Net + > Net + Mod 9 Explaining Network Security Concepts > Flashcards

Net + Mod 9 Explaining Network Security Concepts Flashcards

(17 cards)

Study These Flashcards
1
Q

Common Security Terminology

Mod 9.1 Security Concepts
Objective 4.1

A

CIA triad
- Confidentiality: means that certain information should only be known to certain people

  • Integrity: means that the data is stored and transferred as intended and that any modification is authorized
  • Availability: means that information is accessible to those authorized to view or modify it

DAD triad
- Disclosure
- Alteration
- Destruction

VTR (V+T=R)
- Vulnerability: weakness that could be accidentally triggered or intentionally exploited to cause a security breach

  • Threat: The potential for someone or something to exploit a vulnerability and breach security
  • Risk: likelihood and impact (or consequence) of a threat actor exercising a vulnerability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Security Audits and Assessments

Mod 9.1 Security Concepts
Objective 4.1

A

Risk Management: process for identifying, assessing, and mitigating vulnerabilities and threats to the essential functions that a business must perform to serve its customers

Posture Assessment: overall status of risk management is referred to as risk posture, shows which risk response options can be identified and prioritized

Process Assessment:
- MEF: Mission essential function - Business or organizational activity that is too critical to be deferred for anything more than a few hours, if at all
- BIA: Business impact analysis - Systematic activity that identifies organizational risks and determines their effect on ongoing, mission critical operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Regulatory Compliance

Mod 9.1 Security Concepts
Objective 4.1

A

Regulatory Compliance: imposes externally determined requirements on companies in certain industries or when processing certain types of data

  • PII
  • GDPR: General Data Protection Regulation European
  • Data Sovereignty: jurisdiction preventing or restricting processing and storage from taking place on systems that do not physically reside within that jurisdiction
  • PCS DSS: Payment Card Industry Data Security Standard
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Encryption

Mod 9.1 Security Concepts
Objective 4.1

A

Symmetric: keys same on both sides
Asymmetric: public and private keys

encryption algorithm: converts a human-readable plaintext into a ciphertext

cryptographic hash algorithm: converts a variable length string into a fixed-length hash, cannot be converted back to a plaintext

Data at rest: data is in some sort of persistent storage media
Data in transit: data is transmitted over a network
Data in use: data is present in volatile memory (RAM/CPU)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Attack Types

Mod 9.2 Network Threats and Attacks
Objective 4.2

A

Enumeration: An attack that aims to list resources on the network, host, or system as a whole to identify potential targets for further attack
- Footprinting: discover the topology and general configuration of the network and security systems, social engineering attacks, TCP/UDP application ports
- Fingerprinting: identify device and OS types and versions

Spoofing: Attack technique where the threat actor disguises his or her identity or impersonates another user or resource

DoS / DDoS: single/multiple physical, application, or network attack to manage resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Vulnerability and Exploit Types

Mod 9.1 Security Concepts
Objective 4.1

A

Exploit: specific code or method of using a vulnerability to gain control of a system or damage it in some way

Zero-day: vulnerability that is exploited before the developer knows about it or can release a patch

Vulnerability assessment: evaluation of a system’s security and ability to meet compliance requirements based on the configuration state of the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Deception Technologies

Mod 9.1 Security Concepts
Objective 4.1

A

Honeypot: A host (honeypot), network (honeynet), file (honeyfile), or credential/token (honeytoken) set up with the purpose of luring attackers away from assets of actual value and/or discovering attack strategies and weaknesses in the security configuration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Threat Types and Assessment

Mod 9.2 Network Threats and Attacks
Objective 4.2

A

External: threat actor or agent is one that has no account or authorized access to the target system
Internal: insider threat, has been granted permissions on the system

Threat Research: counterintelligence gathering effort in which security companies and researchers attempt to discover the tactics, techniques, and procedures (TTPs) of threat actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Threat Types and Assessment

