1. What is the SNMP port number?
    Typically, SNMP uses UDP ports 161 for the agent and 162 for the manager
  2. What is port 53?
    DNS server
  3. What is port 636?
    LDAPS, which is LDAP lightweight directory access protocol over SSL
  4. What is port 3389?
    This port is used by Microsoft's "Terminal Server" or "Terminal Services" which were renamed to "Remote Desktop" for their appearance in Windows XP
  5. What is port 8080?
    8080/TCP HTTP alternate (http_alt)-commonly used for Web proxy and caching server, or for running a Web server as a non-root user
  6. What is a hashing chain?
    In computer security, a hash chain is a method to produce many one-time keys from a single key or password. When the user wishes to authenticate, he supplies hash password 999 to the server. The server computes and verifies this matches the hash chain it has stored. It then stores hash password 999 for the next time the user wishes to authenticate. An eavesdropper seeing hash password 999 communicated to the server will be unable to re-transmit the same hash chain to the server for authentication since the server now expects hash password 998. In this example, the user could authenticate 1000 times before the hash chain is exhausted. Each time the hash value is different, and thus cannot be duplicated by an attacker
  7. What is netops?
    NetOps is defined as the operational framework consisting of three essential tasks, Situational Awareness (SA), and Command & Control (C2) that the Commander (CDR) of US Strategic Command (USSTRATCOM), in coordination with DoD and Global NetOps Community, employs to operate, manage and defend the Global Information Grid (GIG) to ensure information superiority for the United States
  8. What is netstat?
    netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is available on Unix, Unix-like, and Windows NT-based operating systems. It is used for finding problems in the network and to determine the amount of traffic on the network as a performance measurement
  9. What is AH?
    authentication header. Authentication Header (AH) is used in IPSec to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replay attacks
  10. What is another name for a “trust model”?
    a CA hierarchy, which is a single CA or group of CAs that work together to issue digital certificates
  11. What is a PKI?
    public key infrastructure. A system that is composed of a certificate authority CA, certificates, software, services and other cryptographic components, for the purpose of enabling authenticity and validation of data and/or entities. For example, PKI can be used to secure transactions over the internet
  12. What is PAT?
    Port Address Translation (PAT) is a feature of a network device that translates TCP or UDP communications made between hosts on a private network and hosts on a public network. It allows a single public IP address to be used by many hosts on a private network, which is usually a Local Area Network or LAN. A PAT device transparently modifies IP packets as they pass through it. The modifications make all the packets which it sends to the public network from the multiple hosts on the private network appear to originate from a single host, (the PAT device) on the public network. PAT is a subset of NAT, and is closely related to the concept of Network Address Translation
  13. What do “invasive security techniques” do?
    they invade your privacy
  14. How are DHCP logs used?
    Audit logs are not really practical for security auditing but can be invaluable in troubleshooting DHCP server-related issues. DHCP audit logs tend to be much more useful from a diagnostic standpoint than from a security standpoint. A DHCP server's only job is to lease IP addresses to network clients, so there is little reason to perform a security audit of the DHCP server's activity. Unless you know exactly what you are looking for, going through the DHCP audit logs looking for potential security breaches is both tedious and generally non productive. Even though the DHCP audit logs are impractical for day to day security monitoring, they are an excellent diagnostic tool. The DHCP audit logs provide a wealth of information regarding your DHCP server's functionality
  15. SCSI settings?
    There are usually three sets of jumpers on a SCSI device. When troubleshooting various hardware related errors, the need to use the SCSI Configuration Utility to change the settings
  16. What is meant by “heuristic”?
    Heuristic analysis is a method employed by many computer antivirus programs designed to detect previously unknown computer viruses, as well as new variants of viruses already in the wild
  17. What is STP?
    shielded twisted-pair cables. Or spanning tree protocol, which operates in the data link layer to prevent traffic loops by calculating paths that avoid potential loops
  18. What is UTP?
    unshielded twisted pair cables, that doesn’t have extra shielding, which makes it cheaper than STP
  19. What is Serpent?
    Serpent is a 128-bit block cipher was a finalist in the AES competition. The winner instead was Rijndael
  20. What is Airsnort?
    AirSnort is a Linux and Microsoft Windows utility for decrypting WEP encryption on an 802.11b network. It is free software that is no longer maintained or supported
  21. What is ROT13?
    (("rotate by 13 places", sometimes hyphenated ROT-13) is a simple substitution cipher used in online forums as a means of hiding spoilers, punch lines, puzzle solutions, and offensive materials from the casual glance. The algorithm provides minimal cryptographic security, and is often cited as a canonical example of weak encryption. ROT13 has inspired a variety of letter and word games on-line, and is frequently mentioned in newsgroup conversations
  22. What is “XOR”?
    In cryptography, the simple XOR cipher is a simple encryption algorithm. The XOR operator is extremely common as a component in more complex ciphers. Its primary merit is that it is simple to implement, and that the XOR operation is computationally inexpensive. A simple repeating XOR cipher is therefore sometimes used for hiding information in cases where no particular security is required. If the key is random and is as long as the message (so it never repeats), the XOR cipher is more secure. When the keystream is generated by a pseudo-random number generator, the result is a stream cipher. With a key that is truly random, the result is a one-time pad, which is unbreakable even in theory
  23. What is fuzzing?
    The trick of fuzz testing is that it isn't logical: Rather than attempting to guess what data is likely to provoke a crash (as a human tester might do), an automated fuzz test simply throws as much random gibberish at a program as possible. The failure modes identified by such testing usually come as a complete shock to programmers because no logical person would ever conceive of them. A protocol fuzzer sends forged packets to the tested application, or eventually acts as a proxy, modifying requests on the fly and replaying them
  24. What is TFTP?
    Trivial File Transfer Protocol (TFTP) is a file transfer protocol, with the functionality of a very basic form of File Transfer Protocol . Due to its simple design, TFTP could be implemented using a very small amount of memory. It was therefore useful for booting computers such as routers which did not have any data storage devices. It is still used to transfer small amounts of data between hosts on a network, such as IP phone firmware or operating system images when a remote X Window System terminal or any other thin client boots from a network host or server. The initial stages of some network based installation systems (such as Solaris Jumpstart, Red Hat Kickstart, Symantec Ghost and Windows NT's Remote Installation Services) use TFTP to load a basic kernel that performs the actual installation. Trivial File Transfer Protocol (TFTP) is a simple protocol to transfer files. It has been implemented on top of the User Datagram Protocol (UDP) using port number 69. TFTP is designed to be small and easy to implement, therefore, lacks most of the features of a regular FTP. TFTP only reads and writes files (or mail) from/to a remote server. It cannot list directories, and currently has no provisions for user authentication
  25. What is UDP?
    user datagram protocol. A core protocol in the TCP/IP suite that sits in the transport layer of the OSI model. UDP is a connectionless transport service
  26. What is EFS?
    The Encrypting File System (EFS) on Microsoft Windows is a file system filter that provides file system-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.
  27. What is HIPS?
    Host-based intrusion prevention system. (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Network-based IPS, for example, may operate in-line to monitor all network traffic for malicious code or attacks . When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass. Intrusion prevention technology is considered by some to be an extension of intrusion detection (IDS) technology`
  28. What is header injection?
    HTTP header injection is a general class of web application security vulnerability which occurs when Hypertext Transfer Protocol (HTTP) headers are dynamically generated based on user input. Header injection in HTTP responses can allow for HTTP response splitting and cross-site scripting (XSS) attacks. HTTP header injection is a relatively new area for web-based attacks
  29. What is a ticket granting service?
    In Kerberos, The ticket for the full ticket-granting service is called a ticket-granting ticket (TGT)
  30. What is the data custodian?
    the data custodian is usually the person responsible for, or the person with administrative control over, granting access to an organization's documents or electronic files while protecting the data as defined by the organization's security policy or its standard IT practices
