Securing Individual Systems Flashcards
What attack prevents others from accessing a system and comes from a single source?
Denial of Service
Denial of service can be broadly broken down into what three categories?
Volumetric, Protocol, Application
Which type of DoS saturates the bandwidth of the attacked site to prevent other users from being able to access it?
Volumetric
Which type of DoS attack is comprised of seemingly legitimate and innocent requests but ultimately crashes the server?
Application attack
Which type of DoS attack consumes the server resources?
Protocol attack
What attack prevents others from accessing a system and comes from multiple sources?
Distributed denial-of-service attack
Which attack leverages the functionality of open DNS resolver in order to overwhelm a target server or network with an amplified amount of traffic, rendering the server and its surrounding infrastructure inaccessible.
Amplification attack
unsolicited emails
Spam
fraudulent attempt to obtain sensitive information usually through emails
Phishing
phishing attempts directed at specific individuals or companies (email contains the individual’s name or the company’s name.
Spear Phishing
receive Spam via instant messaging
Spim
unsolicited use of voice trying to get information from you (phone calls)
Vishing
technique of tricking a user into clicking on something different from what the user perceives
Clickjacking
form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser
Typosquatting
the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar software systems.
Domain Hijacking
the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user
Privilege Escalation
Third party intercepting between a two-party conversation
Man-in-the-middle attack
when a hacker impersonates another device or user on a network in order to steal data, spread malware, or bypass access controls.
Spoofing
Attack in which a third-party intercepts between a two-party conversation
Man-in-the-middle attack
form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed
Replay attack
attack on a computer system or communications protocol that makes it abandon a high-quality mode of operation (e.g. an encrypted connection) in favor of an older, lower-quality mode of operation (e.g. cleartext) that is typically provided for backward compatibility with older systems
Downgrade attack
the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system
Session hijacking
a packet sniffer to intercept unencrypted session cookies from websites such as Facebook and Twitter. The plugin eavesdropped on Wi-Fi communications, listening for session cookies
Firesheep
ability of the system to withstand a major disruption within acceptable degradation parameters and to recover within an acceptable time
System Resiliency
capability of a system, network, or process to handle a growing amount of work, or its potential to be enlarged to accommodate that growth
Scalability
the ability to expand and contract your network system depending on demand
Elasticity
system design in which a component is duplicated so if it fails there will be a backup
Redundancy
scattering systems into different areas instead of one central location
Distrubutive Allocation
allows you to host one or more virtual systems, or virtual machines (VMs), on a single physical system
Virtualization
data that is collected but will not be saved on restart
Non-persistence
a copy of the live current environment
Snapshot
returning to a state of data before edits or changes were implemented; Windows restore points
Revert to a Known State
go back to a previous version; Drivers usually have this feature
Rollback
a data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for the purposes of data redundancy, performance improvement, or both
RAID (Redundant Array of Independent Disks)
a data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for the purposes of data redundancy, performance improvement, or both
RAID ( Redundant Array of Independent Disks)
Which RAID version provides fast input/output performance for reading and writing but no fault tolerance?
RAID-0
Which RAID provides fault tolerance and a slight increase in read performance, but no increase in write performance?
RAID-1
Which RAID provides fault tolerance and will continue to operate even if a single drive fails and also provides an increase in read performance, but no increase in write performance?
RAID-5
Which RAID requires a minimum of three disks?
RAID-5
Which RAID is an extension of RAID-5 that includes an additional parity block?
RAID-6
Which RAID provides fault tolerance and will continue to operate even if two drives fail and an increase in read performance?
RAID-6
Which RAID requires a minimum of four disks?
RAID-6
Which RAID provides fault tolerance and will continue to operate even if multiple drives fail and provides an increase in both read and write performance and is ideal for many database server applications?
RAID-10
Which RAID requires a minimum of four disks?
RAID-10
Which sharing protocol is file-based?
NAS (Network Attached Storage)
Which sharing protocol is block-level based?
SAN (Storage Area Network)
Which sharing protocol uses SAMBA?
NAS
Which sharing protocol can use either Fiber Channel or iSCSI?
SAN
high-speed typology that has been built specifically for SAN’s; built to connect servers directly to storage devices
Fiber Channel
connects a computer, which acts as the host system, to other network and storage devices
Host Bus Adapter (HBA)
makes remote drives on the storage area network look and feel as if they are local to your computer
iSCSI (Internet Small Computer Systems Interface)
What can be used on a windows machine to control how system hardware acts or reacts to an action?
Policies
Where do you go on a Windows machine to enable/disable DEP (Data Execution Prevention)?
System - Advanced - Performance Settings - Data Execution Prevention
Where do you go on a windows machine to disable ports?
BIOS settings
The interference caused by an electromagnetic disturbance affecting the performance of a device, transmission channel, or system
EMI (Electromagnetic Interference)
an EMI when the interference is in the radio frequency spectrum
RFI (Radio Frequency Interference)
a difference of potential between two items that causes static electricity
ESD (Electrostatic Discharge)
