Supplemental Flashcards
when a client sends a request to a WAP, they are added to that devices ___
Associated List
the first step in giving 802.11 some security was ___, which uses the ___ encryption protocol
Wired Equivalency Privacy (WEP); RC4
WEP uses encryption keys ___, making it relatively easy to hack
that are generated by the WAP and shared
the current standard for wireless encryption is ___, also known as ___
802.11I, WPA2
802.11i/WPA2 uses ___ for authentication using a ___ server, and the ___ encryption protocol.
802.1x; RADIUS; AES
because much of the hardware couldn’t handle AES encryption when 802.11i was released, the ___ was developed and later named ___
Temporal Key Integrity Protocol (TKIP); Wireless Protected Access (WPA)
TKIP/WPA improved the ___ of key generation and WPA2 uses AES encryption via ___
initialization vector; CCMP
RADIUS solves the problem of ___, but not ___.
authentication; authorization
RADIUS servers refer to the internet gateway as the ___ and the user trying to authenticate as the ___
client; supplicant
RADIUS servers can use any of the following ports:
UDP 1812, 1813, 1645, 1646
Windows networks have two particular authentication protocols, one is ___ in which the client and server both send challenge messages, and the other is ___, in which the Domain Controller acts as a ___
NT LAN Manager; Kerberos; Key Distribution Center (KDC)
the TKIP increased the key initialization vector from ___ bits to ___
24; 48
UNIX systems use a ___ to protect their hashed password database
shadow password file
in ___ a physical chip installed on a device holds passwords, keys and digital signatures for authentication
Trusted Platform Module (TPM)
Bitlocker is an example of built in ___
Whole Disk Encryption
the ___ files on a computer cannot be encrypted, making ___ on startup critical
boot process; authentication
___ hashing is commonly used in digital signatures
Message Digest
a ___ attack takes advantage of occasional hashing collisions
birthday
___ hash algorithms were developed by the NSA and are used in PGP, TLS, SSL and IPsec because they are considered more secure than MD5
Secure Hash Algorithm (SHA)
unlike AES, DES or Blowfish, ___ is a streaming cipher
RC4
IPsec uses two modes, ___ and ___ mode
transport; tunnel
___ is a secure form of Telnet
Secure Shell (SSH)
HTTPS is secured with ___
either SSL or TLS
the easiest disaster recovery exercise is a ___
document review
in a ___ attack, a piece of software is modified to carry malware
refactoring
___ allows devices to communicate over very short ranges using a chip implanted in the device
Near Field Communications (NFC)
rejecting a user that is actually authorized is a Type __ error
1
the main users of an Interconnection Service Agreement (ISA) are ___
telecommunications companies
SCP and SFTP use ___ for encryption (and Port 22) while FTPS uses ___ for encryption
SSH, SSL/TLS
the Linux command ___ shows all files and directories, and if used with the switch ___, will show ownership permissions for files
ls; -a
the Linux command ___ shows all network connections, routing tables and protocol statistics. To find out if your machine is functioning as a server, use the switch ___ and look to see if any of the connections say ___
netstat; -a; “listening” in the right-hand column
The Linux command Netstat can be used to see who your machine is talking to by shutting down all browsers and using the switch ___
-n
the Linux command ___ shows all the hops made by a packet to reach its destination. If you can’t reach a website then use this to see if the failure is in the first few hops, meaning the failure is ___
tracert; in your network
the Linux command ___ will show all devices connected to your network and can be used to determine if a switch is being misused
arp
the AES encryption standard is also known as ___
Rijindael
the ___ encryption model uses Web of Trust and a public key
PGP
Risk Assessment looks at ___ and ___
Probability; Impact
when Diffie-Hellman uses an elliptical formula it is known as
ECDH
99.99% availability leaves ___ of down time per year
52 minutes
EAP-___ uses predetermined symmetric keys for authentication, EAP-___ is able to use TLS with both sides supplying a certificate and EAP-___uses TLS but only the server has a certificate
PSK; TLS; TTLS
the ___ authentication protocol is rarely used anymore because it passes the username and password as clear text
Password Authentication Protocol (PAP)
___ is the main Linux utility that is used to troubleshoot DNS issues
dig
___ encapsulates an EAP connection in an encrypted and authenticated tunnel
Protected EAP (PEAP)
Microsoft group policy complexity requirement means passwords contain characters from at least ___ different categories
3
___ is the usual method of valuing assets, which can be derived from the opinions of managers
asset classification
Containerization is virtualizing the ___
Operating System
the US Dept of Defense uses a Personal Identity Verification card called a ___
Common Access Control (CAC)
___ analysis looks at data, but does not identify trends or patterns
log
The ___ file on a local machine provides for fully qualified domain name (FQDN) resolution in the absence of DNS and can be used to redirect users to the wrong web site.
hosts
A ___ serves as a centralized authentication point for virtual private network connections.
VPN concentrator
A ___ attack is a type of ICMP attack where large amounts of ping packets are sent from a spoofed IP address on the network to the network broadcast address, causing many replies back to the victim and possibly bringing about a denial of service.
smurf
A ___ program opens a back door for the hacker to gain access to the system remotely at a later time
RAT
A ___ is a group of compromised systems that the hacker has control over and uses to attack a victim’s system.
botnet
___ is the best choice for preventing cross-site scripting (XSS) attacks on websites
input validation
A ___ device responds by not doing anything to cause harm when the failure occurs. A ___ device responds by making sure the device is using a secure state when a failure occurs.
fail-safe; fail-secure
___ uses Microsoft Point-to-Point Encryption (MPPE) protocol to encrypt all traffic from the client to the server.
Microsoft CHAP (MS-CHAP)
___ indicates how long an asset may be down or offline without seriously impacting the organization.
The maximum tolerable downtime (MTD)
A minimum password age requires that users must wait a certain amount of time before ___
they are allowed to change passwords.
___ involves an attacker attempting to take control of or use a Bluetooth-enabled cell phone to place calls.
Bluebugging
IPSec provides encryption services for ___ when used in a VPN implementation.
L2TP
A ___ is a unique number assigned to each individual user account on a Windows system
security identifier (SID)
disaster recovery steps include preparation, ___, ___, ___, ___, reporting
Reporting, Detection, analysis, containment, and eradication
