Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
64 Cards in this Set
- Front
- Back
|
ACK |
Acknowledgement Number |
|
|
connection-oriented protocol |
TCP -means the sender doesn't send any data to the destinations node until the destination acknowledges that its listening to the sender. |
|
|
connectionless protocol |
User Datagram Protocol - operates on transport layer- used for speed |
|
|
Initial Sequence Number (ISN) |
is a 32 bit number, Track packets received by a node, allows reassembly of large packets that were broken into smaller packets, It is in steps 1 and 2 of the TCP three way handshake. sent SYN and returned in the SYN ACK packet. |
|
|
Internet Assigned Numbers Authority ,(IANA) |
The global coordination of the DNS Root, IP addressing numbers. |
|
|
Internet Control Message Protocol (ICMP) |
Helps troubleshoot network connectivity problems, ping command, tracks the route a packet traverses, traceroute command |
|
|
TCP three way handshake |
computer A sends computer B a SYN packet computer B replies with a SYN-ACK packet Computer A replies with an ACK packet |
|
|
SYN Packet |
Synchronized message to the server |
|
|
Port |
Logical, not physical, TCP connection component, identifies running service, helps you stop or disable unneeded services more running services, more ports open for attack. |
|
|
TCP packet |
Two 16-bit fields, contains source and destination port numbers |
|
|
Protocol |
Language used by computers to communicate |
|
|
Transmission Control Protocol/ Internet Protocol (TCP/IP) |
Most widely used |
|
|
TCP/IP Stack |
4 Distinct Layers: Network Internet Transport Application |
|
|
TCP Flag |
Each flag occupies one bit of the TCP segment, SIX TCP FLAGS: SYN flag- synch flag ACK flag- acknowledgement flag PSH flag-push flag URG flag-urgent flag RST flag- reset flag FIN flag- finish flag |
|
|
Port 25 |
Simple Mail Transfer Protocol (SMTP) email servers listen on this port |
|
|
Port 53 |
Domain Name Service (DNS) Used to connect users to web sites using URLS instead of IP addresses. |
|
|
Port 80 |
Hypertext Transfer Protocol (HTTP) used when connecting to a Web Server |
|
|
Port 443 |
Secure Hypertext Transfer Protocol reserved for secure connections to a Web server |
|
|
Port 110 |
Post Office Protocol 3 (POP3) Used for retrieving e-mail |
|
|
User Datagram Protocol (UDP) |
Fast but unreliable delivery protocol Operates on transport layer used for speed does not need to verify if receiver is listening or ready, connectionless protocol |
|
|
IP Address |
Class A 1-126, Class B 128-191, Class C 192-223 It is composed of 4 bytes, one byte is equal to 8 bits which is an octet |
|
|
Class C |
supports 254 host computers |
|
|
HEX C1, DEC 193 |
BIN 1100 0001 |
|
|
adware |
installed without users being aware, determines users purchasing habits, slows down computers |
|
|
Attack |
Any attempt by an unauthorised person to access damage, or use network resources. Usually happens when a weakness or a vulnerability is exploited. |
|
|
backdoor |
allows attackers remote access also called rootkits they are created after an attack and usually hide in OS tools, delivered through trojan programs |
|
|
bot net |
a network of private computers infected with malicious software and controlled as a group without the owners knowledge, ex to send spam |
|
|
Exploit |
A specially crafted string of data intended to take advantage of a vulnerability. |
|
|
Network Security |
Concern with security of network infastructure |
|
|
Computer Security |
Concern with security of a stand alone computer, not part of a network Infrastructure. |
|
|
Denial of Service Attacks |
Prevents legitimate users form accessing network resources Attackers do not attempt to access information, may just want to cripple the network |
|
|
Distributed Denial of Service Attacks |
Attack on host from multiple servers or workstations, network could be flooded with billions of packets resulting in a loss of bandwidth and degradation or loss of speed. Participants are not aware they are part of the attacks. |
|
|
Dark DDoS |
It is a smokescreen to distract network defenders form the real attack occuring. |
|
|
Buffer Overflow Attacks |
Attacker finds a vulnerability in poorly written code, no check for amount of memory space use, it fills the buffer with executable code, os runs the code and code elevates attackers permissions to administrator or owner or creator |
|
|
Eavesdropping |
Attacker listens in on unencrypted network communications, to gather information that can be used to extend attack. This is accomplished with sniffing tools designed to capture copies of packets being sent across a network. Must encrypt communications. |
|
|
Man in the Middle |