  31. What is CCTV?
    Closed-circuit television (CCTV) is the use of video cameras to transmit a signal to a specific place, on a limited set of monitors. CCTV is often used for surveillance in areas that may need monitoring such as banks, casinos, airports, military installations, and convenience stores
  32. What is refraction?
    the change in direction of a propagating wave (light or sound) when passing from one medium to another
  33. What is a DLL?
    dynamic link library
  34. What is ALE?
    Annual Loss Expectancy. You will need to analyze this information to determine the probability of a risk occurring, what is affected, and the costs involved with each risk. Once you’ve identified the risks that can pose a probable threat to your company, and determined how much loss can be expected from an incident, you are then prepared to make decisions on how to protect your company. When the dollar value of the loss is calculated, this provides total cost of the risk, or the Single Loss Expectancy (SLE). To plan for the probable risk, you would need to budget for the possibility that the risk will happen. To do this, you need to use the ARO and the SLE to find the Annual Loss Expectancy (ALE). To illustrate how this works, let’s say that the probability of a Web server failing is 30 percent. This would be the ARO of the risk. If the e-commerce site hosted on this server generates $10,000 an hour and the site would be estimated to be down two hours while the system is repaired, then the cost of this risk is $20,000. In addition to this, there would also be the cost of replacing the server itself. If the server cost $6000, this would increase the cost to $26000. This would be the SLE of the risk. By multiplying the ARO and the SLE, you would find how much money would need to be budgeted to deal with this risk. This formula provides the ALE: ARO x SLE = ALE. When looking at the example of the failed server hosting an e-commerce site, this means the ALE would be: .3 x $26,000 = $7,800. To deal with the risk, you need to assess how much needs to be budgeted to deal with the probability of the event occurring. The ALE provides this information, leaving you in a better position to recover from the incident when it occurs
  35. What is a booking slip?
    when someone is arrested
  36. What is P2P?
    A peer-to-peer, commonly abbreviated to P2P, is any distributed network architecture composed of participants that make a portion of their resources (such as processing power, disk storage or network bandwidth) directly available to other network participants, without the need for central coordination instances (such as servers or stable hosts. Peers are both suppliers and consumers of resources, in contrast to the traditional client-server model where only servers supply, and clients consume
  37. What is TLS?
    Transport Layer Security (TLS) and its predecessor, Secure Socket Layer (SSL), are cryptographic protocols that provide security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at the Transport Layer end-to-end
  38. What is IKE?
    The Internet Key Exchange. IPSec uses encryption. For IPSec to work, each communicating device needs to be running IPSec and share some form of public key. Key management is provided by the IKE. IKE enables the receiver to obtain a public key and authenticate the sender using digital certificates
  39. What is a CAW?
    Certification Authority Workstation. The workstation creates and maintains FORTEZZA®-based digital certificates and hardware tokens, which are used to secure communications and access control in programs such as the government’s Defense Messaging System (DMS) and the Remote Access Security Program (RASP).
  40. What is data leakage?
    when confidential data leaks out of the company's network and trickles into the hands of malicious users. No matter how robust your technology is, or how intuitive your detection systems are, restricted data somehow manages to seep through the least guarded nooks and crannies of the enterprise. The usual and most overlooked sources of data leakage are slapdash database privileges, plain ol’ e-mail, and slipshod security policies
  41. What is piggybacking?
    Piggybacking refers to access of a wireless Internet connection by bringing one's own laptop computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge. It is a legally and ethically controversial practice, with laws that vary by jurisdiction around the world. While completely outlawed or regulated in some places, it is permitted in others
  42. What is SLE?
    single loss expectancy. When the dollar value of the loss is calculated, this provides total cost of the risk, or the Single Loss Expectancy (SLE).
  43. What is ALE?
    annual loss expectancy
  44. What is SHTTP?
    a security protocol that is an alternate form of protecting HTTP data
Card Set