Flashcards: more terms 5

relies upon using a certificate-based authentication mechanism

Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication

RADIUS

classified as symmetric

prevents unauthorized users from connecting to a network

restrict access from external sources and block known attacks. They would not keep out an intruder who is already in range of the wireless network.

limit the access that an intruder has to network resources but would not block the connection itself

technique used to learn information about a computer system on a network and the services running on its open ports such as software version (Apache 2.0.46) and the type of operating system (Red Hat Linux)

fire extinguishing system that is commonly used in data centers and server rooms to protect the servers from fire

determine the way people act

how some thing is accessed or operated

subject do something because that is the way they were told or ordered to do it

email authentication method designed to detect forging sender addresses during the delivery of the email

type of network traffic filter that can control incoming or outgoing traffic.alone would not have prevented malware was introduced into the company’s network through a remote workstation that was connected to the company’s servers over a VPN connection

computer security that attempts to unify endpoint security technology (such as anti-virus, host intrusion prevention, and vulnerability assessment), the user or system authentication, and network security enforcement.

rather than physical destruction

standard nomenclature for describing security-related software flaws

solution that provides real-time or near-real-time analysis of security alerts generated by network hardware and applications

computer-based system for gathering and analyzing real-time data to monitor and control equipment

Require data at rest encryption on all endpoints

allows an administrator to create a policy and deploy it across a large number of devices in the domain or network

occurs when an attacker sends a ping to a subnet broadcast address and devices reply to spoofed IP (victim server), using up bandwidth and processing power. This image is a graphical depiction of this type of attack

port 445

Provides detailed information about network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

Common Use Cases:

View active connections: Lists all active TCP connections and their states.

Network interface statistics: Displays statistics for network interfaces.

Routing tables: Shows the routing table information.

Listening ports: Lists all ports on which the computer is listening.

Network protocol statistics: Provides statistics for network protocols like TCP, UDP, ICMP, etc.

Purpose: Provides information about the IP configuration of a machine's network interfaces and allows for limited configuration changes.

Aircrack-ng

vulnerability scanner

hosts.ini

fraudulent practice of directing Internet users to a bogus website that mimics the appearance of a legitimate one in order to obtain personal information such as user passwords, account numbers, and other confidential data

biometric authentication factors uses an infrared light that is shone into the eye to identify the pattern of blood vessels

Diamond Model of Intrusion Analysis

graphical representation of an attacker's behavior

ifconfig

ipconfig