Lesson 9: Basic Network Security Flashcards

1
Q

A standard used to secure wireless LANs that follow the various 802.11 standards.

A

802.11x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

A network security term that refers to the following:

  • Authentication, or any process by which an entity’s identity is verified
  • Authorization, or any process used to verify that an entity has permission to perform some activity or has access to some resource
  • Accounting, or the ability to track various events on a network
A

AAA (Authentication, Authorization, and Accounting)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

People (hackers) who threaten to get something from or do something to end users that the end users don’t want them to get or do.

A

Attackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

The ability to ensure that the data came from a valid source or from where it claims to have come from.

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

A group of computers which have been compromised by a single attacker or a group of attackers, giving them a certain level of control over those computers.

A

Botnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

The ability to verify that an entity has permission to perform some activity or has access to certain resources.

A

Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

The ability to track various events on a network.

A

Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A digital document that accompanies a public key to certify the origins of the public key and its validity.

A

Certificate/Digital Certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A trusted server that issues digital certificates to end users.

A

Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An authentication method used by Point-to-Point Protocol (PPP) to verify the identity of a client after a connection has been successfully established.

A

Challenge-Handshake Authentication Protocol (CHAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An attempt by hackers to make a target IP address unavailable to it’s intended users by launching continuous ping requests from numerous computers so frequently that the target computer’s network capacity is overloaded and brought down.

A

Denial of Service (DoS) attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A type of attack in which intruders search through trash looking for personal information that they can use to steal identities or gain access to protected computer systems.

A

Dumpster Diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An authentication protocol primarily used in wireless communications, although it can also be used with Point-to-Point Protocol (PPP) connections.

A

Extensible Authentication Protocol (EAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A protocol used to transfer files over the internet.

A

File Transfer Protocol (FTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A type of Denial of Service (DoS) attack which is similar to a Smurf Attack, except that it uses UDP echo replies instead of ICMP replies.

A

Fraggle Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The owner of a public key.

A

Holder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A protocol used to transfer web pages across a network, most commonly the Internet.

A

Hypertext Transfer Protocol (HTTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A technology which, combined with an SSL/TLS protocol, can secure a connection on the internet or some other unsecure network to ensure that the hyper-text data being transferred over that connection is also secured.

A

Hypertext Transfer Protocol Secure (HTTPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The act of presenting yourself as someone you are not in order to steal in one way or another from the person you are presenting yourself to be.

A

Identity Theft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A passive system that monitors network activity and notifies the network administrator so that he can take steps to stop any suspect activity found on the monitored network.

A

Intrusion Detection Software (IDS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An active system that monitors network activity and takes steps to stop any questionable activity without involving the network administrator.

A

Intrusion Prevention Software (IPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A protocol commonly used to authenticate clients over an unsecured network, most commonly LANs.

A

Kerberos

14
Q

Software programs or hardware devices that can be loaded onto a computer or plugged into a computer to record the keystrokes that are typed into the keyboard.

A

Key Logger

15
Q

The ability to gain entry to a computer via a LAN.

A

Local Access

17
Q

A type of scripted software subroutine that executes a predetermined series of actions on a selected document or part of a document.

A

Macro

18
Q

Specific to the particular application into which it was built, it is intended to automate tasks within that application.

A

Macro Language

19
Q

A type of virus which attaches itself to the documents produced by common software applications in the form of a macro created in the macro language of the affected application document.

A

Macro Virus

21
Q

A broad category of software programs that includes any application that an attacker can use against a company or an individual.

A

Malicious Software

23
Q

A type of cyberattack in which a person positions him or herself between 2 other people and eavesdrops digitally on them.

A

Man-In-The-Middle-Attack

25
Q

An authentication method similar to standard CHAP and designed to work closely with Microsoft operating systems, specifically the authentication protocols and capabilities built into various Windows operating systems.

A

Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP)

26
Q

An overall approach to computer security that limits what a host, client, or device can do on a proprietary network.

A

Network Access Control (NAC)

28
Q

An application designed to capture network packets and break them apart to analyze and interpret them.

A

Packet Sniffer/Packet Analyzer

30
Q

A type of cyberattck which uses various means to trick people into revealing passwords, account numbers, social security numbers, and various other sensitive pieces of information.

A

Phishing

31
Q

An essential practice to protect against unwarranted physical access to a computer or network.

A

Physical Security

32
Q

A software program designed to search a host or a network server for port addresses that are open but not being used.

A

Port Scanner

33
Q

A type of encryption where one must have the original encryption key to decrypt a cipher text.

A

Private Key Encryption

34
Q

A type of encryption where you start with a secret private key which is used to generate a public key which is used to encrypt the message. The public key is then sent to the destination computer either before or along with the message when it’s sent. The public key is then used to decrypt the cipher text.

A

Public Key Encryption

35
Q

A set of people, policies, software, and equipment needed to handle digital certificates for various applications.

A

Public Key Infrastructure (PKI)

37
Q

The ability to gain entry to a computer via a WAN connection.

A

Remote Access

38
Q

A service that provides a method of centralized AAA (authentication, authorization, accounting) between a computer and a managed network.

A

Remote Authentication Dial-In User Service (RADIUS)

39
Q

A small computer program used to issue line commands remotely across a network.

A

Remote Shell (RSH)

40
Q

An unauthorized wireless access point that an attacker has added to a network to facilitate illicit access.

A

Rouge Access Point

41
Q

An SSH extension which encrypts and transports data across network connections.

A

Secure Copy Protocol (SCP)

42
Q

A means of providing access, transfer, and management of files over secure network communication sessions. Sometimes called SSH File Transfer Protocol.

A

Secure File Transfer Protocol or SSH File Transfer Protocol (SFPT)

44
Q

A protocol which acts to authenticate the user attempting to gain access to a system via encrypted passwords.

A

Secure Shell (SSH)

45
Q

A set of protocols developed in the early 1980s and used to manage and monitor complex network systems.

A

Simple Network Management Protocol version 3 (SNMPv3)

46
Q

A type of Denial of Service (DoS) attack in which the target server or network is flooded with Internet Control Message Protocol (ICMP) replies.

A

Smurf Attack

47
Q

The manipulation of a person into revealing important information.

A

Social Engineering

49
Q

A type of malicious software which is secretly installed on a person’s computer to spy on a computer system’s user and obtain information that the user would not normally allow to be known without the user being aware that the information is being taken.

A

Spyware

50
Q

A terminal emulation program which provides bidirectional interactive command line access to either a remote or local host.

A

TELNET (TErminaLNETwork)

51
Q

A Cisco proprietary protocol used for routers, network access services, and similar devices.

A

Terminal Access Controller Access Control System Plus (TACACS+)

52
Q

A malicious program which actively masquerades as a legitimate program that belongs on your computer.

A

Trojan Horse

53
Q

A type of malicious software that modifies the code of existing programs in an attempt to cause harm, reproduce itself, and/or escape detection.

A

Virus

54
Q

A malicious program which is placed on a computer and then activated

A

Worm