Security Flashcards
What are two ways people can gain unauthorized access to something?
Dumpster diving / Shoulder surfing for passwords.
What is a method used to prevent infiltration?
A man trap, where two doors and authentication is used to capture and deny people who don’t belong in the building.
What is DoS
Overwhelm servers, deny access
Three examples of hardware authentication
Smartcard readers, RSA token (keyfob with code), Badges.
What is the principal of least privilege?
Assigning the bare minimum permissions a person needs to do their job in the name of security.
What is a security policy?
Permissions an admin can set to ensure security. Things such as password max ages, desktop backgrounds, scripts to run at startup are included.
What is PII
Personally Identifiable information - Info that can lead back to a specific individual
What is PHI
Protected health information - Including medical diagnoses and healthcare received by any institution.
When it comes to compliance policies, what is PCI?
Payment card industry. Practices all people who handle transfers, accept money or deal with credit card funds must follow.
What is Open Source?
Open source allows modification and redistribution of code
What are three traits of a Virus
Replicates and Activates
Only replicates to other drives, not across networks
Requires human interaction to spread
What are two traits of a worm
Propagates across a network
Doesn’t hitchhike on programs like a virus
What are three traits of a Trojan horse
Pretends to be something it’s not
Does not replicate
Activates upon execution
What is a Rootkit
Something that hides in low level OS functions such as firmware. These can hold elevated privileges…
What is a Zero Day exploit
A vulnerability previously unknown to the devs
What is session hijacking?
Sniffing packets to steal authentication data, and then inserting yourself into the session while pretending to be the original recipient.
What is a dictionary attack
Using known words or passwords from breaches to attempt to log in to an account
What is a rainbow table attack
Attempting to crack the hashes of databases using a rainbow table
What are three symptoms of malware on your system
High frequency crashes and slows even with your apps closed
High usage in task manager
Being redirected in your browser
What is a polymorph virus
A virus that changes its signature to hide against anti virus malware
What are four steps to take when you have an infected machine
Quarantine the machine
Boot to safe mode or a bootable AV media
If you didn’t solve the virus, restore
Remediate (Fix what it broke)
What is the purpose of a firewall
To hide IPs, ports and analyze packets coming into the network.
What is stateful packet inspection?
Where a firewall individually inspects every packet entering the network for sus activity.
What does port forwarding do?
Directs any data that comes in on a specific port to a specific PC on the network
What is port triggering
Opening a specified incoming port when you send data on a specific outgoing port.
Ex: Sending out data on 1333 opens port 3389.
What is a DMZ
Being outside of the firewall and vulnerable to any incoming connections.
What is an IDS
Intrusion detection system sits within the network and notifies administrators of any activity. It acts as a second firewall of sorts. Inspects packets.
What is an IPS
A system that sits directly in the flow of traffic. It can prevent active attacks against your network that a firewall may have missed but if the IPS goes down so does your network. It also adds considerable overhead to your network.
What is UTM
(UTM) refers to when multiple security features or services are combined into a single device within your network.
What is IPsec
Ip Security is used to provide encryption between servers and clients. Can be used in VPNs.
What is Secure Sockets Layer and Transport Layer Security.
Encryption methods that provide encryption to web browsers when connecting to servers.
