Shared Flashcard Set

Details

Security + Chapter 5
Security + Chapter 5
41
Computer Science
Not Applicable
08/02/2012

Additional Computer Science Flashcards

 


 

Cards

Term
MAC Flooding
Definition
An attack that sends numerous packets to a switch, each of which has a different source MAC address, in an attempt to use up the memory on the switch. If this is successful, the switch will change state to failopen mode.
Term
Failopen Mode
Definition
When a switch broadcasts data on all ports the way a hub does.
Term
CAM Table
Definition

Content Addressable Memory Table

 

A table that is in a switch’s memory that contains ports and their corresponding MAC addresses.

Term
NAT
Definition

Network Address Translation

 

The process of changing an IP address while it is in transit across a router. This is usually so one larger address space (private) can be remapped to another address space, or single IP address (public).

Term
Static NAT
Definition

Static Network Address Translation

 

When a single private IP address translates to a single public IP address. This is also called one-to-one mapping.

Term
PAT
Definition

Port Address Translation

 

Like NAT, but it translates both IP addresses and port numbers.

Term
DMZ
Definition

Demilitarized Zone

 

A special area of the network (sometimes referred to as a subnetwork) that houses servers that host information accessed by clients or other networks on the Internet.

Term
3-Leg Perimeter
Definition
A type of DMZ where a firewall has three legs that connect to the LAN, Internet, and the DMZ.
Term
Back to-Back Perimeter
Definition
A type of DMZ where the DMZ is located between the LAN and the Internet.
Term
NAC
Definition

Network Access Control

 

Sets the rules by which connections to a network are governed.

Term
Cloud Computing
Definition
A way of offering on-demand services that extend the capabilities of a person’s computer or an organization’s network.
Term
SaaS
Definition

Software as a Service

 

A cloud computing service where users access applications over the Internet that are provided by a third party.

Term
IaaS
Definition

Infrastructure as a Service

 

A cloud computing service that offers computer networking, storage, load balancing, routing, and VM hosting.

Term
PaaS
Definition

Platform as a Service

 

A cloud computing service that provides various software solutions to organizations especially the ability to develop applications without the cost or administration of a physical platform.

Term
VLAN Hopping
Definition

Virtual Local Area Network Hopping

 

The act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.

Term
Wardialing
Definition
The act of scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to computer networks.
Term
TCP Reset Attack
Definition

Transmission Control Protocol Reset Attack

 

Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.

Term
Implicit Deny
Definition
Denies all traffic to a resource unless the users generating that traffic are specifically granted access to the resource. For example, when a device denies all traffic unless a rule is made to open the port associated with the type of traffic desired to be let through.
Term
TCP/IP Hijacking
Definition

Transmission Control Protocol/Internet Protocol Hijacking

 

When a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access.

Term
MITM Attack
Definition

Man-in-the-Middle Attack

 

A form of eavesdropping that intercepts all data between a client and a server, relaying that information back and forth.

Term
XSS
Definition

Cross-Site Scripting

 

A type of vulnerability found in web applications used with session hijacking.

Term
DoS
Definition

Denial of Service

 

A broad term given to many different types of network attacks that attempt to make computer resources unavailable.

Term
Ping Flood
Definition
A ping flood, also known as an ICMP flood attack, is when an attacker attempts to send many ICMP echo request packets (pings) to a host in an attempt to use up all available bandwidth.
Term
Smurf Attack
Definition
A type of DoS that sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The header of the ICMP echo requests will have a spoofed IP address. That IP address is the target of the Smurf attack. Every computer that replies to the ICMP echo requests will do so to the spoofed IP.
Term
Fraggle
Definition
A type of DoS similar to the Smurf attack, but the traffic sent is UDP echo traffic as opposed to ICMP echo traffic.
Term
PDoS Attack
Definition

Permanent DoS Attack

 

Generally consists of an attacker exploiting security flaws in routers and other networking hardware by flashing the firmware of the device and replacing it with a modified image.

Term
POD
Definition

Ping of Death

 

A type of DoS that sends an oversized and/or malformed packet to another computer.

Term
Fork Bomb
Definition
An attack that works by creating a large number of processes quickly to saturate the available processing space in the computer’s operating system. It is a type of wabbit.
Term
SYN Flood
Definition
A type of DoS where an attacker sends a large amount of SYN request packets to a server in an attempt to deny service.
Term
Teardrop Attack
Definition
A type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.
Term
DDoS
Definition

Distributed Denial of Service

 

An attack in which a group of compromised systems attack a single target, causing a DoS to occur at that host, usually using a botnet.

Term
Spoofing
Definition
When an attacker masquerades as another person by falsifying information.
Term
Phishing
Definition
The criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Term
Replay Attack
Definition
An attack in which valid data transmission is maliciously or fraudulently repeated or delayed.
Term
Nonce
Definition
A random number issued by an authentication protocol that can only be used once.
Term
Null Session
Definition
When used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$).
Term
Domain Name Kiting
Definition
The process of deleting a domain name during the five-day grace period (known as the add grace period or AGP) and immediately reregistering it for another five-day period to keep a domain name indefinitely and for free.
Term
DNS Poisoning
Definition

Domain Name System Poisoning

 

The modification of name resolution information that should be in a DNS server’s cache.

Term
Pharming
Definition
When an attacker redirects one website’s traffic to another bogus and possibly malicious website by modifying a DNS server or hosts file.
Term
ARP Poisoning
Definition

Address Resolution Protocol

 

An attack that exploits Ethernet networks, and it may enable an attacker to sniff frames of information, modify that information, or stop it from getting to its intended destination.

Term
UDP Flood Attack
Definition

User Datagram Protocol Attack

 

A similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process.

Supporting users have an ad free experience!