Term
|
Definition
Confidentiality
Integrity
Availability |
|
|
Term
| Operational Model of Security |
|
Definition
| Protection = Prevention + Detection + Response |
|
|
Term
|
Definition
| Give only the absolute minimum rights and privileges needed |
|
|
Term
|
Definition
| Multiple barriers working in conjunction help eliminate single points of failure |
|
|
Term
|
Definition
Layers of security should be implemented using dissimilar methods and vendors.
Layers should be so dissimilar that if one layer is penetrated, the next layer cannot be penetrated using the same method. |
|
|
Term
| Security Through Obscurity |
|
Definition
| Ice cream hidden in the back of the freezer will be found |
|
|
Term
| Keep it Simple (Stupid) (KISS) |
|
Definition
1. Turn off nonessential services, etc
2. Complex systems are difficult to secure |
|
|
Term
|
Definition
| The ability of a subject to interact with an object |
|
|
Term
| Access Control List (ACL) |
|
Definition
| A list stating who has specific types access to what |
|
|
Term
| Discretionary Access Control (DAC) |
|
Definition
Access control based on identity of subjects or groups to which they belong
*Certain subjects (eg "Owner") may pass permissions on to any other subject |
|
|
Term
| Mandatory Access Control (MAC) |
|
Definition
Access control based on levels of sensitivity assigned to objects (Labels) and formal levels of authorization (ie clearance) of subjects.
These relationships are strictly enforced. |
|
|
Term
| Role-Based Access Control (RBAC) |
|
Definition
| Access control based on subjects being assigned certain roles. Access control is managed at the role level instead of the subject level. |
|
|
Term
|
Definition
| Verifying the identity of a subject |
|
|
Term
| 3 general Authentication methods |
|
Definition
1. Something you know (ie password)
2. Something you have (ie token)
3. Something you are (ie biometrics) |
|
|
Term
|
Definition
Network authentication protocol
Ticket, Authentication Server(AS)
Time-based
Driver's license analogy? |
|
|
Term
|
Definition
|
|
Term
|
Definition
Challenge Handshake Protocol
-authentication across a point-to-point link using PPP
-challenge/response (3-way handshake) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Hardware device? used in authentication (something you have)
(e.g. RSA secureToken) |
|
|
Term
| Multifactor Authentication |
|
Definition
| Uses more than one authentication mechanism at the same time (ie ATM card + PIN) |
|
|
Term
|
Definition
| Authentication of both sides of a communication. Helps prevent man-in-the-middle attacks. |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Nonrepudiation is a way to
guarantee that senders cannot deny they sent a message |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Denial of Service Attacks aim to disrupt the availability of services |
|
|
Term
|
Definition
| DOS attack exploiting the TCP 3-way handshake. A multitude of SYN requests are sent to the target. The target responds with a SYN/ACK and waits for a default period for an ACK. The attacker will never reply so the target may use up all it available connections. |
|
|
Term
|
Definition
| Distributed Denial of Service attacks rely on using multiple computers to conduct DOS attacks. |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Making data look like it's coming from a different source than it is. |
|
|
Term
|
Definition
| DOS attack where the attacker sends ICMP echo requests to the broadcast address of a network with the From address spoofed to be the IP address of the target. |
|
|
Term
|
Definition
| An attack in which the attacker will intercept communications between two parties and modify the messages between them.??? |
|
|
Term
|
Definition
| Attackers "record" portions of conversations (eg authentication sequences) and then replay them at a later time |
|
|
Term
|
Definition
| A method of finding a cryptographic or other key by systematically trying all possible combinations of keys |
|
|
Term
|
Definition
| A method of breaking a cryptographic or other system by attacking the implementation of the system/algorithm rather than the system itself (ie using a weakness in a key exchange to find a key rather than using a brute-force attack) |
|
|
Term
|
Definition
| A method of finding a key by trying many commonly used or probable keys (ie guessing a password using all the words in an English dictionary) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Malicious software that self-replicates by copying itself to other executable files. |
|
|
Term
|
Definition
| Malicious software that masquerades as useful software. Trojans rely on the end-user to run them. |
|
|
Term
|
Definition
| Malicious software installed by an authorized user that is designed to drop it's payload at a designated time or after a set of conditions ha been met |
|
|
Term
|
Definition
| Malicious, self-replicating software that runs stand-alone/without the need for a host |
|
|
Term
|
Definition
| Con-artistry. An indirect attack on a system that relies on the inherent trusting nature, or gullibility of human beings. |
|
|
Term
|
Definition
| Listening for the presence of wireless networks while driving |
|
|
Term
|
Definition
| Standard, insecure TCP/IP remote terminal session protocol |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Secure Shell - ???????????? |
|
|
Term
|
Definition
|
|
Term
|
Definition
The encapsulation of one packet in another.
