Upgrade to remove ads
Sec+ Study Terms
Terms in this set (55)
Applications receives more or different input than expected causing the buffer data to overflow. Attackers then overwrite data with malware or it could cause a DoS. NOP x90 written into memory.
Use semi colons & dashes. Stored Procedures helps thwart these attacks.
Cross Site Scripting
Cross Site Forgery
Attackers embed malicious code that tricks the user into performing an action
Maps ip addresses to MAC addresses. Layer 2.
Bluejacking vs Bluesnarfing
BJ- Sending unwanted messages to devices
BS - Gaining unauthorized access to bluetooth devices
Contains a list of hashed passwords. The hash of the original password is then compared with the hashes in the table
Tries to create a hash collision by creating the same hash as the users password
TLS/SSL vs SSH
Captures and analyzes packets on a network. Wireshark is an example
Uses various techniques to gather info about hosts. Nmap, Netcat, Nessus are examples.
Identifies what systems are susceptible to attacks. Passive.
Netstat vs Netcat
Netstat- allows you to view active tcp/ip connections
Netcat- used to remote access linux systems. Can be used for banner grabbing, file transfer, & port scanner.
Network scanner. Shows active hosts ip's, Protocols, & operating system
Captures packets to view in wireshark
Shows current tcp/ip configurations
Verifies dns names & ip address. Dig is for linux systems.
S/MIME & PGP
S/MIME- Used to digitally sign and encrypt email. Uses RSA and AES for encryption
PGP/GPG- Can encrypt, decrypt, and digitally sign email.
RTP/SRTP(Secure real-time protocol)
Delivers audio & video over IP securely.
FTPS vs SFTP
FTPS(FTP Secure TLS)- used tls to encrypt ftp traffic, using ftp tcp ports 20/21.
SFTP(Secure SSH FTP)- uses ssh to transmit files through tcp port 22
Used to monitor and manage network devices such as routers and switches.
SMTP vs POP vs IMAP
SMTP(Simple mail transfer protocol tcp 25)- transfers email between clients and smtp servers
Pop3/spop(post office protocol tcp 110)- transfer email from servers down to clients, copy isnt kept on server.
Imap4/simap(internet message authentication protocol tcp 143)- stores email on email server and allows users to manage and organize email.
RAID 0, 1, 5, 6, 10
0- Striping (2 drives)
1- Mirroring (2 drives)
10- Striping & Mirroring (4 drives)
Remote Authentication (VPNs)
RADIUS- centralized authentication service. Used when you have multiple vpns. Only encrypts passwords 802.1x
TACACS- cisco alternative to radius. Encrypts entire process not just passwords.
PAP(password authentication protocol)- dont use send data cleartext with PPP(point to point)
CHAP(challenge handshake authentication protocol)- uses handshake where both clients know a shared secret (hashed w a nonce) & handshake process is used. Client authenticates to server.
CHAPv2- same as chap except it performs mutual authentication
SAML (security assertion markup language)
Used to exchange authentication and authorization b/w parties. Provides SSO (single signon) for websites.
Uses a federated identity management system that members of the federation use. Links user credentials from different networks or operating systems.
NTLM (new technology lan manager)
Second to kerebros. Suite of protocols that provide authentication, integrity, and confidentiality. NTLMv2 challenge response protocol using hmacmd5. NTLM2 is the best, mutual authentication
BPA, SLA, ISA, MOU/MOA, NDA
BPA(buisness partner agreement)- provides details of a relationship between two people. Such as profits & loss. Helps settle conflicts.
SLA(service level agreement)- between company and vendor that lists performance expectations, includes penalties if expectation is not met.
ISA(Interconnection security agreement)- specified techncial and security requirements for maintaining a secure connection between two or more entities.
MOU/MOA(memorandium of understanding/agreement)- understanding of two parties indicating their intention to work together toward a common goal.
NDA(nondisclosure agreement)- ensures proprietary information isnt shared to unauthorized entities
MTTR, MTBF, RTO, RPO
MTTR(mean time between recover)- time it takes to restore a failed device
MTBF(mean time between failures)- time between device failures
RTO(recovery time objective)- maximum amount of time it can take to recover
RPO(recovery point objective)- maximum amount of data that can be lost
Privacy Impact vs Threshold Assessment
Privacy Impact-identifies and reduces risks relating to loss of PII
Privacy Threshold- identifies if a system is using PII
SLE vs ALE vs ARO
SLE (Single loss expectancy)- cost of a single loss [ale/aro]
ALE (Annual loss exectancy)- annual loss expectancy of a occurence [sle x arp]
ARO (Annual rate of occurrence)- rate at which something occurs [sle x alex
Differential vs Incremental Backups
Differential- (2 disks) backs up all files that have changed since last full backup
Incremental- (daily disks) backsup files that last changed from last incremental backup
Deterrent, Preventive, Detective, Corrective, Compensating, Technical, Administrative, Physical
Deterrent- attempt to discourage a threat(cable locks)
Preventive- prevent security incidents(hardening,user training)
Detective- attempt to detect a vulnerability(log monitoring)
Corrective- reverse the impact of a incident(backups)
Compensating- alternate controls to primary controls.
Technical- controls like antivirus, technology
Administrative- controls like user awareness
Physical- controls like cable locks
Shredding, Pulping, Pulverizing, Purging, Wiping
Shredding- physically shredding papers
Pulping- reduces paper shred to mash
Pulverizing- physically destroying media to sanitize it with hammer
Purging- ensures all sensitive data has been removed from device
Wiping- completely removes all remnants of data on a disk like overwriting
Data Owner vs Custodian vs Privacy Officer
Owner - Defines classification of data
Custodian - Handles task to protect data
Privacy Officer - Make sure company is in compliance with relevant laws
Confusion vs Diffusion
Confusion - Ciphertext is different then plaintext
Diffusion - A little change in plaintext results in a big change in ciphertext
Perfect Forward Secrecy
Characteristic of ephermal keys to make sure that public keys are different and don't get reused.
