Shared Flashcard Set

Details

CompTIA Sec+ 2.2
Technologies and Tools Network Posture
31
Computer Science
Professional
11/11/2018
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Protocol Analyzer (Sniffer)
 Definition
Retina
Wireshark
Netmon
Term
Network Scanners
 Definition
NMAP
Netcat
Term
Split Tunnel
 Definition
External User
Secure Access Over VPN to company
Access External Resources directly
Term
Rogue Machine Detection
 Definition
Identifying machines that don't belong on the network
Malicious hackers
Ethernet Jacking
Term
Port Scanner
 Definition
Check an IP address or range of IP's for open ports
Term
Port Scanner
 Definition
Fingerprints what type of OS, applications and services
Term
In-Band Access Control
 Definition
-Traffic can be examined in real-time
-Closer to the point of entry into the network
-Access provide using Telnet, SSH, etc
-Less to manage/Reconfigure when inserting into the network
Term
Out-of-Band Access Control
 Definition
-More reactive in nature vs real-time
-Requires additional design/redesign work
-Requires additional upstream components
to provide similar security
-Endpoint compliance not as granular
-Saves trip to data center
Term
Out of Band NIC
 Definition
-Separate Interface for management network
-Used for lights out management
-Monitoring and audit logging
-Use to patch install OS or troubleshoot a host that is offline or won't boot
Term
Popular Wireless Scanners / Crackers
 Definition
-Airsnort -Airjack
-WEPcrack -Netstumbler
-kismet -ASLEAP
-Ethereal -IKECrack
Term
Wireless Scanner Cracking Tools
 Definition
-Crack WPA and WEP
-Find hidden WiFi network
-DoS attacks
-MiTM attacks
Term
False Positives
 Definition
-Events that aren't really incidents
-Anomalies that deviate from normal behavior
Term
False Positive Corrections
 Definition
-Can create excess work or minimize attention when real incidents occur
Term
False Negative
 Definition
-Incident was not recognized
-COntrols not configured properly
-Operator error
Term
Type I error
 Definition
False Positives
Term
Type II error
 Definition
False Negatives
Term
Type III Error
 Definition
Arriving at the right conclusion for the wrong reason
Term
Vulnerability Scanners
 Definition
-Nessus
-REtina
-NMAP
-SAINT
Term
Transparent Proxy
 Definition
-Intermediary system that typically sits between a user and a content provider
-Caching, Filtering, Captive Portal
Term
Exploitation Frameworks
 Definition
-Metasploit
-CANVAS
-Core Impact - First Fully AUtomated
-RouterSploit
-
Term
Disk Sanitization Tools
 Definition
-Hard disk Overwrite the data multiple time
-SSD Resets the NAND and marks all blocks as empty
-SSD vendor tools
Term
SSD Sanitizaton Tools
 Definition
-Samsung Magician
-INtel Solid State Toolbox
-Corsair SSD Toolbox
-SANDisk SSD Toolbox
-OCZ Toolbox
-Parted Magic
Term
Department of Defense Data Sanitization Standard
 Definition
DoD 5229.22M Standard
Term
CSEC (Communication Security Establishment Canada) Data Sanitization Standard
 Definition
RCMP CSEC ITSG-06
Term
Standalone Access Point
 Definition
-AP with everything required to service clients
-Limited Encryption
-Updates done individually
-No Load Balancing
Term
Controller Based
 Definition
WAP with Enterprise features
Managed Centrally
Centralized patching
Scales well
Term
Steganography
 Definition
Hiding a document inside of another document
Term
Popular Steganography Tools
 Definition
XIAO
IMAGE
Steghide
Crypture
OpenStego
Term
Banner Grab
 Definition
Used to provide information about a service running on a particular port
Term
Passive Tools
 Definition
-DOn't interact directly with the hosts
-Gather information and report externally
-Packet captures/sniffers
-Not usually visible ot the host or administrators
Term
Active Tools
 Definition
Penetration Testing
Port Scanners
Honeypots/honeynets
Banner Grabbing
Visible to the host and administrators
Supporting users have an ad free experience!