Attacker injects themselves between two parties or systems communicating in order manipulating messages being passed back and forth. |
|
|
Network Session Hijacking |
Attacker joins TCP session and makes both parties think he or she is the other party, Complex attack |
|
|
Ping of death attack |
Type of DOS attack not as common since the late 1990s, attacker creates large ICMP packet , it is then segmented and then reassembled as an oversize packet that the Destination point cant handle. |
|
|
Malware |
Malicious software that attacks a network which prevents a business from operating. Viruses, worms, Trojan programs, and the main goal is to make money. |
|
|
Viruses |
A program that attaches itself to a file or another program. Needs host to replicate, Does not stand on its own, no foolproof prevention method. Phishing and ransomware. |
|
|
Antivirus programs |
Detection based on virus signatures, must update periodically. Run a base 64 decoder on email attachments to see if malware or viruses are detected. |
|
|
Macro virus |
A virus encoded as a macro in programs that support a macro programming language. basically a list of commands can be use in destructive ways. Instructions posted on websites. |
|
|
Worms |
A program that replicates and propagates without host. , theoretically can infect every computer in the world. Some worms have cost businesses billions. caused by down computer time, recovering lost data and hiring of IT personnel. |
|
|
Trojan Programs |
Insidious attacks against networks and computers, disguise themselves as useful programs, can install backdoors and rootkits. prevent with good software and hardware firewall.trojans can use port 80 and port 53. |
|
|
Spyware |
Sends information form infected computer to attacker, ex. financial data, passwords, pins and can register each keystroke entered. |
|
|
Whitelisting |
Allows only approved programs to run on computers |
|
|
Keyloggers |
Used to capture keystrokes on a computer, software-loaded on Computer, hardware- easy to install device between keyboard and computer. also available as spyware and can be sent over e-mail. |
|
|
Shell (Backdoor) |
Malicious piece of code that can be uploaded to site to gain access to files stored on the site. Once uploaded hacker can use it to edit, delete, or download any files on the site. Usually uploaded to websites to gain root access to the site. |
|
|
Zombies |
Bots that perform malicious tasks allowing an attacker to take complete control over an infected computer which gives the attacker complete control turning the computer into a zombie. |
|
|
bot |
type of software application or script that performs tasks on command like indexing a search engine and good at performing repetitive tasks. |
|
|
ransomware |
type of malicious software designed to block access to a computer system until a sum of money is paid. |
|
|
Competitive Intelligence |
Gathering information using technology |
|
|
Cookie |
Text file generated by a web server, stored on users web browser used to customize web page when user returns |
|
|
Dumpster Diving |
Attacker finds information in victims trash, ex computer manuals, passcodes jotted down, company phone directories, resumes, finacial reports, Format disks before disposing them. |
|
|
footprinting |
finding information on company's network, passive and nonintrusive, may also be called reconnaissance. |
|
|
Piggybacking |
Trailing closely behind an employee cleared to enter restricted areas. |
|
|
Phishing |
Email urging you to update account details, send you to visit a fake web site. |
|
|
Spear phishing |
Combines social engineering and exploiting vulnerabilities. Email attacks directed at specific people. |
|
|
Shoulder surfing |
reads what users enter on keyboards, uses binoculars and knows popular letter substitutions. |
|
|
social engineering |
Targets the human component of a network, goal is to obtain confidential information and other personal information. Gained persuasion, coercion, intimidation, and extortion. Biggest security threat, most difficult to protect against. Study of human behavior. |
|
|
Web Bug |
1x1 pixel image file, usually works with a cookie, clear gif, to be invisible to users, similar to spyware or adware. |
|
|
Spidering |
Also called web crawler, it is an internet bot that systematically browses the internet typically for the purpose of web indexing. can validate hyperlinks and html code. |
|
|
Zone Transfers |
It is the process, After determining what name server a company is using, you can attempt to transfer all the records for which the DNS server is responsible. |
|
|
DNS |
Domain Name System, resolves host names to IP addresses, people prefer url's to IP addresses. DNS is vulnerable for network attacks. |
