comptia security Flashcards
EAP
extensible authentication protocol
802.1X
802.1X is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server
SRTP
secure real time transport protocol - to encrypt and provide authentication for RTP - real time transport protocol traffic - used for audio/video streaming
HIDS
host based intrusion detection system
sw installed on the system to detect attacks
HIPS - host based intrusion prevention system is an extension of a HIDS to detect and block attacks
HIPS
extension of HIDS // host based intrusion prevention system
mail gateway
- is placed between an email server and the internet and it can filter out spam (spam filter)
- typically includes DPL (data loss prevention) capabilities
- can inspect the contents of outgoing traffic looking for key words and block any traffic containing proprietary data
reverse proxy
protects an internal web server
media gateway
converts data from one format to another such as telephony traffic to IP-based traffic
web application firewall
protects a web server
SSID
service set identifier
A service set identifier (SSID) is a unique identifier assigned to a wireless network. It allows devices on the network to identify and connect to the correct network. Most SSIDs are case-sensitive and can be up to 32 characters long
WEP
wired equivalent privacy
WPA2
Wi-Fi protected access II
NAC
network access control - can inspect VPN clients for health status, e.g. having up to date OS and antivirus sw
after they connect to a network
PaaS
platform as a service - a cloud computing model that provides cloud customer with a preconfigured computing platform they can use as needed
- provides an easy to configure OS and on demand computing
–> IaaS and SaaS
PAP
password authentication protocol - an older one where pwds are sent across the network in cleartext –> CHAP, MS-CHAPv2
passive reconnaissance
a penetration testing method used to collect information, typically uses open-source intelligence –> active reconnaissance
pass the hash
pwd attack that captures and uses the pwd hash, attempts to log on as the user with the hash commonly associated with the Microsoft NTLM protocol
PBKDF2
pwd based key derivation function 2
- a key stretching technique that adds additional bits to a pwd as a salt
- it helps prevent brute force and rainbow table attacks
NTLM
new technology LAN manager
a suite of protocols that provide confidentiality, integrity and authentication within Windows Systems
versions: NTLM, NTLMv2, NTLM2 Session
nonce
a number used once
cryptography elements frequently use a nonce to add randomness
steganography
uses obfuscation to hide data within data
OCSP
online certificate status protocol
an alternative to using a CRL
allows to query a CA with the serial number of a certificate
CA answers with good, revoked, unknown
DLP
data loss prevention
can reduce the risk of emailing confidential info outside the organisation
Saas
sw as a service provides sw or applications such as webmail via the cloud