SEC+ Flashcards
Learn for Sec +
802.1x
A port-based authentication protocol. Wireless can use 802.1x. For example, WPA2 Enterprise mode uses an 802.1x server (implemented as a RADIUS server). Enterprise mode requires an 802.1x server. PEAP and EAP-TTLS require a certificate on the 802.1x server. EAP-TLS also uses TLS, but it requires certificates on both the 802.1x server and each of the clients.
3DES
Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It is a block cypher that encrypts data in a 64-bit blocks. It was originally designed as a replacement for DES, and is still used in some applications, such as when hardware doesn’t support AES.
AAA
Authentication, Authorization, and Accounting. AAA protocols are used in remote access systems. For example, TACACS+ is an AAA protocol that uses multiple challenges and responses during a session. Authentication verifies a user’s identification. Authorization determines if a user should have access. Accounting tracks a user’s access with logs.
ACE
Access Control Entry. Identifies a user or group that is granted permission to a resource. AECs are contained within a DACL in NTFS.
ACK
Acknowledge. A packet in a TCP handshake. In a SYN flood attack, attackers send the SYN packet, but don’t complete the handshake after receiving the SUN/ACK packet.
ACL
Access Control List. Routers and packet-filtering firewalls perform basic filtering using an ACL to control traffic based on networks, subnets, IP addresses, ports, and some protocols. In NTFS, a list of ACEs makes up the ACL for a resource.
AES
Advanced Encryption Standards. A symmetric algorithm used to encrypt data and provide confidentiality. AES is a block cipher and it encrypts data in 128-bit blocks. It is quick, highly secure, and used in a wide assortment of cryptography schemes. It includes key sizes of 128 bits, 192 bits, or 256 bits.
AES-256
Advanced Encryption Standard 256 bit. AES sometimes includes the number of bits used in the encryption keys and AES-256 uses 256-bit encryption keys. Interestingly, Blowfish is quicker than AES-256.
AH
Authentication Header. IPsec includes both AH and ESP. AH provides authentication and integrity using HMAC. ESP provides confidentiality, integrity, and authentication using HMAC, and AES or 3DES. AH is identified with protocol ID number 51.
ALE
Annual (or annualized) Loss Expectancy. The ALE identifies the expected annual loss and is used to measure risk with ARO and SLE in a quantitative risk assessment. The calculation is SLE x ARO = ALE.
AP
Access Point, short for Wireless Access Point (WAP). APs provides access to a wired network to wireless clients. Many APs support Isolation mode to segment wireless users form other wireless users.
API
Application Programming Interface. A software module or component that identifies inputs and outputs for an application.
APT
Advanced Persistent Threat. A group that has both the capability and intent to launch sophisticated and targeted attacks.
ARO
Annual (or annualized) rate of occurrence. The ARO identifies how many times a loss is expected to occur in a year and it is used to measure risk with ALE and SLE in a quantitative risk assessment. The calculation is
SLE x ARO = ALE.
ARP
Address Resolution Protocol. Resolves IPv4 addresses to MAC addresses. ARP poisoning attacks can redirect traffic through an attacker’s system by sending false MAC address updates. NDP is used with IPv6 instead of ARP.
