Level 94 Level 96
Level 95

Guide to Network Security Fundamentals II


71 words 0 ignored

Ready to learn       Ready to review

Ignore words

Check the boxes below to ignore/unignore words, then click save at the bottom. Ignored words will never appear in any learning session.

All None

Ignore?
service pack
A __________ is software that is a cumulative package of all security updates plus additional features.
VPN (virtual private network)
A(n) __________ encrypts all data that is transmitted between the remote device and the network.
endpoint
A(n) __________ is the end of the tunnel between VPN devices.
companion
A(n) __________ virus adds a program to the operating system that is a malicious copycat version to a legitimate program.
loop protection
Broadcast storms can be prevented with __________.
data
Business __________ theft involves stealing proprietary business INFORMATION such as research for a new drug or a list of customers that competitors are eager to acquire.
DLP agent (Data Loss Prevention)
Each host (desktop, wireless laptop, smartphone, gateway server) runs a local application called a __________, which is sent over the network to the devices and runs as an OS service.
threat modeling
The goal of __________ is to better understand who the attackers are, why they attack, and what types of attacks might occur.
HIPAA (Health Insurance Portability and Accountability Act of 1996)
Under the __________, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.
replicating
Viruses and worms are said to be self-__________.
session hijacking
__________ is an attack in which an attacker attempts to impersonate the user by using his SESSION token.
XML (extensible markup language)
__________ is for the transport and storage of data, with the focus on what the data is.
AP (access point)
A(n) __________ acts as the "base station" for the wireless network.
EAP (extensible authentication protocol)
__________ is a framework for transporting authentication protocols instead of the authentication protocol itself.
Personal Area Network
Bluetooth is a __________ technology designed for data communication over short distances.
33
Most Bluetooth devices use a Class 2 radio that has a range of __________ feet.
active
Slave devices that are connected to the piconet and are sending transmissions are known as __________ slaves.
Rogue
__________ access points are serious threats to network security because they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data.
Bluejacking
__________ is an attack that sends unsolicited messages to BLUEtooth-enabled devices.
CRC (cyclic redundancy check)
__________ is designed to detect any changes in a packet, whether accidental or intentional.
LEAP (lightweight extensible authentication protocol)
__________ requires mutual authentication used for WLAN encryption using Cisco client software.
identification
A user accessing a computer system must present credentials or __________ when logging on to the system.
authentication request
During RADIUS AUTHENTICATION the AP, serving as the authenticator that will accept or reject the wireless device, creates a data packet from this information called the
DIT (directory information tree)
Entries in the DIB are arranged in a tree structure called the __________.
operation
The action that is taken by the subject over the object is called a(n) __________.
LDAP (lightweight directory access protocol)
The X.500 standard defines a protocol for a client application to access an X.500 DIRECTORY called __________.
DAC (discretionary access control)
The __________ model is the least restrictive.
Account Expiration
__________ indicates when an account is no longer active.
Rule Based Access Control
__________ is often used for managing user access to one or more systems.
RADIUS (Remote Authentication Dial In User Service)
__________ is suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network.
separation of duties
__________ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be DIVIDED between two or more individuals.
trusted OS
An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a __________.
computer footprint
If a user typically accesses his bank's Web site from his home computer on nights and weekends, then this information can be used to establish a __________ of typical access.
CardSpace
Windows __________ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy.
hybrid
The __________ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or %.
federated identity management
Windows Live ID was originally designed as a __________ system that would be used by a wide variety of Web servers.
speech recognition
__________ accepts spoken words for input as if they had been typed on the keyboard.
standard biometrics
__________ can use fingerprints or other unique characteristics of a person's face, hands, or eyes (irises and retinas) to authenticate a user.
SSO (single sign-on)
__________ holds the promise of reducing the number of usernames and passwords that users must memorize.
Cognitive biometrics
__________ is related to the perception, THOUGHT process, and under - standing of the user.
identity management
__________ is using a single authentication credential that is shared across multiple networks.
transposition
A __________ cipher rearranges letters without changing them.
Julius Caesar
One of the most famous ancient cryptographers was __________.
Blowfish
The algorithm __________ is a BLOck cipher that operates on 64-bit BLOcks and can have a key length from 32 to 448 bits.
substitution
The simplest type of stream cipher is a __________ cipher.
RSA (Rivest-Shamir-Adleman)
The __________ algorithm is the most common asymmetric cryptography algorithm and is the basis for several products.
TPM (trusted platform module)
The __________ is essentially a chip on the motherboard of the computer that provides cryptographic services.
AES (advanced encryption standard)
The__________ is a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES.
Asymmetric
__________ encryption uses two keys instead of only one and these keys are mathematically related.
Whirlpool
__________ is a relatively recent cryptographic hash function that has received international recognition and adoption by standards organizations, including the International Organization for Standardization (ISO).
MD2 (message-digest algorithm)
__________ takes plaintext of any length and creates a hash 128 bits long.
server digital
A class 2 certificate is known as a __________ certificate.
third party
A __________ trust refers to a situation in which two individuals trust each other because each trusts a third party.
expiration
At the __________ stage of the certificate life cycle, the certificate can no longer be used.
RA
The primary function of a(n) __________ is to verify the identity of the individual.
Registration Authority
The __________ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users.
CP (certificate policy)
The __________ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components.
SHTTP (secure hypertext transfer protocol)
__________ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions.
Asymmetric encryption
__________ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it.
public key infrastructure
__________ involves PUBLIC-KEY cryptography standards, trust models, and key management.
SSL (secure sockets layer)
__________ is a protocol developed by Netscape for SECURELY transmitting documents over the Internet.
security related human resource
A policy that addresses SECURITY as it RELATES to HUMAN RESOURCES is known as a(n) __________ policy.
security policy
A __________ is a written document that states how an organization plans to protect the company's information technology assets.
change management team
Because the impact of CHANGES can potentially affect all users, and uncoordinated changes can result in security vulnerabilities, many organizations create a(n) __________ to oversee the changes.
values
__________ are a person's fundamental beliefs and principles used to define what is good, right, and just.
morals
__________ are values that are attributed to a system of beliefs that help the individual distinguish right from wrong.
kinesthetic
__________ learners learn through a lab environment or other hands-on approaches.
visual
__________ learners learn through taking notes, being at the front of the class, and watching presentations.
auditory
__________ learners tend to sit in the middle of the class and learn best through lectures and discussions.
incident response
__________ may be defined as the components required to identify, analyze, and contain that INCIDENT.
P2P (peer to peer)
__________ networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic.