1. What is DHCP?
    it manages the dynamic distribution of IP addresses on a network. It can eliminate duplicate addressing
  2. What is DH-ECC?
    Diffe-Hellman elliptical curve cryptography, which is an asymmetric public key encryption technique that leverages algebraic structures of elliptical curves over finite fields
  3. What is the DLL?
    data link layer, that manages node-to-node transmission
  4. What do DNS logs contain?
    events logged by the DNS server service
  5. What is a DNS-name?
    domain name service name is a human-readable name of a host
  6. What are ECC algorithms?
    elliptical curve cryptography” is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. Early public-key systems, such as the RSA algorithm, are secure assuming that it is difficult to factor a large integer composed of two or more prime factors. For elliptic-curve-based protocols, it is assumed that finding the discrete logarithm of a random elliptic curve element with respect to a publicly-known base point is infeasible. The size of the elliptic curve determines the difficulty of the problem. It is believed that the same level of security afforded by an RSA-based system with a large modulus can be achieved with a much smaller elliptic curve group. Using a small group reduces storage and transmission requirements.
  7. What is HIDS?
    host based intrusion detection system, typically used on a critical server system rather than on a user workstation
  8. What is the host routing table?
    Same idea as using a map for package delivery, for sending data to another node on a network. It keeps track of paths, the next address along the path to the destination
  9. What is IPSec?
    Internet protocol security, a set of protocols to support secure exchange of packets at the IP network layer. It is typically used to secure and encrypt communications on a VPN
  10. What is Kerberos?
    a cross-platform authentication protocol using key encryption to verify the identity of clients and to securely exchange information after a client logs onto a system. Uses private key encryption
  11. What is key escrow?
    method for backing up private keys to protect them while allowing trusted third parties to access keys under certain conditions
  12. What is kiting?
    as in domain kiting, which is an attack against domain names which takes advantage of the domain name registration grace period, where a person registers, cancels, and reregisters the same domain name within the grace period to use without paying for it
  13. What is L2TP?
    layer 2 tunneling protocol, which encapsulates PPP data for use on VPNs. Can connect between clients, routers and servers
  14. What is LANMAN?
    legacy (prior to NT) authentication protocol used by windows. But it creates weak, easily crackable passwords
  15. What is LDAP?
    lightweight directory access protocol for accessing network directories
  16. What is the LDAP port number?
  17. MAC also stands for what?
    media access control. Objects are assigned security labels of different levels, to determine if a particular user is permitted to access the object
  18. What is MD5?
    Message digest 5. Hash algorithm used in IPSec policies for data authentication
  19. What is a message digest?
    a hashed value generated from an electronic message. MD5 is used in IPSec for data authentication
  20. What is NAT?
    network address translation. Simple form of internet security that conceals internal addressing schemes from the public internet by translating between a single public address and private nonroutable addresses internally
  21. What are NIDS?
    network based IDS, that primarily uses passive hardware sensors to monitor traffic on a specific segment of the network
  22. What is NIPS?
    network intrusion prevention system, tries to prevent an intrusion from continuing or spreading throughout the system after detecting the intrusion
  23. What is NIST?
    National institute of standards technology. They do work in such topics as secret and public key cryptographic techniques, advanced authentication systems, cryptographic protocols and interfaces, public key certificate management, biometrics, smart tokens, cryptographic key escrowing, and security architectures.
  24. What is NTLM?
    authentication protocol created by Microsoft for use in its products.
  25. What is a NULL session?
    allows an anonymous connection and query to the default, hidden windows share IPC$, even if guest access is disabled
  26. What is PGP?
    pretty good privacy method of securing emails and their attachments by encrypting and digitally signing using public key cryptography
  27. What is PII?
    personally identifying information
  28. For what is port 80 used?
  29. A protocol analyzer shows you what?
    Network data down to the packet and frame level. Can be used to indicate an intrusion or malicious application running on the network. For isolated problems with specific systems or on a small subnet of clients
  30. What is public key recovery?
    the keys used to encrypt each session, are themselves encrypted using the public key of the TTP(trusted third party), and then embedded within the session data in a “key recovery field”.
  31. What is RADIUS?
    remote authentication dial-in user service, is a standard protocol for providing centralized authentication and authorization services for remote users
  32. What is a rainbow table?
    Sets of related plaintext passwords and their hashes
  33. What is RAS?
    remote access server, a gateway system that provides remote clients with access to all or part of an internal network
  34. What is RBAC?
    role based access control, where network objects allow access only to users assigned to specific roles
  35. What is a recovery agent?
    a third party company that stores a unique key that can be used to unlock the backup of the primary keys
  36. What is a router ACL?
    it defines rules used to prevent some packets from flowing through the network, usually used to limit a specific network or host from accessing another network or host
  37. What is RSA?
    one of the most popular asymmetric public key algorithms, the main standard for encryption and digital signatures
  38. What is S/MIME?
    Secure multipurpose internet mail extension, to transfer multimedia and attachments through email. S/MIME lets you digitally sign and encrypt email using certificates. It uses public key certificates
  39. What is salt?
    a suffix of random characters added to a password before encrypting
  40. What is sanitazion?
    input sanitazion can protect against SQL injections by stripping out all non-alphanumeric characters
  41. What is SHA-1?
    secure hash algorithm, modeled after MD5
  42. Signature updates are used by?
    Antivirus software. Hashing is used with digital signatures. SHA is more secure than MD5
  43. What is a TTP?
    trusted third party
  44. What is SMTP?
    simple mail transfer protocol, moves messages from one email server to another
  45. What is a spanning port?
    Aka monitoring port, for monitoring network traffic. It can mirror traffic of other ports in the same switch
  46. What is SSH?
    secure shell protocol for secure log on and data transfer
  47. What is SSID?
    service set identifier character string used to identify an access point on a 802.11 wireless network
  48. What is SSL?
    secure socket layer; a security protocol with digital certificates and RSA public key encryption
  49. What is SSO?
    single sign-on that uses one-time authentication to multiple resources, servers or sites
  50. What is TACACS?
    terminal access controller access control system is an authentication protocol that accepts login requests and authenticates credentials
Card Set