EIWS COMMON CORE (108 Networks)

Terms in this set (12)

a. Host/Client: A host provides the service to the client who is in need of a certain service or function.
b. Application Server: Provides remote application services to clients who request it in a network environment.
c. Hub: A network hub or repeater hub is a device for connecting multiple twisted pair or fiber optic Ethernet devices together and making them act as a single network segment.
d. Switch: Is a hardware device that joins multiple computers together within one local area network (LAN).
e. Router: a router is defined as a device that selects the best path for a data packet to be sent from one computer network to another.
f. WAP: A Wireless Access Point is a device that allows wireless devices to connect to a network via Wi-Fi.
g. Proxy Server: A buffer between the internet and a user to improve security by making requests to other servers for the client, and by evaluating, filtering the requests, and caching information.
h. Firewall: A security device that all traffic coming into and leaving a network traverses, and according to rules, filters and allows only approved traffic.
i. VPN Concentrator: A Virtual Private Network concentrator is a network device that allows a user to remotely access the network in a secure tunnel.
j. Back-up: Copy of settings, or software that is created in case there is an issue with the current data, and the current data needs to be restored.
k. Repeater: A network device that allows for a network cable to be lengthened further than what the cable standard would normally allow, by refreshing the signal and resending it.
a. DoDN (GIG): Department of Defense Global Information Grid is a never ending network of information capabilities for collecting, processing, storing, and managing information on demand to ships, jets, personnel on the ground and at sea.
b. DISN: Defense Information System Network Video Services are part of the Defense Information Systems Agency (DISA), Global Information Grid (GIG), Combat Support (NS5), which is responsible for managing and overseeing VTC operations on the Defense Information System Network (DISN). Locations: CONUS (Continental United States), Europe, PAC (Pacific) SWA (Southwest Asia)
c. NMCI: The Navy Marine Corps Intranet (NMCI) is the first-of-its-kind approach to information services consolidation, technology standardization and enterprise-wide oversight of network operations in the Department of Defense. NMCI is far more than just a network for the Navy and the Marine Corps—it is a unified, stable and secure IT platform that supports broader strategic objectives and advances the Navy's transition to a net-centric environment.
d. ONENET: A Navy-wide initiative to install a common and secure IT infrastructure to OCONUS Navy locations. It is based on the Navy-Marine Corps Intranet (NMCI) architecture and is designed to be interoperable with IT-21, NMCI, and the Global Information Grid in the near future.
e. IT21: The security posture for each IT-21 FLTNOC is independently administered but centrally governed by the Chief of Naval Operations (CNO)/NETWARCOM Unclassified Trusted Network Protect (UTN Protect) firewall policy. Used afloat
a. Network Enumeration [ref. c]: The creation of a list or inventory of items.
b. Buffer Overflow [ref. c]: A situation where a program writes data beyond the buffer space allocated in memory. This can result in other valid memory being overwritten.
c. SQL Injection [ref. c]: The purpose of SQL injection is to convince the application to run SQL code that was not intended. SQL Server injection vulnerabilities are caused by the same issue: invalid parameters that are not verified by the application.
d. Dictionary Attack [ref. c]: A dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words for example a dictionary (hence the phrase dictionary attack) or a bible etc. Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries or simple, easily-predicted variations on words, such as appending a digit. Can compromise a computer password.
e. Privilege Escalation [ref. c]: Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions.
f. Brute Force Attack [ref. c]: Brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It involves systematically checking all possible keys until the correct key is found.
g. Social Engineering [ref. c]: Social engineering is the art of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access