Shared Flashcard Set

Details

Security
Security
75
Computer Networking
Graduate
10/14/2010

Additional Computer Networking Flashcards

 


 

Cards

Term
While most attacks take advantage of vulnerabilities that someone has already
uncovered ,a______________ occurs when an attacker discovers and exploits a previously unkown flaw.
Definition
Zero Day Attack
Term
What involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire?
Definition
Business Data Theft
Term
What is Children's Online Privacy Protection Act(COPPA)?
Definition
It requires operators of online services ,or web sites designed for children under the age of 13 to obtain parental consent prior to the collect, use, disclosure, or display of a child's personal information
Term
What kind of virus can alter how they appear to avoid detection?
Definition
Metamorphic Viruses
Term
What involves horizontally separating words, although still readable by the human eye?
Definition
Word Splitting
Term
What has a means of managing and presenting computer resources by funtion
without regard to their physical layout or location?
Definition
Virtualization
Term
The goal of ASLR(Address Space Layout Randomization)is what?
Definition
To make it harder to predict where the operating system functionality resides in memory.
Term
What is a cookie?
Definition

Instead of the Web Server asking the user for the same information each time she vists that site, the server can store that user-specific information in a file on the user's local computer and then retrieve it later

 

or

 

Cookie Monsters Favorite food

Term
What represents a specific way of implementing __________and are sometimes called ________application?
Definition
Active X
Term
What is responsible for incoming mail?
Definition
Post Office Protocol(POP3)
Term
Which is a server program operated by the person or organization that wants to share the file?
Definition
A Tracker
Term
What is an entry in the Domain Name System(DNS) that identifies the mail server responible for handling that domain name?
Definition
The MX (mail exchange)record
Term
What allows the administrator to configure the switch to redirect traffic that occurs on some or all ports to a designated monitoring port on the switch
Definition
Port Mirroring
Term
With wireless CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)the amount of time that a device must wait after the medium is clear is?
Definition
Slot Time
Term
What makes a copy of the transmission before sending it to the recipient
Definition
A Replay Attack
Term
How can Dns poisoning be prevented by using the latest editions of DNS software
Definition
BIND
Term
In order for a hosting using TCp/Ip on an Ethernet network to find the MAC address of another deviceit uaes______?
Definition
Address Resolution Protocol (ARP)
Term
At regular intervals (normally every 100 microseconds)a wireless AP sends a beacon frame to annouce its presence and to provide the necessary information for devices that want to join the network this iss called what?
Definition
Beaconing
Term
Using subnetting, networks can essentiallybe divided into three parts what are they?
Definition
Networks, subnet, and host
Term
What does NAC(Network Access Control) do?
Definition
Examines the current state of a system or network device before it is allowed to connect to the network.
Term
What is the goal of NAC?
Definition
Is to prevent computers with sub-optimal security from potentially infecting other computers through the network.
Term
What does Host Intrusion Detection Systems(HIDS) purpose?
Definition
Is a software-basedsystem that attempts to monitor and possibly prevents attempts to attack a local system
Term
What monitors Internet traffic and blocks access to preselected Web sites and files
Definition
Internet Content filter
Term
information security a loss can be ________
Definition
All of the above
Term
What is Port Address Translation(PAT)
Definition
Instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number
Term
According to the FBI Computer Crime and Security Survey, the loss of data of respondents was approximately what number? (Page 93)
Definition
$10 million
Term
What act is designed to broaden the surveillance of law enforcement agences to detect and suppress terroism?(page 14)
Definition
USA Patriot Act
Term
According to a research group, over what fraction of daily email messages are unsolicited and could be carring a malicious payload. (Page 15)
Definition
Two -Thirds
Term
What is a program advertised as preforming one activity but actually does something else?(Page 44)
Definition
Trojan Horse
Term
One type of virtualization in which an entire operating system environment is simulated is known as what? (Page 59)
Definition
Operating System Virtualization
Term
What typically involes using clients-side scripts written in Java Script that are designed to extract information from the victim and then pass the information to the attacker(Page 93)
Definition
Cross Site Scripting(XSS)
Term
What is a process of ensuring that any inputs are "clean"and will not corrupt the system? (Page 93)
Definition
Input Validation
Term
What are active Internet connections that down load a specfic file that is available through a tracker.(Page 99)
Definition
Torrent
Term
What wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called what? (Page 128)
Definition
Slot Time
Term
The most common type of antenna for war driving is an omnidirectional antenna, also known as what?(Page 139)
Definition
Dipole Antenna
Term
What is the name given to a wireless technology that uses short-range RF transmission? (Page 139)
Definition
Bluetooth
Term
What is the unauthorized access of information from a wireless device through a bluetooth connection? (Page 141)Blue Jacking
Definition
Term
Using__________, networks can essentially be divided into three parts: networks, subnet, and host.(Page 155)
