Terms Deck 2 Flashcards

1
Q

refactoring

A

A practice for software developers that involves identifying ways to make code more efficient through better design.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

pass-the-hash attack

A

A type of replay attack in which the attacker provides the hashed password to an accepting authentication scheme.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

evil twin

A

A situation in which an unauthorized wireless access point has been set up to mount on-path attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

rogue access point

A

An unauthorized wireless access point.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

bluesnarfing

A

A Bluetooth attack that can expose or alter a user’s information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

bluejacking

A

An attack used to generate messages that appear to be from the device itself, leading users to follow obvious prompts and establish an open Bluetooth connection to the attacker’s device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

jamming

A

An attack on a wireless network that is performed by setting up a nearby access point and using a dedicated wireless jamming device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

radio frequency identification (RFID)

A

A wireless technology that was initially common to supply-chain and inventory tracking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

near-field communication (NFC)

A

A set of standards for contactless communication between devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

initialization vector (IV) attack

A

A fixed-size input of a random or pseudo-random value used with block cipher modes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

man-in-the-middle (MITM) attack

A

An attack in which a hacker attempts to intercept data in a network stream and then insert his or her own data into the communication. The goal is to disrupt or take over communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Address Resolution Protocol (ARP) poisoning

A

An attack in which a perpetrator tricks a device into thinking any IP address is related to any MAC address. In addition, perpetrators can broadcast a fake or spoofed ARP reply to an entire network and poison all computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

MAC spoofing

A

An attack that involves spoofing the hard-coded Media Access Control (MAC) address of a network card.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

domain hijacking

A

An attack that occurs when a domain is taken over without the original owner’s knowledge or consent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DNS poisoning

A

An attack that involves redirecting legitimate traffic by changing the IP record for a specific domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

domain reputation

A

Protection for registered domains that provides monitoring and threat intelligence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

distributed denial of service (DDoS) attack

A

An attack that originates from multiple systems simultaneously, causing even more extreme consumption of bandwidth and other resources than a DoS attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

advanced persistent threat (APT)

A

A threat that is rooted in the capability to infiltrate a network and remain inside while going undetected. This access often provides the means for a more strategic target or defined objective, including the capability to exfiltrate information over a long period of time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

threat actor

A

An individual, a group, or an entity that contributes to an incident—or, more simply, a person or an entity that executes a given threat.

20
Q

open-source intelligence (OSINT)

A

Information available for collection from publicly available information sources.

21
Q

dark web

A

A part of the web that can’t be accessed like regular websites but that requires the use of special software that provides secure communications.

22
Q

indicator of compromise (IOC)

A

Evidence that indicates a security breach or event has occurred.

23
Q

automated indicator sharing (AIS)

A

An initiative from the U.S. Department of Homeland Security that enables the exchange of cybersecurity threat indicators.

24
Q

Structured Threat Information eXpression (STIX)

A

A standardized and structured language that represents threat information in a flexible, automatable, and easy-to-use manner.

25
Q

Trusted Automated eXchange of Indicator Information (TAXII)

A

A specification for machine-to-machine communication that allows organizations to share information with others, as desired.

26
Q

zero-day attack

A

An attack that exploits a vulnerability that is unknown to others—possibly even to the software developer.

27
Q

threat hunting

A

A proactive approach to finding an attacker before alerts are triggered.

28
Q

vulnerability scan

A

A scanning method that identifies vulnerabilities, misconfigurations, and lack of security controls.

29
Q

CVE/CVSS

A

Common Vulnerabilities and Exposure/Common Vulnerability Scoring System - A list of publicly known vulnerabilities that provides descriptions and references, along with severity ratings.

30
Q

security information and event management (SIEM)

A

A set of tools that collects, correlates, and displays data feeds that support response activities.

31
Q

security orchestration, automation, and response (SOAR)

A

A set of tools that aggregates intelligence from internal and external sources to provide fusion analysis and advanced security analytics and operations.

32
Q

white box

A

A testing method in which the assessor has knowledge about the inner workings of the system or knowledge of the source code. Also called clear box or glass box testing.

33
Q

black box

A

A test conducted when the assessor has no information or knowledge about the inner workings of the system or knowledge of the source code.

34
Q

gray box

A

A testing method that combines white box and black box techniques. It can be thought of as being translucent as the tester has some understanding of or limited knowledge of the inner workings of the system being tested.

35
Q

persistence

A

An exploitation technique that enables the tester to gain additional compromising information.

36
Q

teaming (red, blue, white, purple)

A

Security team exercises conducted with teams with color names that represent different goals, such as attackers and defenders.

37
Q

data loss prevention (DLP)

A

Security services that identify, monitor, and protect data during use, storage, or transfer between devices. DLP software relies on deep inspection of data and transactional details for unauthorized access operations.

38
Q

hashing

A

A methodology used to calculate a short, secret value from a data set of any size (usually for an entire message or for individual transmission units). This secret value is recalculated independently on the receiving end and is compared to the submitted value to verify the sender’s identity.

39
Q

hardware security module (HSM)

A

A dedicated crypto-processor that is specifically designed for the protection of transactions, identities, and applications by securing cryptographic keys.

40
Q

cloud access security broker (CASB)

A

A Gartner-created term that describes a cloud cybersecurity layer focused on visibility, compliance, data security, and threat protection.

41
Q

Secure Sockets Layer (SSL)

A

An Internet protocol that uses connection-oriented, end-to-end encryption to ensure that client/server communications are confidential (encrypted) and meet integrity constraints (message digests). Because SSL is independent of the application layer, any application protocol can work with SSL transparently. SSL can also work with a secure transport layer protocol, which is why the term SSL/TLS appears frequently.

42
Q

Transport Layer Security (TLS)

A

An end-to-end encryption protocol originally specified in ISO Standard 10736 that provides security services as part of the transport layer in a protocol stack.

43
Q

hot site

A

A physical site that is immediately available for continuing computer operations if an emergency arises. It typically has all the necessary hardware and software loaded and configured, and it is available continuously. Compare this with warm and cold sites.

44
Q

cold site

A

A remote site that has electricity, plumbing, and heating installed, ready for use when enacting disaster recovery or business continuity plans. At a cold site, the company enacting the plan supplies all other equipment, systems, and configurations. Compare this with hot and warm sites.

45
Q

warm site

A

A backup site that has some of the equipment and infrastructure necessary for a business to begin operating at that location. Typically, companies or organizations bring their own computer systems and hardware to a warm site, and the site usually already includes a ready-to-use networking infrastructure. It also might include reliable power, climate controls, lighting, and Internet access points. Compare with hot and cold sites.