70 terms

Advance Networking Chp. 4 & 5

Vulnerability Assessment and Mitigating Attacks; Host, Application, and Data Security
The first step in a vulnerability assessment is to determine the assets that need to be protected.
If port 20 is available, then an attacker can assume that FTP is being used.
Vulnerability scans are usually performed from outside the security perimeter.
In an empty box test, the tester has no prior knowledge of the network infrastructure that is being tested.
A healthy security posture results from a sound and workable strategy toward managing risks.
Securing the host involves protecting the physical device itself, securing the operating system software on the system, using security-based software applications, and monitoring logs.
Keyed entry locks are much more difficult to defeat than deadbolt locks.
Cipher locks are the same as combination padlocks.
Data, once restricted to papers in the office filing cabinet, now flows freely both in and out of organizations, among employees, customers, contractors, and business partners.
When a policy violation is detected by the DLP agent, it is reported back to the DLP server.
The goal of ____ is to better understand who the attackers are, why they attack, and what types of attacks might occur.
Threat Modeling
A ____ in effect takes a snapshot of the current security of the organization.
vulnerability appraisal
The ____ is the expected monetary loss every time a risk occurs.
____ is the proportion of an asset's value that is likely to be destroyed by a particular risk.
Exposure Factor (EF)
____ is the probability that a risk will occur in a particular year
Annualized Rate of Occurrence (ARO)
____ is a means by which an organization can transfer the risk to a third party who can demonstrate a higher capability at managing or reducing risks.
A ____ outlines the major security considerations for a system and becomes the starting point for solid security.
____ is a comparison of the present state of a system compared to its baseline.
Baseline reporting
While the code for a program is being written, it is being analyzed by a ____.
code review
The ____ for software is the code that can be executed by unauthorized users.
attack surface
When performing a vulnerability assessment, many organizations use ____ software to search a system for any port vulnerabilities.
port scanner
A(n) ____ means that the application or service assigned to that port is listening for any instructions.
open port
A(n) ____ indicates that no process is listening at this port.
Closed Port
A(n) ____ is hardware or software that captures packets to decode and analyze its contents.
protocol analyzer
A ____ is a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
A ____ is a network set up with intentional vulnerabilities.
A security weakness is known as a(n) ____.
A(n) ____ examines the current security in a passive method.
vulnerability scan
The end product of a penetration test is the penetration ____.
test report
A ____ tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications.
white box
Released in 1995, one of the first tools that was widely used for penetration testing was ____.
____ are combination locks that use buttons which must be pushed in the proper sequence to open the door.
Cipher Locks
____ use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated.
Tailgate sensors
Instead of using a key or entering a code to open a door, a user can display a ____ to identify herself.
Physical Token
The signal from an ID badge is detected as the owner moves near a ____, which receives the signal.
proximity reader
ID badges that can be detected by a proximity reader are often fitted with tiny radio ____ tags.
Passive tags have ranges from about 1/3 inch to ____ feet.
A ____ is designed to separate a nonsecured area from a secured area.
Using video cameras to transmit a signal to a specific and limited set of receivers is called ____.
Securing a restricted area by erecting a barrier is called ____.
A ____ can be inserted into the security slot of a portable device and rotated so that the cable lock is secured to the device, while a cable connected to the lock can then be secured to a desk or immobile object.
Cable Lock
An anti-climb collar is a ____ that extends horizontally for up to 3 feet (1 meter) from the pole to prevent anyone from climbing.
spiked collar
A ____ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.
roller barrier
____ can be prewired for electrical power as well as wired network connections.
Locking Cabinet
A ____ outlines the major security considerations for a system and becomes the starting point for solid security.
In Microsoft Windows, a ____ is a collection of security configuration settings.
security template
A ____ is software that is a cumulative package of all security updates plus additional features.
service pack
In ____, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer.
heuristic detection
A(n) ____ is hardware or software that is designed to prevent malicious packets from entering or leaving computers.
____ is a system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected.
DLP (Data Loss Prevention)
____ is defined as a security analysis of the transaction within its approved context.
Content inspection
Each host (desktop, wireless laptop, smartphone, gateway server) runs a local application called a ____, which is sent over the network to the devices and runs as an OS service.
DLP Agent
A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is potentially harmful
Vulnerability assessment
Identify what needs to be protected
Asset identification
Identifying what the pressures are against a company
Threat evaluation
Identifying how susceptible the current protection is
Vulnerability appraisal
Identify what damages could result from the threats
Risk assessment
Identify what to do about threats
Risk mitigation
An automated software search through a system for any known security weaknesses
Vulnerability scan
Designed to actually exploit any weaknesses in systems that are vulnerable
Penetration testing
Eliminating as many security risks as possible and make the system more secure
Use a key to open the lock from the outside
Keyed entry locks
Lock the door but have access to unlock from the outside via a small hole
Privacy locks
Lock the door from the inside but cannot be unlocked from the outside
Patio locks
Latch a door closed yet do not lock; typically used on hall and closet doors
Passage locks
Most common type of door lock for keeping out intruders, but its security is minimal
Standard keyed entry locks
Extends a solid metal bar into the door frame for extra security
Deadbolt locks
The outside is always locked, entry is by key only, and the inside lever is always unlocked
Storeroom locks
The outside can be locked or unlocked, and the inside lever is always unlocked
Classroom locks
Include a keyed cylinder in both the outside and inside knobs so that a key in either knob locks or unlocks both at the same time
Store entry double cylinder locks