Term
|
Definition
A program installed on a computer that permits access to the computer, thus
bypassing the normal authentication process. |
|
|
Term
|
Definition
| This VPN mode establishes a VPN connection between a single client computer and a VPN device. |
|
|
Term
|
Definition
| A type of firewall or security device that looks for keywords or phrases in the data portion of each packet to determine whether to allow it in the network. |
|
|
Term
|
Definition
| The part of a network that contains publicly accessible devices, such as web servers and VPN servers, but is still protected by a firewall. |
|
|
Term
| Denial of Service (DOS) attack |
|
Definition
An attempt to tie up network bandwidth or services so that
network resources are rendered useless to legitimate users. |
|
|
Term
|
Definition
Digital documents used in encryption and authentication protocols that
identify a person or computer and can be verified by a certification authority. |
|
|
Term
|
Definition
A technology used to make data unusable and unreadable to anyone except
authorized users of the data. |
|
|
Term
| Extensible Authentication Protocol (EAP) |
|
Definition
| A framework for other authentication protocols that provides encryption and authentication. |
|
|
Term
|
Definition
A hardware device or software program that inspects packets going into or out of a
network or computer and then discards or forwards packets based on a set of rules. |
|
|
Term
|
Definition
A type of virus that’s not really a virus but simply an e-mail announcement
of a made-up virus. Its harm lies in people believing the announcement and forwarding the
e-mail on to others |
|
|
Term
|
Definition
| A network device, such as a server, that has been installed as a decoy to lure potential attackers. |
|
|
Term
| Intrusion detection system (IDS) |
|
Definition
Usually a component of a firewall, a hardware device or
software that detects an attempted security breach and notifies the network administrator.
An IDS can also take countermeasures to stop an attack in progress. |
|
|
Term
| Intrusion Prevention System |
|
Definition
| A variation of IDS that can take countermeasures if an attack is in process. See also Intrusion Detection System (IDS) |
|
|
Term
|
Definition
| The authentication protocol used in a Windows Domain Environment to authenticate logons and grant accounts access to domain resources. It provides mutual authentication between a client and a server or between two servers. |
|
|
Term
|
Definition
| Time-dependent malware that can come in different forms. It's main characteristic is that it's activated when a particular event occurs, such as a specific date or time, or when a particular file is accessed. |
|
|
Term
|
Definition
A security method often used in wireless networks, in which only
devices with MAC addresses specified by the administrator can gain access to the wireless
network. |
|
|
Term
|
Definition
| A command or keystroke that executes a series of actions in a document |
|
|
Term
|
Definition
Any software designed to cause harm or disruption to a computer system
or otherwise perform activities on a computer without the consent of the computer’s
owner. |
|
|
Term
| Multifactor Authentication (MFA) |
|
Definition
| A type of authentication in which a user must supply two or more types of authentication, drawn from those credential categories: Knowledge, possession and Inherence. |
|
|
Term
|
Definition
| A type of authentication in which the identity of both parties is identified. |
|
|
Term
|
Definition
A term used to describe a security consultant who detects holes in a
system’s security for the purpose of correcting these vulnerabilities. White hat |
|
|
Term
|
Definition
| An automated method for pinging a range of IP addresses. |
|
|
Term
|
Definition
Software that determines which TCP and UDP ports are available on a
computer or device |
|
|
Term
|
Definition
A series of letters, numbers, and special characters, much like a password,
that both communicating devices use to authenticate each other’s identity. |
|
|
Term
|
Definition
Programs or devices that can capture packets traversing a network and
display packet contents in a form useful to the user. |
|
|
Term
|
Definition
| A type of malware that redirects you to a website warning that your system is infected and you must install the vendors software or call a phone number to clean it. |
|
|
Term
|
Definition
Forms of Trojan programs that can monitor traffic to and from a computer,
monitor keystrokes, and capture passwords. They’re among the most insidious form of
malware because they can mask that the system has been compromised by altering system files and drivers required for normal computer operation. See also malware. |
|
|
Term
|
Definition
| A document that describes the rules governing access to an organizations information resources, enforcement of these rules and steps taken if rules are breached. |
|
|
Term
|
Definition
| This VPN mode establishes a connection between two routers that support VPNs. |
|
|
Term
|
Definition
A tactic attackers use to get users to perform an action, such as opening
an infected e-mail attachment, sending a hoax virus, or providing a password, without being
aware that they’re aiding the attacker. See also hoax virus. |
|
|
Term
|
Definition
Unsolicited e-mail. The harm in spam is the loss of productivity when people receive
dozens or hundreds of spam messages daily and the use of resources to receive and store
spam on e-mail servers. |
|
|
Term
|
Definition
| A source address inserted into a packet that’s not the sender’s actual address. |
|
|
Term
|
Definition
| A type of malware that monitors or controls part of your computer at the expense of your privacy and the gain of some third party. See also malware. |
|
|
Term
| Stateful Packet Inspection (SPI) |
|
Definition
A filtering method used in a firewall, whereby packets
aren’t simply filtered based on packet properties but are checked for the context in which
they’re being transmitted. If a packet isn’t part of a legitimate, ongoing data conversation,
it’s denied. |
|
|
Term
|
Definition
A program that appears to be useful, such as a free utility, but in reality
contains some type of malware. See also malware. |
|
|
Term
| Virtual Private Networks (VPNs) |
|
Definition
Temporary or permanent connections across a public
network that use encryption technology to transmit and receive data. See also encryption. |
|
|
Term
|
Definition
A malicious program that spreads by replicating itself into other programs or
documents; usually aims to disrupt computer or network functions by deleting and corrupting files. |
|
|
Term
|
Definition
| A pattern of computer code that's unique to a virus and is used to identify it on an infected system. |
|
|
Term
|
Definition
| A dedicated VPN service that can handle many VPN connections and tunnels. |
|
|
Term
|
Definition
Attackers who drive around with a laptop or PDA looking for wireless LANs to
access. |
|
|
Term
| Wifi Protected Access (WPA) |
|
Definition
A wireless security protocol that’s the successor to Wired
Equivalent Privacy. It has enhancements that make cracking the encryption code more
difficult. See also Wired Equivalent Privacy (WEP). |
|
|
Term
| Wifi Protected Access 2 (WPA2) |
|
Definition
| The successor to WPA that uses advanced encryption standard for the highest level of encryption; currently the strongest security protocol for wireless networks. |
|
|
Term
| Wired Equivalent Privacy (WEP) |
|
Definition
A wireless security protocol that encrypts data so that
unauthorized people receiving wireless network signals can’t interpret the data easily |
|
|
Term
|
Definition
A self-replicating program, similar to a virus, that uses network services such as email
to spread to other systems. See also virus. |
|
|
Term
Which of the following passwords is the best to use on a system containing highly sensitive information?
