Security Threat Landscape Flashcards
A Virus requires _________ to spread
Human interaction
What is Data Exfiltration
When data leaves an organization without authorization
Spoofing is where an attacker _____ their identity
fakes
ARP spoofing is a well know _____ _____ _____ ______ attack
man in the middle
False positive vs False negative
False positive - there is NO attack but triggers an alert
False negative - there IS an attack but doesn’t trigger an alert
IPS uses ____ to inspect packets. While Firewalls uses ____ to block traffic
signatures, rules
Stateful Firewalls maintain a ______ ______ which tracks the two-way ‘state’ of traffic passing through the firewall
connection table
Packet Filters don’t _____ the state of two-way connections
track
For stateful firewalls, only ___ ___ is allowed back into the network
valid traffic (traffic already in the connection table)
What are 3 symmetric encryption algorithms
DES, 3DES, and AES
What are 2 Asymmetric Encryption algorithms?
RSA and ECDSA
Hash-Based Message Authentication Codes (HMAC) provide what and uses what kind of encryption?
data integrity, symmetric
What are 2 HMAC algorithms?
MD5, SHA
How does Public Certificate Authorities verify certificate request?
Out-of-band checks before issuing legitimate certificates
For IP sec, what is commonly used to protect against replay attackes
Encapsulating Security Payload (ESP)
Remote Access VPN, how does full tunneling differ from split tunneling for internet traffic?
Full tunneling required you to go through the full tunnel then go to the internet web server.
Split can “split off” the tunnel and go straight to the web server
