Glossary Flashcards

1
Q

Kismet/ Netstumbler

A

Detects wireless access points and analyzes network traffic. Useful for surveying a network to understand its wireless security footprint.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

INMAP

A

Scans networks to identify active hosts and open ports. Employed for initial network reconnaissance and security auditing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

WireShark

A

A packet sniffer and protocol analyzer for realtime network monitoring. Ideal for diagnosing network issues or analyzing security incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TCPDump

A

A Unix/Linux command-line packet capture tool. Helpful for real-time network troubleshooting and capturing packets for later analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Honeypots

A

Decoy systems to lure attackers away from legitimate targets. Useful for studying attacker behaviors and tactics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Hping3

A

Crafts custom ICMP, UP, and TCP packets to test firewalls. Employed to identify vulnerabilities or misconfigurations in firewall rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Intel Executable Disable (XD)

A

Provides hardware-level buffer overflow protection in Intel chipsets. Useful for preventing malicious code execution at the system level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AMD Enhanced Virus Protection

A

Offers chipset-level buffer overflow protection for AMD processors. Acts as a hardware-level security feature against certain types of attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Address Space Layout Randomization (ASLR)

A

Randomizes memory locations for process execution, offering buffer overflow protection. Effective against exploits aiming to predict memory addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Nessus

A

A Tenable product for vulnerability assessment. it scans networks to identify security risks. Ideal for regular security audits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Metasoloit

A

A penetration testing framework that includes tools and exploits for securitv assessments. Can be used to simulate cyber-attacks to test network resilience.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

CANVAS

A

Vulnerability assessment tool by Immunity, designed for identifying network and system weaknesses. Useful for enterprise security audits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Nikto and Wikto

analize what?

A

Analyzes web servers and identifies security issues like outdated software and misconfigurations. Effective for hardening web servers before deployment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Burp Suite

A

A web security testing platform for web application vulnerabilities. Ideal for security assessments of web-based applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Fuzzers (MiniFuzz, Binscope, Regex Fuzzer)

A

Automated tools for identifying vulnerabilities by inputting unexpected data. Helpful for discovering unknown issues like crashes or security flaws in software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

OpenVAS

A

Open-source vulnerability scanning and management software. Useful for detecting vulnerabilities in your network before they can be exploited.

17
Q

Snort

A

Intrusion Detection Svstem (IDS) that monitors network traffic in real-time for malicious activities. Employed for real-time threat detection and prevention.

18
Q

Hashcat

A

Advanced password recovery and cracking tool. Useful for assessing the strength of passwords by attempting to crack hashed password files.

19
Q

John the Ripper

A

Password cracking software designed to identify weak passwords by using various attack methods. Effective for security audits to improve password policies.

20
Q

Cuckoo Sandbox

A

Malware analysis tool that isolates suspicious files in a secure environment. Useful for understanding the behavior of unknown or potentially harmful files.

21
Q

FISMA

A

Federal Information Security Management Act:
Mandates a comprehensive framework to protect government information, operations, and assets.

22
Q

HIPAA

A

Health Insurance Portability and Accountability
Act: Regulates the use and disclosure of sensitive patient health information.

23
Q

FERPA

A

Family Educational Rights and Privacy Act:
Governs the protection of student education records and grants specific rights to students.

24
Q

SOX

A

The Sarbanes-Oxley Act: Imposes regulations on financial reporting to improve the accuracy and integrity of corporate disclosures.

25
Q

GLBA

A

The Gramm-Leach-Bliley Act: Requires financial institutions to explain their data-sharing practices and safeguard sensitive data.