a. BillySmith
b. 0OxqH}ml2-wO
c. H@ackAt!ack23
d. MySecretPassword |
|
Definition
|
|
Term
Which of the following can you use to help secure a wireless network?
a. IP Subnetting
b. MAC address filtering
c. WPA2
d. SSID broadcast |
|
Definition
|
|
Term
Which of these protocols is used for VPNs? (Choose all that apply.)
a. PPTP
b. WPA
c. SSTP
d. L2TP
e. UDP |
|
Definition
|
|
Term
How do VPNs accomplish the “private” part of a virtual private network?
a. Tunneling
b. Concentrating
c. Encapsulating
d. Authenticating |
|
Definition
|
|
Term
Which of the following terms refers to attacking a Web server by forcing it to respond to a flood of ping packets so that the server can't respond to normal traffic?
a. DDR
b. ICMP
c. DoS
d. Worm |
|
Definition
|
|
Term
Which of the following is a guideline for creating a security policy?
a. A security policy should be cryptic so that attackers can't understand it.
b. A security policy should be general enough so that rules can be added as needed.
c. A security policy should be enforceable.
d. A security policy should have different provisions depending on the user. |
|
Definition
| c. A security policy should be enforceable. |
|
|
Term
Which of the following is a component of a security policy? (Choose all that apply.)
a. Authentication policy
b. Privacy policy
c. Network configuration policy
d. Computer specification policy |
|
Definition
|
|
Term
Which of the following questions must be answered before determining what level of security a network requires? (Choose all that apply)
a. What tools are being used to attack the network?
b. What's being protected?
c. From whom should the data be protected?
d. How much data is on the network? |
|
Definition
|
|
Term
Which of the following should be a common element in any level of security policy? (Choose all that apply.)
a. Complex passwords
b. Backup procedures
c. Data encryption
d. Virus protection |
|
Definition
|
|
Term
Choose two words from the following list that best complete this sentence: If there's access to the equipment, there's no ___________________.
a. Physical
b. Network
c. Data
d. Security |
|
Definition
|
|
Term
Which of the following is a requirement for rooms housing network servers?
a. Separate heating system
b. Adequate cooling
c. False ceilings
d. Shared electrical circuit |
|
Definition
|
|
Term
The procedure that specifies what resources users can access and the tasks they can perform on a network is referred to as which of the following?
a. Authentication
b. Auditing
c. Authorization
d. Logon |
|
Definition
|
|
Term
If you want to allow a blank password in a Windows XP system, which of the following do you set the password minimum length to?
a. blank
b. 0
c. -1
d. Nothing |
|
Definition
|
|
Term
If you want to prevent password guessing to foil intruders, you should enable which of the following?
a. Account lockout
b. Password expiration
c. Password disabling
d. Account policies |
|
Definition
|
|
Term
Which authentication protocol is used in a Windows domain environment?
a. AES
b. Kerberos
c. EAP
d. MS-CHAP v2 |
|
Definition
|
|
Term
Which of the following is a credential category? (Choose all that apply)
a. Knowledge
b. Inherence
c. Encryption
d. Possession
e. Authentication |
|
Definition
|
|
Term
Which of the following is a method IPSec uses to authenticate the identity of communicating devices? (Choose all that apply.)
a. Multishared key
b. Kerberos
c. PAM
d. Digital certificates |
|
Definition
|
|
Term
To encrypt data stored on a hard drive on a Windows Server 2003 computer, you should use which of the following?
a. EFS
b. DFS
c. NTFS permissions
d. Gpg |
|
Definition
|
|
Term
Firewalls can filter packets based on which of the following? (Choose all that apply.)
a. Source address
b. Protocol
c. OS
d. Context |
|
Definition
|
|
Term
If network administrators want to be informed when an attempt has been made to compromise the network, what should they use?
a. VPN
b. AES
c. IDS
d. EFS |
|
Definition
|
|
Term
Which VPN mode should you use if you want to establish a secure tunnel between a main office and a branch office?
a. Client-to-Gateway
b. Site-to-Site
c. Site-to-Gateway
d. Host-to-Site |
|
Definition
|
|
Term
Where's a common place to install an NIDS?
a. In the DMZ
b. On an isolated host
c. On a honeypot
In the ISP |
|
Definition
|
|
Term
What device should you consider installing if you want countermeasures to take place when an attack is detected?
a. Content Filter
b. IPS
c. Antivirus Software
d. HIDS |
|
Definition
|
|
