-
What is DHCP?
it manages the dynamic distribution of IP addresses on a network. It can eliminate duplicate addressing
-
What is DH-ECC?
Diffe-Hellman elliptical curve cryptography, which is an asymmetric public key encryption technique that leverages algebraic structures of elliptical curves over finite fields
-
What is the DLL?
data link layer, that manages node-to-node transmission
-
What do DNS logs contain?
events logged by the DNS server service
-
What is a DNS-name?
domain name service name is a human-readable name of a host
-
What are ECC algorithms?
elliptical curve cryptography” is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. Early public-key systems, such as the RSA algorithm, are secure assuming that it is difficult to factor a large integer composed of two or more prime factors. For elliptic-curve-based protocols, it is assumed that finding the discrete logarithm of a random elliptic curve element with respect to a publicly-known base point is infeasible. The size of the elliptic curve determines the difficulty of the problem. It is believed that the same level of security afforded by an RSA-based system with a large modulus can be achieved with a much smaller elliptic curve group. Using a small group reduces storage and transmission requirements.
-
What is HIDS?
host based intrusion detection system, typically used on a critical server system rather than on a user workstation
-
What is the host routing table?
Same idea as using a map for package delivery, for sending data to another node on a network. It keeps track of paths, the next address along the path to the destination
-
What is IPSec?
Internet protocol security, a set of protocols to support secure exchange of packets at the IP network layer. It is typically used to secure and encrypt communications on a VPN
-
What is Kerberos?
a cross-platform authentication protocol using key encryption to verify the identity of clients and to securely exchange information after a client logs onto a system. Uses private key encryption
-
What is key escrow?
method for backing up private keys to protect them while allowing trusted third parties to access keys under certain conditions
-
What is kiting?
as in domain kiting, which is an attack against domain names which takes advantage of the domain name registration grace period, where a person registers, cancels, and reregisters the same domain name within the grace period to use without paying for it
-
What is L2TP?
layer 2 tunneling protocol, which encapsulates PPP data for use on VPNs. Can connect between clients, routers and servers
-
What is LANMAN?
legacy (prior to NT) authentication protocol used by windows. But it creates weak, easily crackable passwords
-
What is LDAP?
lightweight directory access protocol for accessing network directories
-
What is the LDAP port number?
389
-
MAC also stands for what?
media access control. Objects are assigned security labels of different levels, to determine if a particular user is permitted to access the object
-
What is MD5?
Message digest 5. Hash algorithm used in IPSec policies for data authentication
-
What is a message digest?
a hashed value generated from an electronic message. MD5 is used in IPSec for data authentication
-
What is NAT?
network address translation. Simple form of internet security that conceals internal addressing schemes from the public internet by translating between a single public address and private nonroutable addresses internally
-
What are NIDS?
network based IDS, that primarily uses passive hardware sensors to monitor traffic on a specific segment of the network
-
What is NIPS?
network intrusion prevention system, tries to prevent an intrusion from continuing or spreading throughout the system after detecting the intrusion
-
What is NIST?
National institute of standards technology. They do work in such topics as secret and public key cryptographic techniques, advanced authentication systems, cryptographic protocols and interfaces, public key certificate management, biometrics, smart tokens, cryptographic key escrowing, and security architectures.
-
What is NTLM?
authentication protocol created by Microsoft for use in its products.
-
What is a NULL session?
allows an anonymous connection and query to the default, hidden windows share IPC$, even if guest access is disabled
-
What is PGP?
pretty good privacy method of securing emails and their attachments by encrypting and digitally signing using public key cryptography
-
What is PII?
personally identifying information
-
For what is port 80 used?
HTTP
-
A protocol analyzer shows you what?
Network data down to the packet and frame level. Can be used to indicate an intrusion or malicious application running on the network. For isolated problems with specific systems or on a small subnet of clients
-
What is public key recovery?
the keys used to encrypt each session, are themselves encrypted using the public key of the TTP(trusted third party), and then embedded within the session data in a “key recovery field”.
-
What is RADIUS?
remote authentication dial-in user service, is a standard protocol for providing centralized authentication and authorization services for remote users
-
What is a rainbow table?
Sets of related plaintext passwords and their hashes
-
What is RAS?
remote access server, a gateway system that provides remote clients with access to all or part of an internal network
-
What is RBAC?
role based access control, where network objects allow access only to users assigned to specific roles
-
What is a recovery agent?
a third party company that stores a unique key that can be used to unlock the backup of the primary keys
-
What is a router ACL?
it defines rules used to prevent some packets from flowing through the network, usually used to limit a specific network or host from accessing another network or host
-
What is RSA?
one of the most popular asymmetric public key algorithms, the main standard for encryption and digital signatures
-
What is S/MIME?
Secure multipurpose internet mail extension, to transfer multimedia and attachments through email. S/MIME lets you digitally sign and encrypt email using certificates. It uses public key certificates
-
What is salt?
a suffix of random characters added to a password before encrypting
-
What is sanitazion?
input sanitazion can protect against SQL injections by stripping out all non-alphanumeric characters
-
What is SHA-1?
secure hash algorithm, modeled after MD5
-
Signature updates are used by?
Antivirus software. Hashing is used with digital signatures. SHA is more secure than MD5
-
What is a TTP?
trusted third party
-
What is SMTP?
simple mail transfer protocol, moves messages from one email server to another
-
What is a spanning port?
Aka monitoring port, for monitoring network traffic. It can mirror traffic of other ports in the same switch
-
What is SSH?
secure shell protocol for secure log on and data transfer
-
What is SSID?
service set identifier character string used to identify an access point on a 802.11 wireless network
-
What is SSL?
secure socket layer; a security protocol with digital certificates and RSA public key encryption
-
What is SSO?
single sign-on that uses one-time authentication to multiple resources, servers or sites
-
What is TACACS?
terminal access controller access control system is an authentication protocol that accepts login requests and authenticates credentials
|
|