Security Flashcards
A script that runs automatically when a user logs in, often used to map network drives, set environment variables, or launch apps.
Login Script
A central collection of users, computers, and resources managed under a single set of rules and policies in Active Directory.
Domain
A centralized way to control settings for users and computers in an AD environment, including enforcing updates, passwords, desktop restrictions, and more.
Group Policy / Updates
A personal network folder assigned to a user for storing files; typically mapped to a specific drive letter at login.
Home Folder
AD objects used to assign permissions to resources or delegate rights to multiple users simultaneously.
Security Groups
A policy that redirects user data folders (like Documents or Desktop) to a network location for easier backup and roaming profiles.
Folder Redirection
A wireless security protocol that uses AES encryption and was the industry standard for many years; more secure than WEP or WPA.
Wi-Fi Protected Access 2 (WPA2)
The latest wireless security protocol offering stronger encryption, individualized encryption per device, and protection against brute-force attacks.
WPA3
An older encryption protocol used with WPA; less secure than AES and gradually being phased out due to known vulnerabilities.
Temporal Key Integrity Protocol (TKIP)
A symmetric encryption algorithm used by WPA2 and WPA3; offers strong security and is widely used across various technologies, not just Wi-Fi.
Advanced Encryption Standard (AES)
A secure, password-based authentication method used in WPA3 that replaces the less secure PSK method from WPA2; protects against offline dictionary attacks and provides forward secrecy.
Simultaneous Authentication of Equals (SAE)
A centralized authentication protocol used for remote access and network services; uses UDP, combines authentication and authorization, and encrypts only the password.
Remote Authentication Dial-In User Service (RADIUS)
A Cisco-developed protocol for centralized authentication; uses TCP, separates authentication, authorization, and accounting, and encrypts the entire payload.
Terminal Access Controller Access-Control System Plus (TACACS+)
A secure network authentication protocol that uses tickets and a trusted third party to verify users and services. Common in Active Directory environments.
Kerberos
An authentication approach that requires two or more verification methods from different categories: something you know (password), something you have (token), or something you are (biometric).
Multifactor Authentication (MFA)
A broad term for any malicious software designed to harm, exploit, or compromise data, devices, or networks. Includes viruses, trojans, spyware, ransomware, and more.
Malware
A type of malware disguised as a legitimate program but contains malicious code that runs once the program is executed.
Trojan
A stealthy form of malware that gives attackers privileged access to a system while hiding its presence from standard detection tools.
Rootkit
A type of malicious software that attaches itself to a file or program and spreads to other files or systems when executed.
Virus
Software that secretly gathers user information, such as browsing habits or personal data, often without consent.
Spyware
Malware that locks or encrypts user data and demands payment (a ransom) to restore access.
Ransomware
Records every keystroke typed by a user to steal sensitive data like passwords, PINs, or credit card numbers.
Keylogger
A type of virus that infects the master boot record (MBR) of a storage device, loading before the operating system starts.
Boot Sector Virus
Malware that hijacks system resources to secretly mine cryptocurrency, often degrading system performance.
Cryptominers