Flash Cards Security +.txt

A computer virus is what?

Viruses attack what?

Do Viruses replicate?

How are viruses made?

Whats a resident virus?

Whats a direct action virus?

Whats a overwrite virus?

Whats a macro virus

Whats a polymorphic virus?

Whats file infectors?

Whats TCSEC?

Whats TCSEC also known as?

Is TCSEC an old or new standard?

Whats ITSEC mean?

What is IT (ITSEC)?

Whats CTCPEC stand for?

Whats CTCPEC comparable to?

Whats (CC) mean?

What standard is it (CC) ??

Whats (CC) ISO standard?

Does the international community follow CC?

Entry into the security fields begin with what?

What account is ideal for an attacker?

Whats a privilege escalation attack?

Whats a companion virus?

Whats a boot sector virus?

Whats does worms do that viruses do not do?

What does spyware do?

Whats spam?

Whats adware? No the program

What a root kit?

Whats a botnet?

Whats a logic bomb?

Bios prepares what during booting?

Can bios be bypassed?

Whats a common way to secure bios?

What should you do for USB drives to ensure security?

Are mobile phones a security threat?

Whats bad about NAS?

Whats NAS?

Whats system hardening practices?

What extra things can you do extra for system hardening?

Whats a hotfix?

A patch management?

Why do organizaions utilize group policies?

What does windows server use to increase network security?

What does Linux systems use for network security?

A configuration baseline is what?

Baselines are ideal for establishing what?

Who developed the active X component object model?

What does COM stand for?

Active X controls are ___ building blocks use to ___ distributed ___ that work over the internet through ___ ___

Active X Security relies solely upon what?

Active X controls are digitally what??

Active X Components are ___ ____?

Malware can redirect your ___ to an untrusted ___ that prevents itself as a ___ ___??

Java & javascript share a similar what?

Scripts are generally permitted access on to data relevant to what?

Java and Java scripts applets are all considered what?

A buffer overflow attack does what?

Buffer overflow attakcs what?

Are internet cookies trusted?

An open mail relay is what?

Like MSN Messenger - is often what kind of target for vector attacking the network?

What does XSS stand for?

What kind of webpage contents is found in dynamically generated pages?

Redirection and mis-direction are a major component of what?

What does HIDS stand for?

HIDS work with what?

HIDS analyzes & monitors ___ ___ interaction and observe the ___ of the computer at all times.

Whats the primary purpose of a network firewall?

What allow admins to enable ACL's & security policies to network traffic?

What OSI layer is Apllication level proxy?

What circuit-level proxy is on the OSI?

Packet filtering is on what layer of the OSI?

Stateful filtering does what?

How many different waysare their to identifying viruses and malware?

What methods are used for identifying viruses and malware?

Anti-Spam techniques attempt to detect what?

What is DNS blacklist, country/network block filtering?

Virtualization maximizes what?

What provides the most efficient use of singular system hardware resources?

What is every network architecturally defined by?

What involved an attacker forcibly gaining control over a legitimate conversaton between a trusted two party connections?

What intercept transmission details between the two sources?

Whats IPC?

What attack targets unprotected windows IPC shares and provides unauthorized remote access?

Whats a spoofing attack?

What forms attacking by sending email under a false identity?

What targets network stacks using bogus protocol information?

What forges parameters in a chanin of messages or communication?

Whats vunerable for MITM attakcs?

Whats MITM?

What attack reuses captured network packets in modified form against an original partt of some network conversation?

What renders individual workstations or server computers unresponsive?

What Whats a verison of DOS?

Whats Kitting?

What occurs when a server receives info that does not originate from an authoritative source?

Whats another term for ARP spoofing?

An attack against ethernet (packet) that enables an attacker to sniff frames on a switched network or redirect endpoint traffic through an attacker controlled machine?

What OSI layer is a network switch?

Network switches are also capable of supporting what?

Routers establish connectivity between what (2) things?

Whats DMZ?

Whats a VLAN?

What does NAT stand for?

Whats a NAT do?

Whats a NAC stand for?

Whats a NAC do?

What does network security tools do?

What does NIDS stand for?

What does NIPS stand for?

Whats the first line of defense for networks?

Do proxy servers enhance network performance?

What do proxies do?

Whats honeypots?

Mutiple honeypots are called what?

How are networks monitored?

What can you do against unauthorized analysis?

What are the two easy entry ways?

Ehternet protocols were designed w/out what?

Whats a vampire tap?

Whats the unintensional discolosure of info through acoustical, magnetic or radio frequency energy called?

Whats Data emanation like?

Whats bluejacking?

Whats bluesnarfing?

Whats unauthorized wireless installs on a protected network?

What can wireless ID's do?

Whats cryptography?

Whats cryptanalysis?

(2) ways defending against cryptanalysis & code breaking attempts?

Whats Implicit Deny?

Whats Explicitly Deny?

Whats principle of least privilege?

What selectively assigns access rights focal to a persons requiremenets to complete a given task?

Whats a MAC?

Referring to MAC - people, services, & Systems is what? Whats all other resources?

MAC uses subject and object labeling called what?

If security labels of subject and objects do not match, whats access set to?

What (2) forms is MAC devided into?

Whats simplistic means of restricting access to objects based on subject, identity, group membership?

Whats RBAC stand for?

What is RBAC?

Whats like RBAC?

The Rule based access control abbreviation is what?

Can ACLS's be assigned and admined by owners?

What forms organizational security?

Whats a basic security checklist?

A group policy is what?

Whats a crucial factor in the security equation?

What does a password policy establish?

Domain password polcies govern what?

Win2000 & Win2003 support passwords to how many characters

What are the (5) ways of enforcing a good password policy?

(2) ways dormant accounts are bad?

(4) types of logical tokens?

What does authenticate mean?

What does authentication mean?

(3) authentication factor categories?

(3) authentication methods?

What does SSO stand for?

What (3) common SSO configurations use Kerbersos?

What does Radius stand for?

Whats bad about NAS?

Network switches are also capable of supporting what?

What does RADIUS do?

What does Radius stand for?

What (3) common SSO configurations use Kerbersos?

(3) authentication methods?

What does RADIUS do?

CHAP uses a ___ ___ hash funtion.

CHAP is mostly ___ on ___ based networks.

Identification is what?

OVAL is a collection of what?

What does OVAL stand for?

Whats like port scanning?

What does service mapping & vulerability scanning do?

Full - disk encryption provides (2) benefits - what are they?

Cryptographic strength depends on what (5) factors?

Whats used to create digital signatures?

What does SHA mean?

SHA algorithm has variable bits up to what?

What is SHAV1 similar to?

Whats better - RSA or ECC?

Whats ECC stand for?

RSA is used for what?

What is key escrow also called?

What are the (3) types of CA's?

Who's SLA's between?