Network Security Flashcards

1
Q

What is the CIA triad?

A

Confidentiality - only those who are supposed to access the data can access it.

Integrity - the data there is only changed when it’s supposed to be

Availability - the data is there when it is needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is authentication?

A

You are who you say you are.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is authorization?

A

You are where you’re supposed to be.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is accounting?

A

Professionals sometimes call this logging. This means that everything you do is properly noted, and any changes to data can be tied to a user account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a network security key?

A

The network security key is your network’s equivalent to a shut and locked door, with the password acting as a key for entry. If you don’t protect your wireless network with a strong password, someone can get into the devices on your network (access files on your computer) or use your Internet connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is WEP?

A

WEP (Wired Equivalent Privacy) is an older protection method that was designed to provide a similar level of protection to wireless network traffic as is provided in a wired network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is WPA?

A

WPA (Wi Fi Protected Access) is a newer protection method than WEP and provides a higher level of encryption and authentication (a shared greeting procedure used to verify identity)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is WPA2?

A

WPA2 is the latest version of WI-FI Protected Access and is standard on most network devices today. WPA2 can use two different forms of encryption: AES (Advanced Encryption Standard) or TKIP (Temporal Key Integrity Protocol). AES offers the stronger encryption of the two.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is non-repudiation?

A

the ability to ensure that someone cannot deny or contest that thing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a computer virus?

A

A computer virus is a software program downloaded to your network then executing without your knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Blended Threats

A

A combination of several different approaches using a variety of malware elements generating multiple forms of viruses, worms and Trojan horses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Botnet

A

A group of computers pirated by a hacker. The pirated computers are referred to as zombies. Zombies can then be combined and used to saturate a network causing a Denial of Service attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Computer worm

A

Malware that copies itself from one computer to another, without human interaction. Worms replicate themselves quickly and have been known to send copies of itself to people in your address book.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Malicious spyware

A

Records keystrokes and periodically sends the recorded information back to the originating cyber criminal using the internet and making the information available for further exploitation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Malware

A

Malware is short for ‘malicious software.’ Always hostile, intrusive, and annoying. Takes various forms such as a virus, worm, and a Trojan horse to name a few.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Phishing

A

Fraudulent attempts to obtain private information. Phishing scams attempt to lure you into divulging personal information to a false representative of a trusted financial institution or agency.

17
Q

Rogue Security Software

A

A pop-up message alerting you that a virus has been detected on your network recommending a program be downloaded to remove the virus. This rogue security software is designed to entice you into clicking and downloading malicious software.

18
Q

Rootkit

A

A collection of tools that are used to obtain administrator-level access to a computer or a network of computers. Typically installed on your computer by a cyber criminal exploiting a vulnerability in your network security scheme.

19
Q

Trojan Horse

A

Users infect their computers with a Trojan horse by downloading an application they believe to be legitimate but in fact contains malware. If released in your system the malware may do such things as record your passwords or hijack your webcam.

20
Q

Active threat

A

one that actively seeks to damage or destroy your information.

21
Q

Passive threats

A

monitoring

22
Q

Data modification

A

something about your information is altered

23
Q

DOS

A

Denial of Service, floods the door and causes the site to crash

24
Q

Masquerade

A

the attacker pretends to be a valid user in order to access the system

25
Q

Repudiation

A

the attacker denies any action taken against the network

26
Q

Replay

A

involves the capture of a network message and then using it later for other uses

27
Q

Sinffer attack

A

pokes around waiting for just the right data, then it attacks.

28
Q

Man in the middle

A

A man in the middle sets up shop between two communicators, eavesdropping on everything that is said

29
Q

Release of message content

A

This is like an old fashioned phone tap, where the attacker listens in on a conversation, e-mail message, or even a sensitive file, and saves that information.

30
Q

Traffic analysis

A

This is similar to sniffing and the man-in-the-middle. However, an attacker doesn’t need to know the detail of the transmission: if they listen long enough and observe patterns and length of messages, they can guess the type of communication taking place.