Lesson 9: Basic Network Security Flashcards
A standard used to secure wireless LANs that follow the various 802.11 standards.
802.11x
A network security term that refers to the following:
- Authentication, or any process by which an entity’s identity is verified
- Authorization, or any process used to verify that an entity has permission to perform some activity or has access to some resource
- Accounting, or the ability to track various events on a network
AAA (Authentication, Authorization, and Accounting)
People (hackers) who threaten to get something from or do something to end users that the end users don’t want them to get or do.
Attackers
The ability to ensure that the data came from a valid source or from where it claims to have come from.
Authentication
A group of computers which have been compromised by a single attacker or a group of attackers, giving them a certain level of control over those computers.
Botnet
The ability to verify that an entity has permission to perform some activity or has access to certain resources.
Authorization
The ability to track various events on a network.
Accounting
A digital document that accompanies a public key to certify the origins of the public key and its validity.
Certificate/Digital Certificate
A trusted server that issues digital certificates to end users.
Certificate Authority
An authentication method used by Point-to-Point Protocol (PPP) to verify the identity of a client after a connection has been successfully established.
Challenge-Handshake Authentication Protocol (CHAP)
An attempt by hackers to make a target IP address unavailable to it’s intended users by launching continuous ping requests from numerous computers so frequently that the target computer’s network capacity is overloaded and brought down.
Denial of Service (DoS) attack
A type of attack in which intruders search through trash looking for personal information that they can use to steal identities or gain access to protected computer systems.
Dumpster Diving
An authentication protocol primarily used in wireless communications, although it can also be used with Point-to-Point Protocol (PPP) connections.
Extensible Authentication Protocol (EAP)
A protocol used to transfer files over the internet.
File Transfer Protocol (FTP)
A type of Denial of Service (DoS) attack which is similar to a Smurf Attack, except that it uses UDP echo replies instead of ICMP replies.
Fraggle Attack
The owner of a public key.
Holder
A protocol used to transfer web pages across a network, most commonly the Internet.
Hypertext Transfer Protocol (HTTP)
A technology which, combined with an SSL/TLS protocol, can secure a connection on the internet or some other unsecure network to ensure that the hyper-text data being transferred over that connection is also secured.
Hypertext Transfer Protocol Secure (HTTPS)
The act of presenting yourself as someone you are not in order to steal in one way or another from the person you are presenting yourself to be.
Identity Theft
A passive system that monitors network activity and notifies the network administrator so that he can take steps to stop any suspect activity found on the monitored network.
Intrusion Detection Software (IDS)
An active system that monitors network activity and takes steps to stop any questionable activity without involving the network administrator.
Intrusion Prevention Software (IPS)