Threats And Security Measures (Chapter 6) Flashcards

1
Q

CIA

A

Confidentiality
Integrity
Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Confidentiality

A

The fundamentals security goal of keeping information and communication private and protecting them from unauthorised access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Integrity

A

The fundamental security goal of ensuring that electronic data is not altered or tampered with

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Availability

A

The fundamental security goal of ensuring that systems operate continuously and that authorized individuals can access data that they need

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Hardening

A

A security technique in which the default configuration of a system is altered to protect the system against attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security Policies

A

Covering all aspects of computer and network hardware from the purchase to disposal/change.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Security Controls

A

A technology or procedure to mitigate vulnerability and risk, and to ensure CIA of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Logical security

A

Controls implemented in software to create an access control system (Firewall)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ACL

A

Access Control List
- Any scenario where a objects on a list are given access or denied
- NTFS permission
- Share permission
- Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Triple A (AAA)

A

Authentication
Authorization
Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Authentication

A

A means for a user to prove their identity to a computer system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Authorization

A

The process of determining what rights and privileges a particular entity has

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Accounting

A

The process of tracking and recording system activities and resource access.
Aka auditing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Security Control Types

A

Physical Controls
- physical aspects
Procedural Controls
- procedure that needs to be followed
Logical Controls
- software implemented control
Legal, Regulatory, Compliance Control
- controls that need to be followed by law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Implicit Deny

A

Unless something has explicitly been granted access it should be denied access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Least Privilege

A

Something should be allocated the minimum necessary rights, privileges or information needed to perform it’s role

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Encryption

A

Scrambling the characters used in a message so that the message can be seen but not understood or modified unless it’s deciphered.
- takes processing time to encrypted and decrypt data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Symmetric Encryption

A
  • 1024-bit key encryption
  • Single key used to encrypted and decrypt
  • Copy of keys used to encrypted and decrypt need to be securely distributed and stored
  • Faster and less intensive than asymptomatic encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Asymmetric Encryption

A
  • Private key to Decrypt
  • Public key to Encrypt
  • often used for digital signatures, digital certificate and key exchange
  • Uses RSA Cipher
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Key Exchange

A

Two host need to know the same symmetric Encryption key without any other host finding out the key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

RSA Cipher

A

The first successful algorithm to be designed for public key encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Cryptographic Encryption

A

-A hashed value from which it is impossible to recover the original data.
- A one way cryptographic process
- Provides integrity function in most systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Hash

A

The value that results from hashing encryption as a short representation of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

