TERM Flashcards

1
Q

FRR

A

false rejection rate, good user that is rejected by biometric system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

FAR

A

false acceptance rate, wrong user that is accepted by biometric system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CER

A

crossover error rate: the less, the more for a biometric system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

HYDRA

A

cracking tools (dictionnary attack)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Horsepill

A

linux kernel rootkit inside initrd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Grayfish

A

windows rootkit inject code in the boot record

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

<= 7 car. for LM password, what is the end ?

A

AAD3B435B51404EE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Azazel

A

rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Avatar

A

rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Necurs

A

rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

ZeroAccess

A

rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Pharming

A

use dns poisoning / host conf to redirect victim to attacker phishing site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

spear phishing

A

a targeted phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

watering hole attack

A

hack a website that victim corporate used to connect into in order to do phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

whaling

A

phishing against CEO or person of interest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

VANET

A

Vehicle Ad Hoc Network, communication vechicle-to-vehicle (V2V)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Mirai

A

IoT malware, botnet and DDos attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

foren6

A

tools for sniffing IoT device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

SuperOneClick

A

tools to root android devices

20
Q

ALE = ____ * ____

A

ARO * SLE

21
Q

THOR

A

full APT scanner

22
Q

Diffie Hellman group:

A
  • group 1: 768bit
  • group 2: 1024bit
  • group 5: 1536bit
  • group 14: 2048bit
23
Q

key escrow

A

enable a third party to access sensitive data if the needed arrive

24
Q

RUDY

A

keeping sessions as long as possible

25
Q

LAND attack

A

DoS attack that use a malformed packet

26
Q

teardrop

A

DoS attack that use several large overlapping IP Fragment

27
Q

smurf attack

A

spoof victim and got back multiple ICMP reply, DoS

28
Q

ping of death

A

ICMP too big, so after frag, the system crash

29
Q

blackboard

A

recognize spam with AI

30
Q

cavity virus

A

use the unused part of a file

31
Q

sparse virus

A

launch on trigger (like day, number of use, etc)

32
Q

dhcp starvation

A

full of ip leases, so the dhcp can’t be working

33
Q

BIA

A

Business Impact Analysis ⇒ identify business system and process, that are critical for a company to continue to operate

34
Q

MTD

A

Maximum Tolerable Downtime

35
Q

Common Criteria, what is “ST” ?

A

Security Target : is the DOCUMENTATION for a system or product that is to be tested

36
Q

Common Criteria, what is “ToE” ?

A

Target of Evaluation ==> the system to test

37
Q

Hyena tools

A

used to enumeration system (like netbios)

38
Q

utmp file ?

A

currently logs user

39
Q

btmp file ?

A

failed login attempt

40
Q

wtmp file ?

A

login/logout activity

41
Q

cache poisoning

A

DNS poisoning

42
Q

risk equation = ________

A

vulnerability (likelihood of appearing) * threat (frequency) * cost

43
Q

dimitry

A

opensource network scanning utility

44
Q

p0f

A

passive os fingerprint - Passive Os Fingerprint = p0f

45
Q

wich fw does operate at layer 5 ?

A

circuit-level gateway firewall

46
Q

program slicing ?

A

deobfuscation method

47
Q

nemesys

A

command line tools that generate arp, ethernet, tcp and udp packet