Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/68

Click to flip

68 Cards in this Set

  • Front
  • Back
1. Target Acquisition
2. Target Analysis
3. Target Access
4. Target Appropriation
Target Acquisition
discovery, compliance, & vulnerabilty
network scanners
LAN with a central cable to which all nodes connect
Advantage-Scalable, Permits node failure
Disadvantage-Bus failure
Bus Toplogy
even small networks are complex, layout affect scalibility and security,
Network Topology
devices connect to a branch on the network; Advantage Scalable, permits node failure, Disadvantage failures split the network
Tree Topology
closed-loop topology; advantages-deterministic; disadvantage-single point of failure
Ring Topology
every node in the network is connected to every other node in the network;Advantage-redundacy;Disadvatage-expensive, complex, scalabilty
Mesh Topology
All nodes connect to a central device; advantage-permits node.cable failure; Disadvantage-single point of failure
Star Topoloy
three component- light source, optical fiber cable, two types, light detector
Fiber Optics
DSSS,FHSS,OFDM
Wireless multiplexing technologies
The connection between a wireless and wired network.
Access point
A layer 2 device that used to connect two network segments and regulate traffic.
Bridge
A device that provides the functions of both a bridge and a router.
Brouter
A cable consisting of a core, inner conductor that is surrounding by an insulator, an outer cylindrical conductor
Coaxial cable
Used to code/decode a digital data stream.
Codec
Layer 1 network device that is used to connect network segments together, but provides no traffic control (a hub).
Concentrator
An asymmetric cryptography mechanism that provides authentication.
Digital signature
A passive network attack involving monitoring of traffic.
Eavesdropping
Forgery of the sender’s email address in an email header
E-Mail spoofing
Potentially compromising leakage of electrical or acoustical signals.
Emanations
Disruption of operation of an electronic device due to a competing electromagnetic field.
EMI
A shield against leakage of electromagnetic signals.
Faraday Cage/ Shield
Bundles of long strands of pure glass that efficiently transmit light pulses over long distances. Interception without detection is
difficult.
Fiber optics
A system that enforces an access control policy between two networks.
Firewalls
A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast addresses. (See Smurf)
Fraggle
A secure connection to another network.
Gateway
Interception of a communication session by an attacker.
Hijacking
Layer 1 network device that is used to connect network segments together, but provides no traffic control (a concentrator).
Hub
An attack technique that exploits systems that do not perform input validation by embedding partial SQL queries inside input.
Injection
Unauthorized access of information (e.g. tapping, sniffing, unsecured wireless communication, emanations)
Interception
Forging of an IP address.
IP address spoofing
An attack that breaks up malicious code into fragments, in an attempt to elude detection.
IP Fragmentation
High frequency, highly directional radio signals. Attackers target interception attempts at transmission and relay stations.
Microwave
A device that converts between digital and analog representation of data.
Modems
A type of attack involving attempted insertion, deletion or altering of data.
Modification
A device that sequentially switches multiple analog inputs to the output.
Multiplexers
A mail server that improperly allows inbound SMTP connections for domains it does not serve.
Open mail relay servers
A Denial of Service attack that exploits packet filter firewalls that only inspect the initial fragment of a
fragmented packet.
Overlapping fragment attack
A basic level of network access control that is based upon information contained in the IP packet header.
.
Packet filtering
Provides a physical cross connect point for devices.
Patch panels
A Private Branch Exchange is telephone exchange for a specific office or business.
PBX
A social engineering attack that uses spoofed email or websites to persuade people to divulge information.
Phishing
Unauthorized access of network devices.
Physical tampering
Mediates communication between un-trusted hosts on behalf of the hosts that it protects.
Proxies
Layer 1 network device that is used to connect network segments together, but provides no traffic control (a concentrator).
Repeaters
Radio Frequency Interference is a disturbance that degrades performance of electronic devices and electronic communications.
RFI
Unauthorized wireless network access device
Rogue access points
A layer 3 device that used to connect two or more network segments and regulate traffic.
Routers
A specialized wireless receiver/ transmitter placed in orbit that facilitates long distance communication.
Satellite
An attack involving the hijacking of a TCP session by predicting a sequence number.
Sequence Attacks
“Worldwide Interoperability for Microwave Access” (IEEE 802.16) is specification for wireless Metropolitan Area Networks that
provides an alternative to the use of cable and DSL for last mile delivery.
WI-MAX
“Wireless fidelity” is a world-wide wireless technology
Wi-Fi
Searching for wireless networks in a moving car.
War Driving
Reconnaissance technique, involving automated, brute force identification of potentially vulnerable modems.
War dialing
Voice over Internet Protocol (VoIP) – a protocol for the efficient transmission of voice over the Internet
Voice over IP
A simple, inexpensive cabling technology consisting of two conductors that are wound together to decrease interference.
Twisted pair
Potential danger to information or systems
Threats
A codename that refers to the study and mitigation of information disclosure via electromagnetic emanations from electronic
equipment
TEMPEST
A Denial of Service attack that exploits systems that are not able to handle malicious, overlapping and oversized IP fragments.
Teardrop
Mitigation of spamming and other attacks by delaying incoming connections as long as possible.
Tar Pits
Eavesdropping on network communications by a third party.
Tapping
A Denial of Service attack that floods the target system with connection requests that are not finalized.
SYN flooding
A layer 2 device that used to connect two or more network segments and regulate traffic.
Switches
Unsolicited commercial email
Spam
A vulnerability in IP that allows an attacker to dictate the path of a communication and thereby access an internal
network
Source routing exploitation
Eavesdropping on network communications by a third party.
Sniffing
A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses.
Shielding
A Denial of Service attack initiated by sending spoofed ICMP echo request to IP broadcast addresses.
Smurf