Encapsulation can allow you to obfuscate communications or to change the network transport method.
The contents of the data traveling within a tunnel only needs to be understood by the tunnel end-points. |
|
|
Term
|
Definition
Point-to-Point Tunneling Protocol
-Layer 2 |
|
|
Term
|
Definition
???Point-to-Point Protocol - isawidelyusedprotocolforestablishingdial-incon-
nectionsoverseriallinesorISDNservices.PPPhasseveralauthenticationmechanisms,
includingPasswordAuthenticationProtocol(PAP),ChallengeHandshakeAuthentica-
tionProtocol(CHAP),andtheExtensibleAuthenticationProtocol(EAP).Theseproto-
cols are usedtoauthenticate the peer device, not a user of the system. PPPis a
standardizedInternetencapsulationofIPtrafficoverpoint-to-pointlinks,suchasserial
lines. The authentication process is performed only when the link is established. |
|
|
Term
|
Definition
| Generic Routing Encapsulation(GRE) |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Public switched telephone network = POTS |
|
|
Term
|
Definition
| Plain Old Telephone Service = PSTN |
|
|
Term
|
Definition
| /?? Layer 2 Tunneling Protocol |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Wired Equivalent Privacy - fail
40 or 128bit RC4 stream cipher
Static shared secret, variable initialization vector |
|
|
Term
|
Definition
| Virtual Private Network- an encrypted tunnel between two nodes over a public network. |
|
|
Term
|
Definition
??? IP Security -
IETF based Layer 3 set of protocols for the secure exchange of packets
IPsec has two defined methods—transport and tunneling—and these
two methods provide different levels of security.IPsec also has three modes of connection: host to server, server to server, and host to host. |
|
|
Term
|
Definition
| Encrypts only the data portion of the packet, still exposing the source and destination address. "content protection" |
|
|
Term
|
Definition
| Encrypts the entire packet including the source and destination addresses, and the data portion. The encrypted packet must be encapsulated. (Context protection) |
|
|
Term
|
Definition
| Obfuscation of the data within a conversation |
|
|
Term
|
Definition
| Obfuscation of the identity of the sender and receiver of data |
|
|
Term
| Diffie-Hellman Key Exchange |
|
Definition
|
|
Term
| Authentication Header (AH) |
|
Definition
IPsec uses two protocols to provide traffic security.
