granted access based on their assigned work tasks. RBAC is most suitable in environments with a high rate of employee turnover.
What is auditing?
Auditing is the process of recording information about various events between subjects and objects to check compliance with security policy and to discover security violations or system errors.
What are tokens?
A token is a device that generates one-time-use passwords or that computes the response to an authentication server-issued challenge. Tokens are a “something you have” type of authentication.
What are the common media/mandatory access control (MAC) hierarchies?
The government or military media/mandatory access control (MAC) hierarchy is unclassified, sensitive but unclassified, confidential, secret, and top secret.
The private sector MAC hierarchy is public, sensitive, private, and confidential.
What is Kerberos?
Kerberos is a trusted third-party authentication protocol. It uses encryption keys as tickets with time stamps to prove identity and grant access to resources.
What are the basic types of firewalls?
The three basic types of firewalls are packet filtering, circuit-level gateway, and application-level gateway. A fourth type combines features from these three and is called a stateful-inspection firewall.
What is CHAP?
Challenge Handshake Authentication Protocol (CHAP) is an authentication protocol that uses a one-way hash to protect passwords and periodically reauthenticates clients.
What are passwords?
A password is a string of characters that a user must memorize. Passwords are the most common form of authentication, but they’re also the weakest.
What is biometrics?
Biometrics is the collection of physical attributes of the human body that can be used as authentication factors (“something you are”).
What are the security risks of non-essential software?
Non-essential software increases the attack surface if your systems. Removing every element of software that isn’t required will improve the security of a system.
What is a denial-of-service attack?
Denial-of-service (DoS) is a form of attack that has the primary goal of preventing the victimized system from performing legitimate activity or responding to legitimate traffic.
What are some examples of DoS attacks?
Examples of denial-of-service (DoS) include Smurf, fraggle, SYN flood, teardrop, land, ping flood, ping of death, bonk, and boink.
What is a backdoor?
The term “backdoor” can refer to a developer-installed access method that bypasses all security restrictions or a hacker-installed remote access client.
What is a spoofing attack?
Spoofing is the act of falsifying data. Usually the falsification changes the source address of network packets.
What is a man-in-the-middle attack?
A man-in-the-middle attack is a form of communications eavesdropping attack. Attackers position themselves in the communication stream between a client and a server.
What is a replay attack?
In a replay attack, an attacker captures network traffic and then replays the captured traffic in an attempt to gain unauthorized access to a system.
What is a TCP/IP hijacking attack?
Transmission Control Protocol/Internet Protocol (TCP/IP) hijacking is a form of attack in which the attacker takes over an existing communication session.
What is the issue of weak keys?
Weak keys imply that the cryptographic key selected to encrypt a file or a communication session is either too short or too easily guessed. Weak keys are generally anything less than 64 bits in length.
What is a mathematical attack?
A mathematical attack is directed against an algorithm in an attempt to exploit the arithmetic employed by it.
What is a birthday attack?
A birthday attack exploits a property that says that if the same function is performed on two values and the results is the same for each, then the original values are the same.
What is password guessing?
Password guessing is an attack aimed at discovering the passwords employed by user accounts. Password guessing is often called password cracking.
What is software exploitation?
Software exploitation attacks are directed toward known flaws, bugs, errors, oversights, or normal functions of the operating system, protocols, services, or installed applications.
What are viruses?
Viruses are programs that are designed to spread from one system to another through self-replication and to perform any of a wide range of malicious activities.
What is a Trojan horse?
A Trojan horse is a form of malicious software that is disguised as something useful or legitimate.
What is a logic bomb?
A logic bomb is a form of malicious code that remains dormant until a triggering event occurs.
What is a worm?
A worm is a type of program that is designed to exploit a single flaw or hole in a system (operating system, protocol, service, or application) and then use that flaw or hole to replicate itself to other systems with the same flaw.
What are countermeasures to malicious code?
The best countermeasure to viruses is an antivirus scanner that is updated regularly and that monitors all local activities. Whitelisting is another option where all executions are blocked except for those on a preapproved whitelist.
What is a social-engineering attack?
Social engineering is a unique type of attack that attempts to take advantage of human behavior. Social-engineering attacks can take many forms, from skillfully worded websites to over-the-phone or face-to-face acting.
What is system scanning?
System scanning evaluates the configuration of a system or network to determine if all known security weaknesses have been patched or addressed correctly.
What is a VPN?
A virtual private network (VPN) is a communication tunnel between two entities across an intermediary network.
What are some virtual private network (VPN) protocols?
Point-to-Point Tunneling Protocol (PPP), Layer 2 Tunneling Protocol (L2TP), and Internet Protocol Security (IPSec) are VPN protocols.
What is RADIUS?
Remote Authentication Dial-In User Service (RADIUS) is a centralized authentication system. It’s often deployed to provide an additional layer of security for a network.
What is TACACS?
Terminal Access Controller Access Control System (TACACS) is a centralized remote access authentication solution similar to RADIUS. TACACS uses ports TCP 49 and UDP 49.