Definition
subnets
Term
What kind of IP addresses are not assigned to any specific users or organization;Instead ,they can be used by any user on the private Internal network.(Page 162)
Definition
Private Addresses
Term
_________ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decision based on the connection as well as the rule base.(Page 167)
Definition
Stateful
Term
What kind of honeypots are complex to deploy and capture extensive information.These are used primarily by research, military, and government organizations.(Page170)
Definition
Research Honrypots
Term
What is an instruction that interrupts the programs being executed and request a service from the operating system.(Page 172)
Definition
System Calls
Term
What works to protect the entire network and all devices that are connected to it?(Page173)
Definition
Network Intrusion Prevention System
Term
What can fully decode application layer network protocols.Once these protocols are decoded,the different parts of the protocols can be analyzed for any suspicious behavior.(Page 315)
Definition
Protocol Analyzer
Term
What is an industry standard protocol specification that fowards user name and password information to a centralized server.(Page280)
Definition
Terminal Access Control Acess Control System (TACACS)
Term
What is sometimes called X>500 Lite, and also a subset of DAP?(Page281)
Definition
Lightweight Directory Access Protocol(LDAP)
Term
What refers to any combination of hardware and software that enables accessw to remote users to a local internal network.(Page284)
Definition
Remote Access Services(RAS)
Term
What is the end of the tunnel between VPN devices.(Page285)
Definition
Endpoint
Term
What generally denotes a potential nerative impact to an asset.(Page304)
Definition
Risk
Term
What model cam dynamically assign roles to subject based on a set of rules defined by a custodian.(Page232)
Definition
Rule Based Access Control (RBAC)
Term
In the earrly 1980's, the IEEE began work on developing computer network architecture standards, this work is calles whay?(Page191)
Definition
Project 802
Term
What was designed to ensure that only authorizaed parties can view transmittes wireless information?(Page 193)
Definition
Wired Equivalent Privacy(WEP)
Term
The plain text to be transmitted has a CRC value calculated,which is a checksum based on the contents of the text.WEP calls this __________ and appeals it to the end of the text.
Definition
Integrity Check Value (ICV)
Term
In order to address growing wireless security concerns, in October 2003, the WI-FI Alliance introduced what?(Page203)
Definition
Wifi Protcted Access(WPA)
Term
Regarding access control,waht is a specific resources, such as a file or a hardware devic.(Page228)
Definition
Object
Term
What is a practice that requires taht if the fraudulent application of a process could potentially result in a breech of security,then the process should be divided between two or more indivduals(Page233)
Definition
Separation of Duties
Term
The principle of __________in access control means that each user should be given only the minimal amount of priviledges necessary to preform his or her job funtion.(Page233)
Definition
Least Priviledge
Term
What is the verification of the credentials to ensure that they are genuine and not fabricated(Page267)
Definition
Authentication
Term
What is the presention of credentials or identication typically preformed when logging on to a system (Page 267)
Definition
Identification
Term
Who grants premission for admittance(Page267)
Definition
Authorization
Term
What is the most common type of OTP (Page268)
Definition
Time Synchronized OTP
Term
What is a decentralized open sources FIM
that does not require specific software to be installed on the desktop.(Page 277)
Definition
Open ID
Term
The International Organization for Standardization(ISO) created a standard for directory srevices known as what (Page 281)
Definition
X.500
Term
What is a very basic authentication protocol that was used to authentication a user to a remote access server or to an Internetservices provider(ISP) (Page 283)
Definition
Password Authenication Protocol(PAP)
Term
Known as __________, this in effect takes a snapshot of the security of the organization as it now stands (Page 308)
Definition
Vulnerability Appraisal
Term
What is the expected monetary loss eveytime a risk occurs (Page 309)
Definition
Single Loss Expectancy(SLE)
Term
What kind of risk is spread over all of the members of the pool (Page 311)
Definition
Risk Retention Pool
Term
Most communication in TCP/TP involves the exchange of information between a program running on one device known as what (Page 312)
Definition
Process
Term
TCP/IP uses a numeric value as an identifer to applications and services on the systems. This is known as what (Page 312)
Definition
Port Numbers
Term
The Windows file and folder ________ premission allows files and folders to be opened as read only and to be copied(Page 335)
Definition
Read Premission
Term
What premissions allows the creation of files and folders,and allow data to be added to or removed from files (Page335)
Definition
Write Premission
Term
ILM strategies are typically recorded on what kind of policies
Definition
Storage and Retention Policies
Term
What is the process of generating,transmitting and disposing of computer security log data (Page340)
Definition
Log Management
Term
What logs can be used to determined whether new IP addresses are attempting to probe the network and if stronger firewall rules are necessary to block them (Page 342)
Definition
Firewall logs
Term
What is typically a low-level system program that uses a notification engine designed to monitor and track down hidden activity on a desktop system, server,or even personal digital assistant(PDA) or cell phone (Page349)
Definition
System Monitors
Supporting users have an ad free experience!