Level 93 Level 95
73 words 0 ignored
Ready to learn Ready to review
Check the boxes below to ignore/unignore words, then click save at the bottom. Ignored words will never appear in any learning session.
10 to 14
A study by Foote Partners showed that security certifications earn employees __________ percent more pay than their uncertified counterparts.
A role on the team for allocating resources.
In information security, a loss can be ____.
theft of information, a delay in transmitting information that results in a financial penalty, the loss of good will or a reputation
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as __________.
The single most expensive malicious attack was the 2000 __________, which cost an estimated $8.7 billion.
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?
__________ attacks are responsible for half of all malware delivered by Web advertising.
__________ ensures that information is correct and that no unauthorized person or malicious software has altered that data.
__________ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.
The term __________ is frequently used to describe the tasks of securing information that is in a digital format.
A computer __________ is malicious computer code that reproduces itself on the same computer.
A __________ is a program advertised as performing one activity but actually does something else.
A __________ virus infects program executable files.
A __________ virus infects the Master Boot Record of a hard disk drive.
A __________ virus is loaded into random access memory (RAM) each time the computer is turned on and infects files that are opened by the user or the operating system.
The most popular attack toolkit, which has almost half of the attacker toolkit market is __________.
__________ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
__________ is when an attacker tricks users into giving out information or performing a compromising action.
__________ uses "speckling" and different colors so that no two spam e-mails appear to be the same.
A __________ attack is similar to a passive man-in-the-middle attack.
For a Web server's Linux system, the default root directory is typically __________.
The default root directory of the Microsoft Internet Information Services (IIS) Web server is __________.
whatever' AND 1=(SELECT COUNT(*) FROM tabname); --
The SQL injection statement __________ discovers the name of a table.
whatever' OR full_name LIKE '%Mia%'
The SQL injection statement __________ finds specific users.
The __________ is part of an HTTP packet that is composed of fields that contain the different characteristics of the data being transmitted.
Web application attacks are considered __________ attacks.
When DNS servers exchange information among themselves it is known as a __________.
Domain Name System
SQL (sequel, or s-q-l)
__________ is a language used to view and manipulate data that is stored in a relational database.
A __________ in effect takes a snapshot of the current security of the organization.
A __________ outlines the major security considerations for a system and becomes the starting point for solid security.
A(n) __________ examines the current security in a passive method.
A(n) __________ indicates that no process is listening at this port.
A(n) __________ is hardware or software that captures packets to decode and ANALYZE its contents.
SATAN (LOL what a name, easily remembered!)
Released in 1995, one of the first tools that was widely used for penetration testing was __________.
The end product of a penetration test is the penetration __________.
When performing a vulnerability assessment, many organizations use __________ software to search a system for any PORT vulnerabilities.
__________ is a comparison of the present state of a system compared to its BASELINE.
ARO (Annual rate of occurrence)
__________ is the probability that a risk will OCCUR in a particular year.
A __________ can be inserted into the security slot of a portable device and rotated so that the CABLE LOCK is secured to the device, while a cable connected to the lock can the…
A __________ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.
(computing) a security system consisting of a combination of hardware and software that limits the exposure of a computer or computer network to attack from crackers
In __________, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer.
Passive tags have ranges from about 1/3 inch to __________ feet.
The signal from an ID badge is detected as the owner moves near a __________, which receives the signal.
__________ are combination locks that use buttons which must be pushed in the proper sequence to open the door.
__________ can be prewired for electrical power as well as wired network connections.
__________ use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated.
VLAN (virtual local area network)
A __________ allows scattered users to be logically grouped together even though they may be attached to different switches.
Combination of identifiers, return value, name and parameters of a method. Example: public int calculateMonth(String name)
DMZ (demilitarized zone, or a network perimeter)
In order to allow untrusted outside users access to resources such as Web servers, most networks employ a __________.
IP addresses are __________-bit addresses.
Session (OSI model counts from the bottom up!)
Layer 5 of the OSI model is the __________ layer.
__________ IP addresses are IP addresses that are not assigned to any specific user or organization.
NAT (network address translation)
__________ is a technique that allows private IP addresses to be used on the public Internet.
__________ is a technology that can help to evenly distribute work across a network.
__________ provides REMOTE users with the same access and functionality as local users through a VPN or dial-up connection.
__________ switches are connected directly to the devices on a network.
A __________ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.
BIND ("Berkeley Internet Name Domain")
DNS poisoning can be prevented by using the latest editions of the DNS software known as __________.
Cloud Software as a Service
In the __________ model, the cloud computing vendor provides access to the vendor's software applications running on a cloud infrastructure.
Network Layer (#3)
IP is the protocol that functions primarily at the Open Systems Interconnection (OSI) __________.
a cluster of computers. In a network, the server computer provides network services to the client computers on that network.
Server virtualization typically relies on the __________, which is software that runs on a physical computer to manage one or more virtual machine operating systems.
SNMP agents are protected with a password known as a(n) __________ in order to prevent unauthorized users from taking control over a device.
Transport Layer (#4)
TCP is the main __________ protocol that is responsible for establishing connections and the reliable data TRANSPORT between devices.
A packet-switching protocol that is actually a set of related protocols that can guarantee packets are delivered in the correct oder and can handle differences in transmission and reception rates
A client-side attack that results in a user's computer becoming compromised just by viewing a Web page and not even clicking any content is known as a __________.
A __________ can create entries in a LOG for all queries that are received.
A __________ forwards packets across computer networks.
A __________ is a computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user.
A __________ is a series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks.
A __________ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms.