CH10 - CNET Key Terms

  1. A security extension to 802.11 and a successor toWi-Fi Protected Access that is the currently accepted best security protocol for wireless networks.
  2. Sets of rules defined by an administrator that determine which packets should be allowed and which should be denied.
    access control lists
  3. A security feature that allows an administrator to control who has access to the network.
  4. A security feature that allows an administrator to control what a user can do and which resources can be accessed after the user is authenticated to the network.
  5. A program installed on a computer that permits access to the computer, thus bypassing the normal authentication process.
  6. Someone who attempts to compromise a network or computer system for the purposes of personal gain or to cause harm.
  7. An attempt to tie up network bandwidth or services so that network resources are rendered useless to legitimate users.
    denial-of-service (DoS) attack
  8. A feature available on Windows operating systems that allows file contents to be encrypted on the disk. These files can be opened only by the file creator or designated agents.
    Encrypting File System (EFS)
  9. A technology used to make data unusable and unreadable to anybody except authorized users of the data.
  10. A hardware device or software program that inspects packets going into or out of a network or computer and then discards or forwards those packets based on a set of rules.
  11. Sometimes a derogatory term to describe an unskilled or undisciplined programmer. ______ can also mean someone who is highly skilled with computer systems and programs and is able to use some of the same tools crackers use to poke around networks or systems, but not for evil purposes.
  12. A type of virus that’s not really a virus but simply an e-mail announcement of a made-up virus. Its harm lies in people believing the announcement and forwarding the message on to others.
    hoax virus
  13. Usually a component of a firewall, an ___ detects an attempted security breach and notifies the network administrator. An ___ can also take countermeasures to stop an attack in progress.
    intrusion detection system (IDS)
  14. An extension to the IP protocol suite that creates an encrypted and secure conversation between two hosts.
    IP Security (IPSec)
  15. A security method often used in wireless networks, whereby only devices with MAC addresses specified by the administrator can gain access to the wireless network.
    MAC address filtering
  16. Any software designed to cause harm or disruption to a computer system or otherwise perform activities on a computer without the consent of the computer’s owner.
  17. Permissions assigned to files or folders on an NTFS-formatted volume in a Windows system. ____ _________ affect user access to resources whether the user is logged on locally or over the network.
    NTFS permissions
  18. A term used to describe a security consultant who is able to detect holes in a system’s security for the purpose of correcting these vulnerabilities.
    penetration tester
  19. An automated method for pinging a range of IP addresses.
    ping scanner
  20. A software service used on many Linux distributions for authenticating users. ___ is extensible so that new authentication features can be added as needed.
    Pluggable Authentication Modules (PAM)
  21. Software that determines which TCP and UDP ports are available on a computer or device.
    port scanner
  22. Programs or devices that can capture packets traversing a network and display packet contents in a form useful to the user.
    protocol analyzers
  23. Forms of Trojan programs that can monitor traffic to and from a computer, monitor keystrokes, and capture passwords. They are among the most insidious form of Trojan software because they can mask that the system has been compromised by altering system files and drivers required for normal computer operation.
  24. A secure method of storing user passwords on a Linux system.
    shadow passwords
  25. A list of permissions that can be assigned to users and groups and applied to Windows shared folders. _____________ don’t affect access to files and folders by users logged on locally to the system hosting the files.
    sharing permissions
  26. Unsolicited e-mail. The harm in ____ is the loss of productivity when people receive dozens or hundreds of spam messages daily and the use of resources to receive and store ____ on e-mail servers.
  27. A source address inserted into a packet that is not the actual address of the sending station.
    spoofed address
  28. A type of malware that monitors or in some way controls part of your computer at the expense of your privacy and to the gain of some third party.
  29. A filtering method used in a firewall, whereby packets are not simply filtered based on packet properties but also the context in which packets are being transmitted. If a packet is not part of a legitimate, ongoing data conversation, it’s denied.
    stateful packet inspection (SPI)
  30. A program that appears to be something useful, such as a free utility you can use on your computer, but in reality contains some type of malware.
    Trojan program
  31. Temporary or permanent connections across a public network that use encryption technology to transmit and receive data.
    virtual private networks (VPNs)
  32. A malicious program that spreads by replicating itself into other programs or documents. A _____ usually aims to disrupt computer or network functions by deleting and corrupting files.
  33. Attackers who drive around with a laptop or PDA looking for wireless LANs to access.
  34. A wireless security protocol that is the successor to Wired Equivalency Protocol. ___ has enhancements that make cracking the encryption code more difficult.
    Wi-Fi Protected Access (WPA)
  35. A form of wireless security that encrypts data so that unauthorized people receiving wireless network signals can’t interpret the data easily.
    Wired Equivalency Protocol (WEP)
  36. A self-replicating program, similar to a virus, that uses network services such as e-mail to spread to other systems.
Card Set
CH10 - CNET Key Terms
key terms