Intro to IS Flashcards
Kismeth
Network detector that is wireless (intrusion Detection System)
Wire Shark
A sniffer that intercepts Traffic Wireless / Wired
Fuzzer
Bombards application with data and inputs from a wide variety of sources to make it fail or behave unexpectedly
Block Cypher
Cipher that takes a predetermined number of bits in the plaintext message and encrypts that block
Secure Sockets Layer Protocol (SSL)
Uses the RSA algorithm, an asymmetric algorithm, to secure web and email traffic
Heuristics
Process of Anomaly detection used by anti-malware tools to detect malware without signatures
Nessus
Tool is a well known-vulnerability assessment tool that also includes a port scanner
Attack Surface
Total areas the operating system might be attacked
Network Intrusion Detection system
System that monitors the network which it is connected for unauthorized activity
Packet Sniffer
Known network or protocol analyzer, intecepts traffic on a network
NMAP
Tool used to port scan a host on a network and identify the operating systems those hosts are running
Buffer Overflows
Vulnerability is stopped by proper bounds checking / not properly account the amount of data input into the application
Hping3
Tool used to test the security of firewalls
Proxy Server
Specialized type of firewall that can serve as a coke point, log traffic for later inspection
Deep Packet
Firewall technology that analyzes the actual content of the traffic that is flowing through
Static
Analyzes the location the content is coming from
Packet Filtering
Firewall technology that inspects the contents of each packet in the network traffic individually based on desination IP address
Scanner
Detects various security flaws when examining hosts
Nikto/Wikto
Web server analysis tool that performs checks for many common server sides vulnerabilities
Intrusion Prevention Systems
Refuse traffic from the source of the attack
Intrusion Detection Systems
Monitor and alert that notifies you when an attack or other undesirable activity takes place
Scoping phase
occurs when a team comes to an agreement on what will be tested during the pen testing process.