when added to an IP datagram, ensures the integrity
of the data and also the authenticity of the data’s origin. By protecting the non-changing
elements in the IPheader,the AH protects the IPaddress,which enables data-origin authentication. |
|
|
Term
| Encapsulating Security Payload (ESP) |
|
Definition
IPsec uses two protocols to provide traffic security:
TheEncapsulatingSecurityPayload(ESP)providessecurityservicesforthe
higher-level protocol portion of the packet only, not the IP header. |
|
|
Term
| Internet Security Association and Key Management Protocol (ISAKMP) |
|
Definition
For key management and exchange, three protocols exist:
• Internet Security Association and Key Management Protocol (ISAKMP)
• Oakley
• Secure Key Exchange Mechanism for Internet (SKEMI)
ThesekeymanagementprotocolscanbecollectivelyreferredtoasInternetKeyManage-
ment Protocol (IKMP) or Internet Key Exchange (IKE). |
|
|
Term
|
Definition
For key management and exchange, three protocols exist:
• Internet Security Association and Key Management Protocol (ISAKMP)
• Oakley
• Secure Key Exchange Mechanism for Internet (SKEMI)
ThesekeymanagementprotocolscanbecollectivelyreferredtoasInternetKeyManage-
ment Protocol (IKMP) or Internet Key Exchange (IKE). |
|
|
Term
| Secure Key Exchange Mechanism for Internet (SKEMI) |
|
Definition
For key management and exchange, three protocols exist:
• Internet Security Association and Key Management Protocol (ISAKMP)
• Oakley
• Secure Key Exchange Mechanism for Internet (SKEMI)
ThesekeymanagementprotocolscanbecollectivelyreferredtoasInternetKeyManage-
ment Protocol (IKMP) or Internet Key Exchange (IKE). |
|
|
Term
| IPSec "security association" |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| ?????Remote Authentication Dial-In User Service |
|
|
Term
|
Definition
|
|
Term
|
Definition
???DIAMETERisaproposednameforthenewAAAprotocolsuite,designatedbytheIETF
toreplacetheagingRADIUSprotocol |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Access Control, Authentication, Auditing Comptia |
|
|
Term
| MIT Kerberos Maximum Time Delta |
|
Definition
|
|
Term
| Microsoft Kerberos Maximum Time Delta |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| network sniffer (formerly ethereal) |
|
|
Term
|
Definition
AS - Authentication Server
TGS - Ticket Granting Server |
|
|
Term
| Ticket Granting Ticket (TGT) |
|
Definition
| Cached Authentication Credential from TGS allows client to request Session Ticket |
|
|
Term
|
Definition
| Authentication Credential from KDC allows client access to resource server |
|
|
Term
|
Definition
????EAP, defined by RFC 3748, is an authentication framework providing
a functionality for a variety of authentication mechanisms. It does not
provide encryption itself, but rather the ability to utilize several encryp-
tion methods within an authentication construct. |
|
|
Term
|
Definition
???? EAP-TLS is considered a very secure form of authentication as it
employs the security of TLS, which is the successor to SSL, and makes use
of both server-side and client-side certificates. Although considered very
secure (especially when client-side certificates are stored on devices like
Smart Cards), the overhead of this form of authentication keeps it from
being a more frequently implemented solution. |
|
|
Term
|
Definition
?????EAP-TTLS also provides very good security utilizing Public Key
Infrastructure (PKI) certificates on the authentication server only to
create a tunnel between the client and the server. |
|
|
Term
|
Definition
????PEAP is the result of a joint development effort from Microsoft, Cisco
Systems, and RSA Security. Like EAP-TTLS, it provides security via server-
side PKI certificates. There are at least two sub-types of PEAP certified
for the WPA and WPA2 standard: PEAPv0/EAP-MSCHAPv2 (Microsoft
Challenge Handshake Authentication Protocol) and PEAPv1/EAP-GTC
(Generated Token Card) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| ??? Message Digest Algorithm/Challenge-Handshake Authentication Protocol |
|
|
Term
|
Definition
|
|
Term
|
Definition
RE:TUNNELING The protocol used by the network (IP on the
Internet) that the information is traveling over |
|
|
Term
|
Definition
RE: TUNNELING This term includes both the tunneling protocol
(PPTP,L2TP) and the encrypting protocol (IPSec,Secure Shell [SSH])
that is wrapped around the original data |
|
|
Term
|
Definition
| RE: TUNNELING The original data being carried |
|
|
Term
| 3 protocols required for tunneling |
|
Definition
Carrier Protocol
Encapsulating Protocol
Passenger Protocol |
|
|
Term
|
Definition
| site-to-site and remote access |
|
|
Term
|
