Network Security, Attacks and Firewalls

Question 1

bastion host

Answer 1

A single point of contact between the Internet and a private network.

Question 2

blacklist

Answer 2

A list of IP addresses, URLs, keywords, or other items that are disallowed. When a blacklist is used, everything not on the blacklist is allowed. This is sometimes called a deny list.

Question 3

circuit level gateway firewall

Answer 3

A firewall that authenticates each user before granting access.

Question 4

DMZ

Answer 4

Demilitarized Zone, a firewall type that consists of two firewalls with an intermediate zone between them.

Question 5

DoS

Answer 5

Denial of Service, an attack that prevents legitimate users from accessing a resource.

Question 6

dual-homed host

Answer 6

A type of firewall that literally has two NICs.

Question 7

firewall

Answer 7

A barrier between the network and the outside world.

Question 8

open source

Answer 8

Software where the source code itself is freely available to the public.

Question 9

operating system hardening

Answer 9

The process of securing an individual operating system. This includes proper configuration and applying patches.

Question 10

packet filter firewall

Answer 10

A firewall that scans incoming packets and either allows them to pass or rejects them.

Question 11

packet sniffer

Answer 11

Software that intercepts packets and copies their contents.

Question 12

proxy server

Answer 12

A device that hides your internal network form the outside world.

Question 13

screened host

Answer 13

A combination of firewalls; in this configuration, you use a combination of bastion host and a screening router.

Question 14

whitelist

Answer 14

A list of IP addresses, URLs, characters, and so on that are allowed. When a whitelist is used, only those items on the whitelist are allowed; everything else is blocked. This is sometimes called an allow list.

Question 15

access control

Answer 15

The process of limiting access to some resource only to authorized users, programs, or systems.

Question 16

auditing

Answer 16

A check of a system’s security, usually including a review of documents, procedures, and system configurations.

Question 17

authenticate

Answer 17

The process of verifying that a user is authorized to access some resource.

Question 18

binary numbers

Answer 18

Numbers that use the base 2 number system.

Question 19

black hat hacker

Answer 19

A hacker with a malicious purpose, synonymous cracker.

Question 20

blocking

Answer 20

The act of preventing transmissions of some type.

Question 21

breach

Answer 21

To successfully break into a system (e.g., “to breach the security”).

Question 22

buffer overflow

Answer 22

An attack that seeks to overwrite a memory buffer with more data that it is designed to hold.

Question 23

dynamic security approach

Answer 23

An approach to security that is proactive rather than reactive.

Question 24

ethical hacker

Answer 24

One who hacks into systems in order to accomplish some goal that he or she feels is ethically valid.

Question 25

layered security approach

Answer 25

A security approach that also secures the internal components of the network, not just the perimeter.

Question 26

malware

Answer 26

Any software that has malicious purpose such as a virus or Trojan horse.

Question 27

NIC

Answer 27

Network interface card

Question 28

Non-repudiation

Answer 28

The process of verifying a connection so that neither party can later deny, or repudiate, the transaction.

Question 29

passive security approach

Answer 29

An approach to security that awaits some incident to react to, rather than being proactive.

Question 30

perimeter security approach

Answer 30

A security approach that is concerned only with securing the perimeter of a network.

Question 31

phreaker

Answer 31

Someone who hacks into phone systems.

Question 32

phreaking

Answer 32

The process of hacking into a phone system.

Question 33

script kiddie

Answer 33

A slang term for an unskilled person who purports to be a skilled hacker.

Question 34

sneaker

Answer 34

Someone who is attempting to compromise a system in order to assess its vulnerability. This term is almost never used today; instead the term penetration tester or ethical hacker is used.

Question 35

social engineering

Answer 35

The use of persuasion on human users in order to gain information required to access a system.

Question 36

spyware

Answer 36

Software that monitors computer use.

Question 37

war-dialing

Answer 37

Dialing phones waiting for a computer to pick up, usually done via some automated system.

Question 38

war-driving

Answer 38

Driving and scanning for wireless networks that can be compromised.

Question 39

white hat hacker

Answer 39

A hacker who does not break the law, often synonymous with ethical hacker.

Question 40

grey hat hacker

Answer 40

A hacker whose activities are normally legal but occasionally delves into activities that may not be legal or ethical.

Question 41

key logger

Answer 41

Software that logs key strokes on a computer.

Question 42

code

Answer 42

The source code for a program, or the act of programming, as in "to code an algorithm."

Question 43

DDoS

Answer 43

Distributed denial of service, a DoS attack launched from multiple sources.

Question 44

distributed reflection denial of service

Answer 44

A specialized type of DDoS that uses Internet routers to perform the attack.

Question 45

ICMP packets

Answer 45

Network packets often used in utilities such as Ping and Tracert.

Question 46

IP spoofing

Answer 46

Making packets seem to some from a different IP address that they really originated from.

Question 47

object

Answer 47

In reference to computer security models, an object is any file, device, or part of the system a user wishes to access.

Question 48

Ping of Death

Answer 48

A DoS attack that sends a malformed ping packet hoping to cause the target machine to error out.

Question 49

RST cookie

Answer 49

A simple method for alleviating the danger of certain types of DoS attacks.

Question 50

session hacking

Answer 50

The process of taking over the session between a client and a server in order to gain access to the server.

Question 51

Slammer

Answer 51

A famous Internet worm.

Question 52

Smurf attack

Answer 52

A specific type of DoS attack that used broadcast packets sent to a router on the target network.

Question 53

sniffer

Answer 53

A program that captures data as it travels across a network. Also called a packet sniffer.

Question 54

spoofing

Answer 54

Pretending to be something else, as when a packet might spoof another return IP address (as in the Smurf attack) or when a website is spoofing a well-known e-commerce site.

Question 55

stack tweaking

Answer 55

A complex method for protecting a system against DoS attacks. This method involves reconfiguring the operating system to handle connections differently.

Question 56

stateful packet inspection

Answer 56

A type of firewall that not only examines packets but also knows the context within which the packet was sent.

Question 57

SYN cookie

Answer 57

A method for ameliorating the dangers of SYN floods.

Question 58

SYN flood

Answer 58

Sending a stream of SYN packets (requests for connection) and then never responding, thus leaving the connection half open.

Question 59

Trin00

Answer 59

A tool used to execute DDoS attacks.

Question 60

Trojan horse

Answer 60

Software that appears to have a valid and benign purpose but really has another, nefarious purpose.