Lesson 7: Security Flashcards
Access Lists (ACLs)
A basic form of firewall protection
AES
Advanced Encryption Standard
AH
Authentication Header
Brute Force Attack
Attacker uses every possible combination of characters for the password
Buffer Overflow
Happens when a program tries to put more data into a buffer than it was configured to hold
netstat -a -b
(a) Command used to display the ports currently open on a Windows operating system and (b) used to display the executable involved in creating the connection or listening port
CCMP
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
CHAP
Challenge Handshake Authentication Protocol
Demilitarized Zones (DMZs)
Used to isolate the servers
Denial of Service (DoS)
A service is being denied to a computer, network, or server
DES, 3DES
Data Encryption Standard, Triple Data Encryption Standard
Dictionary Attack
Uses known passwords and many variations (upper and lowercase and combinations) to try to log in to your account
Diffie-Hellman
Key generation algorithm
Directed Broadcast
The broadcast is sent to a specific subnet
ESP
Encapsulating Security Protocol
Firewall
Used in computer networks for protecting the network
Fraggle
A DoS attack in which spoofed UDP packets are sent to a network’s broadcast address
GRE
Generic Routing Encapsulation
IKE
Internet Key Exchange
IP Tunnel
An IP packet encapsulated in another IP packet
IPsec
Used to encrypt data between various networking devices
ISAKMP
Internet Security Association and Key Management Protocol
Jamming
The wireless network is overwhelmed with wireless traffic, thereby jamming the network
L2F
Layer 2 Forwarding
L2TP
Layer 2 Tunneling Protocol
LEAP
A wireless security system used by Cisco
Malware
Malicious programs
MD5
Message Digest 5
NAQC
Network Access Quarantine Control
nmap
A Linux port scanner
Packet Filtering
A limit is placed on the information that can enter the network
Packet Sniffing
A technique in which the contents of data packets are watched
PAP
Password Authentication Protocol
Password Cracking
The attacker tries to guess the user’s password
Penetration Testing
A way to evaluate the security of the user’s network
permit ip any any
The instruction added to the last line of an access list to allow all other data packets to enter and exit the router
Ping of Death
A DoS attack that uses oversized ICMP datagram to crash IP devices
PPTP
Point-to-Point Tunneling Protocol
Proxy Server
Clients go through a proxy to communicate with secure systems
SHA
The secure hash algorithm
SHA-1
Secure Hash Algorithm
Shared key Authentication
Both the client and the access point share a key called a pre-shared key (PSK)
Social Engineering
A way for an intruder to obtain enough information from people to gain access to the network
Spoof
Inserting a different IP address in place of an IP packet’s source address to make it appear that the packet came from another network
Stateful Firewall
Keeps track of the data packet flow
TKIP
Temporal Key Integrity Protocol
Virus
A piece of malicious computer code that, when opened, can damage your hardware, software, or other files
WEP
Wired equivalent privacy
Worm
A type of virus that attacks computers, typically proliferates by itself, and can deny service to networks