Definition
| virtual private dial-up network |
|
|
Term
|
Definition
|
|
Term
| TACACS+ Transport Protocol |
|
Definition
|
|
Term
| RADIUS Transport Protocol |
|
Definition
|
|
Term
| TACACS Transport Protocol |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| L2TP uses _______ for encrypted tunnels |
|
Definition
|
|
Term
| PPTP only works over ___ networks |
|
Definition
|
|
Term
|
Definition
|
|
Term
| IPSec Mode where only the data(payload) is encrypted |
|
Definition
|
|
Term
| IPSec Mode where data and IP headers are encrypted |
|
Definition
|
|
Term
|
Definition
Internet Key Exchange is used to authenticate the two
ends of a secure tunnel by providing a secure exchange of a shared key before
IPSec transmissions begin. |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Hashed Message Authentication Code |
|
|
Term
|
Definition
Multi-Purpose Internet Mail
Extensions |
|
|
Term
| S/MIME encryption algorithms |
|
Definition
|
|
Term
|
Definition
| Pretty Good Privacy ????????????? |
|
|
Term
|
Definition
|
|
Term
| FCrDNS - Forward Confirmed reverse DNS |
|
Definition
| Verifies that an email's originating IP address matches the fqdn used in the email's "from address" by doing a reverse DNS lookup on the IP, a nslookup on the fqdn, and then comparing. |
|
|
Term
|
Definition
| a vulnerability that is not known to the security public and therefore no protections, patches, or detection signatures exist for it |
|
|
Term
cipher text attack?? pgp???
PGP can fall victim to a _________________ attack,which occurs when a
hacker creates a message and sends it to a targeted userid with the expectation
that this user will then send the message out to other users.When a targeted
user distributes a message to others in an encrypted form,a hacker can listen
to the transmitted messages and figure out the key from the newly created
ciphertext. |
|
Definition
|
|
Term
|
Definition
| System located in a DMZ that has been hardened against hackers |
|
|
Term
|
Definition
|
|
Term
|
Definition
Every part of a network that lies on the
inside of the last firewall from the Internet |
|
|
Term
|
Definition
a server that sits between an intranet and its Internet
connection and handles requests to access internet resources on behalf of intranet clients |
|
|
Term
|
Definition
| Networking zone walled off from the general public, but open to certain authenticated hosts. Access to an extranet does not give access to the intranet. |
|
|
Term
|
Definition
| honeypot is a computer system/network that is deliberately exposed to public access for the express purpose of attracting and distracting attackers. |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| NSA for clipper and capstone chips, requires key escrow (ie nsa has your secrets) |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| designed to be fast on 32bit procs |
|
|
Term
|
Definition
|
|
Term
|
Definition
| RSA variable length block-cipher |
|
|
Term
|
Definition
| RSA variable length stream cipher |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Message authentication code is a key-dependent one-way hash
function. |
|
|
Term
|
Definition
freeware electronic-mail security program, originally designed by Philip Zimmermann [1652]. It uses IDEA for data encryption, RSA (with keys up to 2047 bits) for key management and digital
signatures, and MD5 as a one-way hash function. Key distribution and revocation is done ad-hoc w/ a web of trust model |
|
|
Term
|
Definition
| Log File Monitor is an IDS that reads log files to determine if the network is under attack |
|
|
Term
|
Definition
| System Integrity Verifier is an IDS that notifies when essential files have changed |
|
|
Term
|
Definition
| Key Hashing for Message Authentication Code is used to digitally sign packets on IPSec connections |
|
|
Term
|
Definition
|
|
Term
| Number of rounds for 3DES |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| 802.11 Media Access method |
|
Definition
|
|
Term
| 802.3 Media Access Method |
|
Definition
|
|
Term
| WEP Low Security key size |
|
Definition
|
|
Term
| WEP high security key size |
|
Definition
|
|
Term
| X.509 version 1 certificate (vs version 2 & 3) |
|
Definition
|
|
Term
| Bluetooth promiscuous security mode |
|
Definition
|
|
Term
|
Definition
| SM1(promiscous) < SM2 (establish security after pairing) < SM3 (establish security required first) |
|
|
Term
| Microsoft's Tunneling Protocol |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| L2TP Packet Header Protocol Field Number |
|
Definition
|
|
Term
| TCP Packet Header Protocol Field Number |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
