TERM Flashcards
FRR
false rejection rate, good user that is rejected by biometric system
FAR
false acceptance rate, wrong user that is accepted by biometric system
CER
crossover error rate: the less, the more for a biometric system
HYDRA
cracking tools (dictionnary attack)
Horsepill
linux kernel rootkit inside initrd
Grayfish
windows rootkit inject code in the boot record
<= 7 car. for LM password, what is the end ?
AAD3B435B51404EE
Azazel
rootkit
Avatar
rootkit
Necurs
rootkit
ZeroAccess
rootkit
Pharming
use dns poisoning / host conf to redirect victim to attacker phishing site
spear phishing
a targeted phishing
watering hole attack
hack a website that victim corporate used to connect into in order to do phishing
whaling
phishing against CEO or person of interest
VANET
Vehicle Ad Hoc Network, communication vechicle-to-vehicle (V2V)
Mirai
IoT malware, botnet and DDos attack
foren6
tools for sniffing IoT device
SuperOneClick
tools to root android devices
ALE = ____ * ____
ARO * SLE
THOR
full APT scanner
Diffie Hellman group:
- group 1: 768bit
- group 2: 1024bit
- group 5: 1536bit
- group 14: 2048bit
key escrow
enable a third party to access sensitive data if the needed arrive
RUDY
keeping sessions as long as possible
LAND attack
DoS attack that use a malformed packet
teardrop
DoS attack that use several large overlapping IP Fragment
smurf attack
spoof victim and got back multiple ICMP reply, DoS
ping of death
ICMP too big, so after frag, the system crash
blackboard
recognize spam with AI
cavity virus
use the unused part of a file
sparse virus
launch on trigger (like day, number of use, etc)
dhcp starvation
full of ip leases, so the dhcp can’t be working
BIA
Business Impact Analysis ⇒ identify business system and process, that are critical for a company to continue to operate
MTD
Maximum Tolerable Downtime
Common Criteria, what is “ST” ?
Security Target : is the DOCUMENTATION for a system or product that is to be tested
Common Criteria, what is “ToE” ?
Target of Evaluation ==> the system to test
Hyena tools
used to enumeration system (like netbios)
utmp file ?
currently logs user
btmp file ?
failed login attempt
wtmp file ?
login/logout activity
cache poisoning
DNS poisoning
risk equation = ________
vulnerability (likelihood of appearing) * threat (frequency) * cost
dimitry
opensource network scanning utility
p0f
passive os fingerprint - Passive Os Fingerprint = p0f
wich fw does operate at layer 5 ?
circuit-level gateway firewall
program slicing ?
deobfuscation method
nemesys
command line tools that generate arp, ethernet, tcp and udp packet