Straw Flashcards

Question

Tacas

Answer 1

Terminal access controller access control - Handles AAA

Answer 2

Access control list

Answer 3

Transmission control protocol

Answer 4

user datagram protocol - connectionless

Answer 5

Internet control message protocol - error - reporting protocol for router

Answer 6

prevent piggy backing and tailgating

Answer 7

public key infrastructure - control keys/certificate

Answer 8

Wifi Protected Access

Answer 9

full knowledge by target env

Answer 10

Layer 2 tunnelling protocol. UPN tech used to establish secure connection

Answer 11

network intrusion protection systems

Answer 12

network intrusion detection systems

Answer 13

propagates

Answer 14

File transfer protocol

Answer 15

no encryption

Answer 16

secure shell, protocol meant to be safer than FTP and telnet

Answer 17

domain name server

Answer 18

dynamic host configuration protocol- allows server to automatically assign IP address to computer

Answer 19

Adaptive security appliance

Answer 20

firewall, VPN concentrator, and intrusion prevention functionality into one software image

Answer 21

Demilitarized zone that allows both inside and outside users access to protected network resources

Answer 22

range from 0 (untrustworthy) to 100 (very trustworthy)

Answer 23

is typically used to translate private IP network addresses into public IP addresses.

Answer 24

Authentication, authorization, and accounting.Using AAA only, authenticated and authorized users can be permitted to connect through the ASA.

Answer 25

MPF) configuration defines a set of rules for applying firewall features, such as traffic inspection and QoS, to the traffic that traverses the ASA

Answer 26

Internet Control Message Protocol

Answer 27

Adaptive Security appliance

Answer 28

Internet Protocol security

Answer 29

Simple Mail transfer protocol

Answer 30

Cisco's Adaptive Security Device Manager

Answer 31

Host based IDS

Answer 32

Bob sends request to internet. ASA remembers it and inspects it and members its for Bob and dynamically lets it through

Answer 33

VPN tunnel and use SSL or IPSec

Answer 34

- Discovers computers and services on a computer network, thus creating a map of the network

Answer 35

SuperScan - Port scanning software designed to detect open TCP and UDP ports, determine what services are running on those ports, and to run queries, such as whois, ping, traceroute, and hostname lookups

Answer 36

Provides information about vulnerabilities and aids in penetration testing and IDS signature development

Answer 37

Access point

Answer 38

Web proxy testing tool. integrated platform for performing security testing of web applications. mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities

Answer 39

scan common security vulnerabilities

Answer 40

Detect the live host on the network (host discovery) open ports on the host (port discovery or enumeration)

Answer 41

open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers

Answer 42

SQL stands for Structured Query Language. SQL lets you access and manipulate databases

Answer 43

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.

Answer 44

s occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources in the system directly, for example database records or files. Example opening a persons file then changing number in browser