Shared Flashcard Set

Details

CCNAS_Chpt1_SecurityThreats
CCNAS_Chpt1_SecurityThreats
45
Computer Networking
Undergraduate 3
04/10/2011

Additional Computer Networking Flashcards

 


 

Cards

Term
Prevents Undesirable traffic from entering prescribed areas within a network
Definition
Firewall
Term
Provides real-time detection of certain types of attacks while they are in progress
Definition
IDS
Term
Protect information or processes from unauthorized or accidental modification
Definition
Integrity
Term
Able to detect malicious activity and automatically block the attack in real-time
Definition
IPS
Term
Prevent the unauthorized disclosure of sensitive information
Definition
Confidentiality
Term
Attack in which one device poses as another by falsifying data
Definition
Spoofing
Term
Hiding communications from anyone other than the intended user
Definition
4
Term
Attacks that make computer resources unavailable to intended users
Definition
DoS
Term
Information is accessible by authorized users when needed
Definition
Availability
Term
Document that describes the restrictions on member behaviors and what info may be accessed by whom
Definition
Security Policy
Term
Security related to people joining moving and leaving an org
Definition
HR Security
Term
Inventory and classification scheme for information assets
Definition
Asset Mgmt
Term
Restriction of access rights to the organizations assets
Definition
Access Control
Term
Protection of the computer facilities in an org
Definition
Physical and Environmental Security
Term
Managing the security controls in systems and networks
Definition
Communications and Operations Mgmt
Term
The governance model for information security
Definition
Organization of Information Security
Term
How to anticipate and respond to information security breaches
Definition
Information Security Incident Mgmt
Term
Ensuring conformance with information security policies standards and regulations
Definition
Compliance
Term
Integrating security into applications
Definition
Information Systems Acquisition, Development, and Maintenance
Term
Determine the quantitative and qualitative value of risk
Definition
Risk Assessment
Term
Protection, maintenance and recovery of business-critical processes and systems
Definition
Business Continuity Mgmt
Term
Software which attaches to another program to execute a specific unwanted function on a computer
Definition
virus
Term
An application written to look like something else. When it is opened it attacks the end-user computer from within
Definition
Trojan
Term
Executes code which installs copies of itself in the memory fo the infected computer, which in turn infects other hosts
Definition
Worm
Term
Any malicious code that results in some action
Definition
Payload
Term
The method by which the code replicates itself and locates new targets
Definition
propagation mechanism
Term
A vulnerability on a system that the worm exploits
Definition
Enabling vulnerability
Term
5 phases of attach in proper order (5 P's)
Definition
Probe
Penetrate
Persist
Propagate
Paralyze
Term
Most attacks take advantage of what type of vulnerability?
Definition
Overflow of a fixed memory allocation size for a particular purpose
Term
Antivirus software will prevent viruses from entering the network? T/F
Definition
False
Term
Compartmentalization and segmentation of the network to slow down or stop the work and prevent further infections
Definition
Containment
Term
Identifying and isolating infected machines within the contained areas
Definition
Quarantine
Term
Disinfecting of worm from infected systems
Definition
Treatment
Term
All uninfected systems are patched with appropriate vendor patch
Definition
Innoculation
Term
Exploit known vulnerabilities to gain entry to web accounts, databases, etc..
Definition
Access attack
Term
Unauthorized mapping and discovery of systems, services, or vulnerabilities
Definition
Recon
Term
Send extremely large numbers of requests, slowing or crashing a device
Definition
DoS
Term
Ping Sweep
Port Scan
Packet Sniffer
Internet Information Queries
Definition
Reconnaissance attack
Term
Password Attack
Man-in-the-Middle
Trust exploitation
Port Redirection
Buffer Overflow
Definition
Access-attack
Term
Ping of Death
TCP SYN flood
Smurf Attack
Poisonous Packet
Continuous Stream of Packets
Definition
DoS attack
Term
Use Authentication
Use a switched infrastructure
Use anti-sniffer tools
Definition
Reconnassance
Term
Minimize trust relationships
Use strong passwords
Apply OS and application patches
Definition
Access Attack prevention
Term
Implement QoS and traffic policing
Anti-spoofing techniques
Definition
DoS attack prevention
Term
Name a primary mitigation technique useful in both recon and DoS attacks.
Definition
Firewall or IPS
Term
Name a primary mitigation techinque useful for both recon and access attacks
Definition
Encryption
Supporting users have an ad free experience!