What are the Symmetric Algorithms?
AES- Not resource intensive, widely used. 128, 192, 256 bit key. 128 bit blocks
DES- Shouldnt be used. 56 bit key.
3DES- Replacement of DES. Okay to use but more resource intensive than AES. 56, 112, 168 bit keys. 64 bit blocks.
RC4- Dont Use. Stream Cipher.
BLOWFISH- 32 to 448 bit keys, faster than AES since it encrypts in smaller blocks. 64 bit blocks.
TWOFISH- Similar to AES, rarely used.
Cipher Modes: ECB, CBC, CTM, GCM
ECB (Electronic Cookbook)- Uses same key for encryption. Shouldn't use.
CBC (Cipher Block Chaining)- Suffers from pipeline delays since it relies on the previous block to encrypt.
CTM (Counter Mode)- Block mode to stream cipher. Uses IV & counter to encrypt. Widely Used.
GCM (Galios/Counter)- Combines counter mode with Galios authentication of data. Widely Used.
Stream vs Block Cipher
Stream- encrypts data as a stream of bits rather than a block. Used when size of data is unknown or data is sent in continuous stream like music.
Block- encrypts data as a block (ie 64 bit, 128bit). Used for larger files/messages.
RSA- Very Strong, used prime numbers to generate keys.
Diffie-Hellman (DHE)- Key Exchange used to share symmetric keys between parties.
(ECDHE)- Uses ECC
Elliptic Curve (ECC)- Takes low processing power. Uses graphs to create keys, used with mobile devices.
Hashing Algorithims: MD5, SHA, HMAC, RIPEMD
MD5- Dont Use 128 bit
SHA 2- Recommended 224, 256, 384, 512 bits
HMAC- Uses a shared key on top of the hash. Provides authenticity as well as integrity
RIPEMD- Rarely used 128, 160, 256, 320 bits
Key Stretching Algorithims
BCRYPT- Bases on blowfish block cipher to salt
PBKDF2- Uses pseudo random function & 64 bit salts
Wireless Protocols: WPA, WPA2, CCMP, AES, TKIP
WPA (wifi protected access)- replacement for wep. Users didnt have to upgrade equipment. Shouldnt be used.
WPA2 (802.11i)- permanent replacement for wpa. Uses strong cryptography like CCMP.
CCMP (cipher block chaining message)-
TKIP- older encryption protcol. Doesnt require new hardware
AES- upgrade over tkip. Supported by wpa
Wireless Authentication Protocols: EAP, PEAP, EAP-TTLS, EAP-TLS, EAP-FAST
EAP- provides method to create a secure encryption key. Tkip & aes ccmp use this.
PEAP(Protected eap) encapsulates eap conversation in TLS tunnel. Requires cert on server
EAP-TTLS (eap tunneled tls)- extension of peap, allows old authentication protocols like pap to be used with tls tunnel. Requires cert on server
EAP-TLS- requires cert on server and clients
EAP-FAST- replaces leap supports certificates but optionals
PSK vs Enterprise vs Open vs WPS
PSK (pre shared key)- access wireless anonymously by a passphrase or psk.
Enterprise- forces users to authenticate w credentials. Uses 802.1x usually with radius
Open- no security
WPS- allows configuration of wireless devices by using a pin or pressing buttons (vulnerable to attack)
CRL vs CSR vs OSCP
CSR (Certificate Signing Request)- What you use to request certificates
CRL (Certification Revocation List)- clients have to request a copy from the CA
OCSP (Online certificate status protocol)- clients can query CA with certificate serial number for real time response. Cause CA to respond to every OCSP request so stapling was made.
Public Key Pinning vs OCSP Stapling
Pinning- prevents attacks from impersonating a website using fraudulent certificates. Servers responds to clients w public key hashes.
OCSP stapling- during the client handshake the certificate presenter staples a timestamped ocsp response to the certificate. Client doesnt need to query CA.
Places a private key in a safe environment for recovery.
Certificate Types: Wildcard, Certificate Chaining, web of trust/decentralized, SAN
Wildcard- same certificate can be used for multiple domains that have the same root domain. (support.google.com & answers.google.com)
Certificate Chaining- combines are certificates
Web of trust/decentralized- trusts certs that are self signed or by third party.
SAN (Subject Alternative Name)- same cert can be used for multiple root domains if they are owned by the same organization
Certificate Formats: DER, PEM, PFX, CER, P12, P7B
Gains information about a remote system, identifies operating system. Netcat uses it.
Network authentication. Users get issued tickets which proves authentication. Uses a database like active directory & KDC & TGT.
Federate identity solution, open source
IPsec AH vs ESP
AH - includes a authentication header that Authenticates between ip sec conversations before exchanging data. authentication + integrity 51
ESP - Encrypts data, uses AH and adds confidentiality. 50
YOU MIGHT ALSO LIKE...
Security+ Chapter 9
Domain 6 - Cryptography - Security Plus
Domain 6: Cryptography (11%)
Cryptography and PKI [Security+ PluralSight Notes]
OTHER SETS BY THIS CREATOR
Ch 8 Sec+
Ch 7 Sec +
Ch 6 Sec +
Ch 5 Sec+