Level 93 Level 95
Level 94

Guide to Network Security Fundamentals


73 words 0 ignored

Ready to learn       Ready to review

Ignore words

Check the boxes below to ignore/unignore words, then click save at the bottom. Ignored words will never appear in any learning session.

All None

Ignore?
10 to 14
A study by Foote Partners showed that security certifications earn employees __________ percent more pay than their uncertified counterparts.
Manager
A role on the team for allocating resources.
In information security, a loss can be ____.
theft of information, a delay in transmitting information that results in a financial penalty, the loss of good will or a reputation
cybercrime
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as __________.
Love Bug
The single most expensive malicious attack was the 2000 __________, which cost an estimated $8.7 billion.
$250,000
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?
Fake antivirus
__________ attacks are responsible for half of all malware delivered by Web advertising.
Integrity
__________ ensures that information is correct and that no unauthorized person or malicious software has altered that data.
Authentication
__________ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.
Information Security
The term __________ is frequently used to describe the tasks of securing information that is in a digital format.
Virus
A computer __________ is malicious computer code that reproduces itself on the same computer.
Trojan
A __________ is a program advertised as performing one activity but actually does something else.
Program
A __________ virus infects program executable files.
Boot
A __________ virus infects the Master Boot Record of a hard disk drive.
Resident
A __________ virus is loaded into random access memory (RAM) each time the computer is turned on and infects files that are opened by the user or the operating system.
MPack
The most popular attack toolkit, which has almost half of the attacker toolkit market is __________.
Adware
__________ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
Social engineering
__________ is when an attacker tricks users into giving out information or performing a compromising action.
Geometric variance
__________ uses "speckling" and different colors so that no two spam e-mails appear to be the same.
replay
A __________ attack is similar to a passive man-in-the-middle attack.
/var/www
For a Web server's Linux system, the default root directory is typically __________.
C:\Inetpub\ wwwroot
The default root directory of the Microsoft Internet Information Services (IIS) Web server is __________.
whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
The SQL injection statement __________ discovers the name of a table.
whatever' OR full_name LIKE '%Mia%'
The SQL injection statement __________ finds specific users.
HTTP header
The __________ is part of an HTTP packet that is composed of fields that contain the different characteristics of the data being transmitted.
server-side
Web application attacks are considered __________ attacks.
zone-transfer
When DNS servers exchange information among themselves it is known as a __________.
DNS
Domain Name System
SQL (sequel, or s-q-l)
__________ is a language used to view and manipulate data that is stored in a relational database.
vulnerability appraisal
A __________ in effect takes a snapshot of the current security of the organization.
baseline
A __________ outlines the major security considerations for a system and becomes the starting point for solid security.
vulnerability scan
A(n) __________ examines the current security in a passive method.
closed port
A(n) __________ indicates that no process is listening at this port.
protocol analyzer
A(n) __________ is hardware or software that captures packets to decode and ANALYZE its contents.
SATAN (LOL what a name, easily remembered!)
Released in 1995, one of the first tools that was widely used for penetration testing was __________.
test report
The end product of a penetration test is the penetration __________.
port scanner
When performing a vulnerability assessment, many organizations use __________ software to search a system for any PORT vulnerabilities.
baseline reporting
__________ is a comparison of the present state of a system compared to its BASELINE.
ARO (Annual rate of occurrence)
__________ is the probability that a risk will OCCUR in a particular year.
cable lock
A __________ can be inserted into the security slot of a portable device and rotated so that the CABLE LOCK is secured to the device, while a cable connected to the lock can the…
roller barrier
A __________ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.
Firewall
(computing) a security system consisting of a combination of hardware and software that limits the exposure of a computer or computer network to attack from crackers
heuristic detection
In __________, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer.
19
Passive tags have ranges from about 1/3 inch to __________ feet.
proximity reader
The signal from an ID badge is detected as the owner moves near a __________, which receives the signal.
cipher locks
__________ are combination locks that use buttons which must be pushed in the proper sequence to open the door.
locking cabinets
__________ can be prewired for electrical power as well as wired network connections.
tailgate sensors
__________ use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated.
VLAN (virtual local area network)
A __________ allows scattered users to be logically grouped together even though they may be attached to different switches.
signature
Combination of identifiers, return value, name and parameters of a method. Example: public int calculateMonth(String name)
DMZ (demilitarized zone, or a network perimeter)
In order to allow untrusted outside users access to resources such as Web servers, most networks employ a __________.
32
IP addresses are __________-bit addresses.
Session (OSI model counts from the bottom up!)
Layer 5 of the OSI model is the __________ layer.
Private
__________ IP addresses are IP addresses that are not assigned to any specific user or organization.
NAT (network address translation)
__________ is a technique that allows private IP addresses to be used on the public Internet.
Load balancing
__________ is a technology that can help to evenly distribute work across a network.
Remote access
__________ provides REMOTE users with the same access and functionality as local users through a VPN or dial-up connection.
Workgroup
__________ switches are connected directly to the devices on a network.
flood guard
A __________ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.
BIND ("Berkeley Internet Name Domain")
DNS poisoning can be prevented by using the latest editions of the DNS software known as __________.
Cloud Software as a Service
In the __________ model, the cloud computing vendor provides access to the vendor's software applications running on a cloud infrastructure.
Network Layer (#3)
IP is the protocol that functions primarily at the Open Systems Interconnection (OSI) __________.
network
a cluster of computers. In a network, the server computer provides network services to the client computers on that network.
hypervisor
Server virtualization typically relies on the __________, which is software that runs on a physical computer to manage one or more virtual machine operating systems.
community string
SNMP agents are protected with a password known as a(n) __________ in order to prevent unauthorized users from taking control over a device.
Transport Layer (#4)
TCP is the main __________ protocol that is responsible for establishing connections and the reliable data TRANSPORT between devices.
TCP/IP
A packet-switching protocol that is actually a set of related protocols that can guarantee packets are delivered in the correct oder and can handle differences in transmission and reception rates
drive-by-download
A client-side attack that results in a user's computer becoming compromised just by viewing a Web page and not even clicking any content is known as a __________.
DNS log
A __________ can create entries in a LOG for all queries that are received.
router
A __________ forwards packets across computer networks.
proxy server
A __________ is a computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user.
macro
A __________ is a series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks.
rootkit
A __________ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms.