Test 1 Flash Flashcards
What is a Virus?
A program that self replicates
What is an Anti-Virus?
A list known viruses that protects your computer from these virus and should be updated always
What are the two ways to avoid virus?
Policies
Anti-Virus
What is a Trojan?
A Trojan horse is a program that looks benign but has malicious purpose
Buffer Overflow
is an anomaly where a program, while writing data to a buffer, overruns the buffer’s boundary and overwrites adjacent memory locations
What is Spyware?
Spyware is simply software that literally spies on what you do on your computer
What is Spyware used for?
Keyloggers
Spying through webcam
Legal Privacy concerns with employees
What is spam?
Spam is email that is sent out to multiple parties, that is unsolicited
What are the 6 common techniques used by hackers?
Data Collection Passive Active Port Scanning Packet Sniffer SQL Injection
What is Passive Scanning that a hacker does?
passive scanning is just looking at available information to the public so they don’t see that you are looking at them
What is Active Scanning?
Active scans are far more reliable then passive but may be detected by the target system
What is port scanning?
Port Scanning is the process of attempting to contact each network port on the target system and see which ones are open.
What are the two most used quotes in class?
1) “If it sounds to good to be true, it probably is!”
2) “Don’t trust anyone!”
What is a SQL Script Injection?
This attack is based on passing structured query language commands to a web application and getting the website to execute them.
What is a handshake?
This combines the elements of SYN, SYN+ACK and ACK…(three-way handshake)
1) Client sends a packet with the SYN flag
2) Server allocates resources for the client and then responds with the SYN and ACK flags set.
3) Client responds with the ACK flag set.
SYN ?
Synchronize - This packet is asking the target server to please synchronize communications.
Cyber Stalking?
Any use of electronic communications to stalk a person.
What are the two most used quotes in class?
1) “If it sounds to good to be true, it probably is!”
2) “Don’t trust anyone!”
What is a SQL Script Injection?
This attack is based on passing structured query language commands to a web application and getting the website to execute them.
What is a packet sniffer?
A program that captures data as it travels across a network.
What is data collection?
If you collect data from multiple sources you can combine and use for identity theft.
DOS - Strengths and weaknesses?
1) Strength = easy to perform, do not require a great deal of sophistication on the part of perpetrator, and can have devastating effects on the target system.
2) Weaknesses = you need a really fast computer or many computers to overwhelm another computer, website, or network. (performing DDOS - distributed denial of service)
What is a handshake?
“It’s like two computers hooking up and making baby computers”
SYN ?
Synchronize - This packet is asking the target server to please synchronize communications.
What is spear phishing?
Spear Phishing is using the same technology in a targeted manner. For example, if an attacker wanted to get into the servers at a defense contractor, he might craft email and phishing websites specifically to target software and network engineers at that company.
MAC address
Media Access Control - are used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi.
User Interface
User and a computer system interact, in particular the use of input devices and software.
What is low tech espionage
Corporate espionage without the computers and internet disgruntled employees are the biggest threat
Session Hijacking
AKA: Cookie Hijacking the exploitation of a valid Computer session, known as a session key to authorized access to information or servers in a computer system.
Odds of Attack
How likely are you to be attacked? what do you have?
Security Devices
Fire Wall - Barrier between network and outside world
Proxy Server - Often Used with a firewall to hide the internal networks IP and present a single IP (its own) to the world
Intrusion Detection - IDS simply monitors traffic for suspicious activity
Security Activities
Authentication - username and password
Auditing - Process of reviewing logs, records, procedures to determine if their items meet standards
Physical Connections
Hub - Hardware that links computer and all information is shared
Switch - A smarter hub and can hide information from other users on the same network or switch
Router - Internet signal booster and also used as a smarter switch allowing for more users and its own safety features.
Repeater - is an electronic device that receives a signal and re-transmits it.
Ports
n endpoint of communication in an operating system.
IP address and URL
A unique string of numbers separated by periods that identifies each computer using the Internet Protocol to communicate over a network. URL is the site
DNS Server
Domain Service Name - runs special-purpose networking software, features a public IP address, and contains a database of network names and addresses for other Internet hosts.
IPconfig
Displays only the IP address, subnet mask, and default gateway values for each adapter
Ping
Used to test the reachability of a host on an Internet Protocol (IP) network
Tracert
Diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network
NsLookup
Tool used for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
Netstat
A command-line network utility tool that displays network connections for the Transmission Control Protocol (both incoming and outgoing)
Whois
A query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource
OSI Modle
Its goal is the interoperability of diverse communication systems with standard protocols.
MAC address
Media Access Control - are used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi.
Why do we need Encryption?
Encryption is important because it allows you to securely protect data that you don’t want anyone else to have access to.
SYN + ACK?
Synchronize and acknowledged
ACK?
Acknowledge - flag sent after the SYN +ACK is sent to finalize three-way communications.
Smurf Attack?
Attack which causes a network to perform a DoS on one of it’s own servers.
What is a Flood Attack?
A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.
What is the Ping of Death?
Attack dependent on sending packets too large for the server to handle.
What is a teardrop attack?
A teardrop attack is a denial-of-service (DoS) attack that involves sending fragmented packets to a target machine. Since the machine receiving such packets cannot reassemble them due to a bug in TCP/IP fragmentation reassembly, the packets overlap one another, crashing the target network device.
What is Land attack?
Land attack drives the system crazy by attempting to send a message “to and from” itself
Echo/Chargen Attack?
Creating a spoofed network session that appears to come from the local systems echo service and which is pointed at the chargen service to form a “loop”. This causes the system to pass large amount of data in an endless loop.
What is a Public key encryption?
A public key encryption is essentially the opposite of single-key encryption. With any public key encryption algorithm, one key is used to encrypt a message (called the public key).
User Interface
User and a computer system interact, in particular the use of input devices and software.
What is low tech espionage
Corporate espionage without the computers and internet disgruntled employees are the biggest threat
High tech espionage
More of a black hat style of hacking
