Lecture 2 Flashcards
Attacks & Monitoring
The goal of _____ is to prevent unauthorized access to objects
access control
Malicious users are called what?
Crackers (attackers)
True/Flase: A hacker is someone who is just a technology enthusiast, not intent on causing harm.
True
the process of identifying, understanding, and categorizing potential threats is what?
Threat modeling
A group of attackers that work together to go after targets (are can be government funded), regardless of ease of access, are called what?
Advanced persistent threats (APT)
The process of detecting unauthorized or abnormal activities is called what?
monitoring
This ensures that people are held accountable for their actions and can help reconstruct events for prosecution, and to create reports.
monitoring
Audit and logging tools help with _____.
monitoring
What are 5 common logs?
Security logs System logs application logs firewall logs change logs
An___________ is a tool that automates the inspection of audit logs and real-time system events. It provides accountability and enables timely and accurate responses to an intrustion.
Intrusion Detection System (IDS)
What are the 3 types of responses for an IDS?
Passive- records the intrusion and alerts
Active- affects/attempts to stop the intrusion. (limited capabilities)
Hybrid- records and affects/stops the intrusion
What are the 4 types of IDS?
Host-based
Network-based
Knowledge-based
Behavior-based
A ______ is a system placed on the network that is usually an easy target (not patched, vulnerable to attacks). It is designed to attract an intruder and keep them busy on the system.
Honepot
This is used to test a system for known security vulnerabilities and weaknesses.
Vulnerability scanner
An_____ seeks to actively block unauthorized connection attempts or illicit traffic patterns as they occur
Intrusion Prevention System (IPS)