PKI

A

Public Key Infrastructure
Asymmetric Encryption for securekey distribution for symmetric Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Certificate Authority
A server that control the distribution of digital certificate and the associated public/private key pairs
26
Digital certificate
- X.509 Certificate - a guarantee that a key belongs to a given system
27
Execution Control (Hardening)
Logical security technologies designed to prevent malicious software from running on a host and establish a security system that does not entirely depend on the good behaviour of individual uswrs
28
Anti-Virus
Uses a database of know patterns (definitions and signature) to detect and prevents malware from executing
29
Heuristic
Monitoring technique that allows dynamic pattern matching based on past experience rather than relying on pre-loaded signatures
30
NAC
Network Access Control A means of ensuring endpoint security
31
Firewall
Hardware/software that filters traffic passing into or out of a network
32
Defense in depth
Configuring security controls on hosts as well as providing network security, physical security and administrative controls. - Multiple layers of security of different types
33
Health Policy
Policies or profiles describing a minimum security configuration that devices must meet to be granted network access
34
MAC filtering
Applying an access control list to a switch or access point so that only clients with approved MAC address can connect to it
35
Port-based NAC
Aka: IEEE 802.1x Standard in which the **switch/router** performs some sort of authentication of the attached device before activating the port
36
Supplicant
A device requesting access from a Port-based NAC (IEEE 802.1X)
37
EAPoL (over land)
Framework for negotiation authentication methods, supporting a range of authentication devices.
38
MDM
Mobile device Manager Software suits designed to manage use of smartphone and tablets within a company
39
BYOD
Security framework and tools to facilitate use of personal devices to access a corporate network and data
40
VPN
A secure tunnel created between two endpoints connect via an unsecured network. - uses IPSec and encryption to create secure tunnel - communicate are encrypted and packaged within another TCP/IP packet stream
41
IPSec
Layer 3 protocol suite providing security for TCP/IP
42
Vulnerability
Any weaknesses that could be triggered accidentally or exploited intentional to cause a security breach
43
Threat
Any potential violation of security policies or procedures
44
Threat agant
A person or event that triggers a vulnerability accidentally or exploits it intentionally
45
Risk
The likelihood and impact (consequences) of a threat actor exercising a vulnerability
46
Social Engineering
A hacking technique whereby the hacker gains useful information about an organisation by deceiving it's user or by exploiting their insecure working practices - Impersonation, phishing, spoofing, Spear phishing, pharming, dumpster diving, shoulder surfing, tailgating
47
Impersonation
A type of social engineering attack where the hack impersonates someone to exploit the user
48
Phishing
A social engineering attack where fake emails are sent to individuals which are infected with malware, with the hope that one of the individuals will assume the email is legit and open it
49
Spoofing
A social engineering attack that redirect an individual to a link that resembles a legitimate site but in reality is a malicious copy of the site
50
Spear phishing
A social engineering attack that uses a personalised email with info about the person being targeted.
51
Pharming
A social engineering attack that uses malicious code that redirect individual to spoofed website with the intent of steal personal information
52
Dumpsters diving
Going through individual trash to gain personal information
53
Footpringing
An information gathering threat, in which the attacker attempts to learn the configuration of the network and security systems through social engineering attacks or software-basex tools
54
Network Mapping
Tools to gather information about the way the network is built and configured and the current status of hosts
55
Port scanning
Software that emulates the status of TCP and UDP ports on a target system. Port scanning can be blocked by some firewalls and IDS
56
Eavesdropping
Listening in to communicate sent over a media
57
MAC flooding
Overloading the switch's MAC cache to prevent genuine devices from connecting
58
ARP poisoning
Maps IP address to NIC MAC address
59
Replay attack
Attack intercepts some authentication data and reuses it to try to re-establish a session
60
MITM
Man In The Middle attack Attacker intercepts communication between two hosts
61
Mutual Authentication
A client authenticates to the server and the server authenticates to the client
62
Rainbow tables
Tool for speeding up attacks against windows password by precomputed possible hashes
63
Denial of Services
An attack that causes services to fail or be unavailable to legitimate users
64
Distributed Denial of Service
An attack with multiple computers attacking a service or weakness on a network
65
Zombie
A machine that is unknowingly been effected with malicious software that is used to direct systems resources to launch an attack (DDoS)
66
Botnet
A network of zombies machines that attack a services to disrupt, usually by overloading
67
Cyber warfare
The uses of IT serviced and devices to disrupt national, state or organisation activities, especially when used for military purposes
68
Hacker collectives
A group of hackers working together to target an organisation as part of a cyber warfare campaign
69
Zero-day exploit
An attack that exploits a vulnerability in software that is unknown to the software vendor and users
70
Cross-site Scripting Attacks
Web application vulnerability Scripts are embedded in webpage URL and are executed by the browser
71
SQL Injection Attacks
Using SQL statement to attack a database that have faulty input validation.
72
Brute force
Attack are effective against short passwords
73
Remnant Removal
Data on a harddrive that has been deleted by users have the pointers to the data deleted. Specialized software can remap the pointers to recover the deleted data. - to ensure data can not be recovered is by randomly rewriting data over all writeable areas
74
Data disposal
Disk wiping - overwriting each disk location using zeros leaving the disk in a clean state Low Level Format - creates cylinder and escorts in the disk