CompTIA Security + Ch 5

  1. MAC flooding
    An attack that sends multiple packets to a switch, each of which has a different source MAC address, in an attempt to use up all of the menory on hte switch
  2. Failopen Mode
    When a switch broadcasts data on all ports the same way a hub does.
  3. CAM table
    The Content Addressable Memory table, a table that is in a switch's memory that contains ports and their corresponding MAC addresses.
  4. Network Address Translation (NAT)
    Allows multiple private IP address to share one public IP address.
  5. Static NAT
    When a single private IP address translates to a single public IP address. AKA one-to-one mapping.
  6. Port Address Translation (PAT)
    Like NAT but it translates both IP addresses and port numbers.
  7. Demilitarized Zone (DMZ)
    A special area of the network that houses servers that host information accessed by clients or other networks on the Internet
  8. 3-Leg Perimeter
    A type of DMZ where a firewall has three legs that connect to the LAN,Internet and the DMZ.
  9. Back-to-Back Perimeter
    A type of DMZ where the DMZ is located between the LAN and the Internet.
  10. Network Access Control (NAC)
    Sets the rules by which connections to a network are governed.
  11. Cloud Computing
    A way of offering on-demand services that extend the capabilities of a persons computer or an organizations network.
  12. Software-as a Service (Saas)
    A cloud computing service where users access applications over the Internet that are provided by a third party.
  13. Infrastructure as a Service (IaaS)
    A cloud computing service that offers computer networking, storage, load balancing, routing, and VM hosting.
  14. Platform as a Service (PaaS)
    Cloud computing service that provides various software solutions to organizations.
  15. VLAN Hopping
    Gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.
  16. Wardialing
    Scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to networks.
  17. TCP Reset Attack
    Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.
  18. Implicit Deny
    Denies all traffic to a resource unless the users generating that traffic are granted access to that traffic.
  19. TCP/IP Hijacking
    When a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access.
  20. Man-in-the-Middle Attack
    A form of eavesdropping that intercepts all data between a client and a server.
  21. Cross-Site Scripting (XSS)
    A type of vulnerability found in web applications used with session hijacking.
  22. Denial of Service (DoS)
    A network attack to make computer resorces unavailable.
  23. Ping Flood
    AKA- ICMP flood attack, an attacker sends many packets (pings) to a host in an attempt to use up all bandwidth.
  24. Smurf Attack
    A type of Denial of Service (DoS) attack that sends large amounts of ICMP (Internet Control Message Protocol) echoes. The header of the ICMP echo will have a spoofed IP address which is the target of the Smurf attack.
  25. Fraggle
    Similiar to the Smurf attack, but it sends UDP echo traffic instead of ICMP echo traffic.
  26. Permanent DoS Attack (PDoS)
    Consists of an attacker exploiting secuirity flaws in a router by flashing the firmware of the device with modified firmware.
  27. Ping of Death (POD)
    Type of DoS that sends an oversized packet to another computer.
  28. Fork Bomb
    An attack that creates a large number of processes quickly to saturate the available processing space in the computers OS.
  29. SYN Flood
    A type of DoS where large amounts of SYN request packets are sent to a server in an attempt to deny service.
  30. Teardrop Attack
    Type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.
  31. Distibuted Denial of Attack (DDoS)
    A group of comprismed systems attack a single target, causing a DoS to occur at that host.
  32. Spoofing
    When someone masquerades as another person by falsifying information.
  33. Phishing
    Proccess of attempting to acquire sesitive information such as usernames, passwords and credit card information. This is done by using fake website links sent by e-mail.
  34. Replay Attack
    An attack in which valid data transmission is maliciously or fraudulently repeated or delayed.
  35. Nonce
    Random number issued by an authentication protocol that can only be used once.
  36. Null Session
    Used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$)
  37. Domain Name Kiting
    Process of deleting a domain name during the five-day grace period and immediately reregistering it for another five-day period to keep the domain name for free.
  38. DNS poisoning
    The modification of name resolution information that should be in a DNS servers cache.
  39. Pharming
    The redirect of a website traffic to another bogus and possibly malicious website by modifying a DNS server or host files.
  40. ARP Poisoning
    Exploits Ethernet networks, and it may enable an attacker to sniff frames of information modify that information or stop it from getting to its intended destination.
  41. UDP Flood Attack
    Similiar to Fraggle, it uses UDP. Atackers like it because it does not require synchronization process.
Card Set
CompTIA Security + Ch 5
CompTIA Cert