Mod 9.2 Network Threats and Attacks
Objective 4.2

A

Behavioral threat research: Narrative commentary describing examples of attacks and TTPs gathered through primary research sources

Reputational threat intelligence: Lists of IP addresses and domains associated with malicious behavior, plus signatures of known file-based malware

Threat data: Computer data that can correlate events observed on a customer’s own networks and logs with known TTP and threat actor indicators

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Distributed DoS Attacks and Botnets

Mod 9.2 Network Threats and Attacks
Objective 4.2

A

reflection DoS (DRDoS): amplification attack, victim’s IP address and attempts to open connections with multiple servers

Botnets: group of compromised hosts that can be used to launch DDoS and DRDoS attacks

command and control (C2 or C&C): network established between the handlers and the bots

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

MAC Flooding Attack / VLAN Hopping Attacks

Mod 9.3 Spoofing Attacks
Objective 4.2

A

MAC Flooding: A variation of an ARP poisoning attack where a switch’s cache table is inundated with frames from random source MAC addresses

VLAN Hopping Attacks: send traffic to a VLAN other than the one the host system is in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Malware Attacks

Mod 9.2 Network Threats and Attacks
Objective 4.2

A

Malware: Software that serves a malicious purpose, typically installed without the user’s consent (or knowledge)

  • Viruses and worms: spread without any authorization from the user by being concealed within the executable code of another process, files/process running system memory
  • Trojan: concealed within an installer package for software
  • Potentially unwanted programs (PUPs)/Potentially unwanted applications (PUAs): Software installed alongside a package selected by the user or perhaps bundled with a new computer system

Shellcode: lightweight block of malicious code that exploits a software vulnerability to gain initial access to a victim system

advanced persistent threat (APT): attacker’s ability to obtain, maintain, and diversify access to network systems using exploits and malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

On-Path Attacks

Mod 9.3 Spoofing Attacks
Objective 4.2

A

On-Path: attack is a specific type of spoofing attack where a threat actor compromises the connection between two hosts and transparently intercepts and relays all communications between them

MAC/IP Spoofing

ARP Spoof/ Poisoning: broadcasting unsolicited ARP reply packets w/source address that spoofs a legitimate host or router interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Rogue Devices and Services / Rogue DHCP

Mod 9.4 Rogue System Attacks
Objective 4.2

A

Rogue: device or service on your network isn’t under the administrative control of the network staff

Rogue DHCP
- deployed accidentally (forgetting to disable a DHCP server in an access point or router, for instance)

-rogue server to change the default gateway and/or DNS resolver addresses for the subnet and route communications via their machine On-path attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DNS Attacks

Mod 9.4 Rogue System Attacks
Objective 4.2

A

DNS poisoning: injects false resource records into a client or server cache to redirect a domain name to an IP address of the attacker’s choosing

DNS-Based On-Path Attacks: ARP poisoning to respond to DNS queries from the victim with spoofed replies

DNS Client Cache Poisoning: attacker is able to place a false name IP address mapping in the HOSTS file and effectively poison the DNS cache, they will be able to redirect traffic

DNS Server Cache Poisoning: corrupt the records held by the DNS server itself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Social Engineering Attacks

Mod 9.5 Social Engineering
Objective 4.2

Study These Flashcards
A

Phishing
Shoulder Surfing Attack
Tailgating and Piggybacking Attacks
Dumpster diving: organization’s (or individual’s) garbage to try to find useful documents/USB files

14
Q

Password Attacks

Mod 9.5 Social Engineering
Objective 4.2

Study These Flashcards
A

Passwords or password hashes can be captured by obtaining a password file or by sniffing the network

Stored in: Secure Hash Algorithm (SHA), Message Digest v5 (MD5) = fixed-length string from a variable-length string

Plaintext string
Dictionary: software matches the hash to those produced by ordinary words found in a dictionary (personal info)
Brute Force: software tries to match the hash against one of every possible combination it could be

Net +
flashcards
Decks in class (14)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions