security learning Flashcards
What is a form of spam through IM, PM, DM.
Spimming
443-TCP
Hyper Text Transfer Protocol Secure, Transmit web page data to a client over an ssl tls encrypted connection.
Collision Resistance
Property of a hash function that is computationally infeasible to find two colliding inputs.
161-UDP
Simple Network Management Protocol, remotely monitor network devices.
119-TCP
Network News Transfer Protocol Transport articles
On path attack, Man in the middle
Intercepts data
PKI
Public Key Infastructure, Set of hardware, software, policies, processes, and procedures required to create, manage, distribute, use, store, revoke digital certs and keys.
VPC
Victual Private Cloud, Private cloud in a public cloud
143-TCP
IMAP, Internet Message Access Protocol, Receive email from mail server with more functions than pop3
Deguassing
Expose hard drive to magnetic field which wipes the drive
Purging
Removes data and it cannot be reconstructed
Clearing
removal of data with assurance that it cannot be reconstructed
69-UDP
Trivial FTP, Simplified version of ftp to put a file on a remote host or get a file from host.
Nessus
Vulnerability check
NDA
Non Disclosure Agreement, Ensure sensitive data will not be disclosed to 3rd parties.
ISA
Interconnection Security Agreement, Defines how to secure communication
MOU
memorandum of understanding, general terms of agreement
MOA
Memorandum of agreement, defines granual contract details
Qualitative risk assessment
Organizes risks by severity or threat rating which may differ from one organization to another
APT
Advanced persistent threat, undetected for a long time steals data
Bluejacking
Sending unsolicited content to someone over Bluetooth
Blue Snarfing
Access to device data vie bluetooth
Jump Box
System on a network used to access and manage devices in a separate security zone
SQL Injection
Code injection that might destroy database. Placement of malicious code in SQL statements.
SOAR
Security orchestration automation response, Class of security tools that facilitate incident response threat hunting, security, configuration by orchestrating automated runbooks and deliver data enrichment.
URL Phishing
Fake url similar to real thing used to trap people
445-TCP
SMB, Server message bank, provide shared access top files and other resources on net work
RFID
Radio frequency identification, Access badge tracking
ECB
Electronic Code Book, mode of operation with a black cipher that’s mostly used with symmetric key encryption.
Public Cloud
Open to use for public
IDS
Intrusion Detection system, can only alert and log suspicious activity.
IPS
Intrusion prevention system, can also stop malicious activity from being executed.
Split DNS
Implementation in which separate dns servers are provided for internal and external networks as security and privacy management.
22 TCP/UDP
SSH,SCP,SFTP, Secure shell used to remotely administer network devices and systems. SCP for secure copy. SFTP for Secure ftp.
389-TCP/UDP
LDAP, Lightweight directory access protocol. Maintain directories of users and other objects.
Rogue Access Point
Unauthorized access point, wireless evil twin malicious copy of AP.
110-TCP
POP3, Post office protocol v3. Used to receive email from mail server.
SDLC Waterfall model
Project planning, requirements, analysis, design,coding,testing,depolyment.
21 TCP
FTP, File transfer protocol, Used to transfer files from host to host.
Sandbox
Practice where you run code, observe, analyze, and code in a safe, isolate enviornment.
1433-TCP
MS-SAL-S, M<microsoft SQL server used to receive sql queries from clients.
Code injection
Exploit technique that runs malicious code with identification number of a legitimate process.
PFS
Perfect forward secrecy, encryption style known for producing temp private key exchanges between clients and servers.
Logic bomb
Piece of code intentionally inserted into the software system that will set off a malicious function when specified conditions are met.
Homomorphic encryption
encryption method that allows computations to be performed on encrypted data without first decrypting with a secret key.
static key
Intended for use for a long period of time and is typically intended for use in many instances of a cryptographic key establishment scheme.
Containerization
type of virtualization in which all the components of an application are bundled into a single container image and can be run in isolate user space on same OS.
Digital signature provides?
authentication, non-repudiation, integrity.
ICS/SCADA
ICS are command and control networks designed to support industrial processor. Scada, supervisory control and data acquisition.
SDLC Phases
Planning and analysis, software, system design, implementation, testing, integration, deployment, maintenance.
Trojans
Malicious software disguised as harmless software.
cryptography
Study and practice and solving codes in order to hide true meaning of info.
Jumpbox system
System used on a network to access and manages devices in a separate security zone. Controlled access between two security zones.
Asymmetric key
encryption that uses two separate yet mathematically related keys to encrypt and decryption.
Ephemeral key
short term key pair used with a public key algorithm that is generated when needed.
XML injection
attack technique used to manipulate or compromise the logic of an xml service or app.
Order of volatility
Sequence or order in which digital evidence is collected.
514-UDP
SYSLOG, Conduct computer message logging, especially for routers and firewalls logs.
NFC
Near Field Communication, payment methods nfc helps with Bluetooth
Pharming
Online scam where a websites traffic is manipulated and confidential info is stolen. traffic redirection, fraudulent website, credential harvesting.
Same Site Attribute
Helps mitigate cross site request forgery.
Proxy list
Includes ip address of computers hosting open proxy servers
UTM
Unified threat management, when ,multiple security features or services are combined into a single device within your network.
Two Fish
Symmetric key, size 128 bit, ecc, rsa,DH, asymmetric.
Clear
Logical technique to sanitize data in all user addressable storage locations for protection against simple non invasive data recovery techniques.
Steganography
Process of hiding one message inside another.
860-TCP
ISCSI, Linking data storage facilities over IP.
Dropper
Malware designed to install or run other types of malware embedded in payload on infected host.
137-139/TCP-UDP
NetBios, used to conduct name querying sending data, other functions over netbios connection.
MIME
Extension of SMTP
Session Hijacking
Taking over a web user session by surreptitiously obtaining the session id and masquerading as the authorized user.
NGFW
Next generation firewall, provides more than standard
War Driving
Attackers searching for wireless networks with vulnerabilities while moving around an area in a moving vehicle.
Trace route
Provides map of how data on the internet travels from source to destination
Buffer overflow
software coding error or vulnerability that can be exploited by hackers to gain unauthorized access to corporate systems.
VM Sprawl
A situation in which large number of deployed virtual bmachines lack proper admin controls.
Spyware
secret gathering of user data without consent
Transitive trust
occurs when X trusts Y, Y trusts Z so X trusts Z
88-TCP/UDP
Kerberos, used for network authentication using a system of tickets within a windows domain.
Virus
Malicious code that runs on a machine without user knowledge requires user action to spread.
Elicitation
casual conversation to obtain information without person feeling interrogated.
Hash
One way cryptographic function which take son input and produces a unique message digest.
135-TCP/UDP
RPC, remote procedure call is used to locate dcom port request a service from a program on another computer on a network.
On path attack
Attacker that sits in the middle between two stations and is able to intercept change information.
PGP
Pretty good privacy, encryption program that provides cryptographic privacy and authentication for data communication.
GLBA
Gramm-leach-bliley act,effects anything money related
Honey pot
network attached system set up as a decay to lure cyber attackers.
CASB
Cloud access security broker, on premises or cloud based software that sits between a cloud service consumer and provider
Ransomware
restrict access until paid
23-TCP/UDP
Telnet, should not be use anymore, unencrypted method to remotely administrator network devices.
Downloader
piece of code that connects to the internet to retrieve additional tools after initial infection by dropper
Smishing
sending text messages to victims pretending too be legit
Buffer overflow
occurs when amount of data in buffer exceeds storage capacity.
DNSSEC
strengthens authentication in dns using digital signatures based on public key cryptography.
