2024-06-10T21:53:01+03:00[Europe/Moscow] en true Hardening, Secure Baselines, Least Functionality, Air Gap, SSH, Network Segmentation, Firmware, Wireless Networking, Ad Hoc Mode, Transmission Mode, WLAN, WMAN, Use, Don't use, RADIUS, PPSK, SAE, PFS, 802.11, Predictive site survey, Heat map, Wireless Access Point, SSID, Warstorming, Mobile Connectivity, RFID, NFC, WiFi, WUSB, 5G, UEM, COPE, COBO, Geofencing, Jailbreaking, Rooting, Sideloading, GPS Tagging, Secure Staging, DEV, TEST, STAGE, PROD, Immutability, SAST, DAST, Fuzzing, Threat Modeling, Survivability flashcards

Chapter 14

FOCUS MODULE

Customize
collection saved
Share
Long Term Learning Spaced Repetition
Add to Long Term Learning Desk
Fast learning Repeat this set of flashcards
Preview Test Spell
Play
Match
Review
  • Hardening
    The ongoing process of enhancing resiliency
  • Secure Baselines
    A predefined set of minimum-security configurations
  • Least Functionality
    The principle that systems and devices should be configured to provide only essential capabilities
  • Air Gap
    Disabling any untrusted connections
  • SSH
    Replacement for Telnet
  • Network Segmentation
    Divide the network into different parts
  • Firmware
    Low level machine software
  • Wireless Networking
    Connectivity through radio frequency transmissions
  • Ad Hoc Mode
    Wireless Peer-to-peer relationship
  • Transmission Mode
    Wireless Networks
  • WLAN
    Wireless Local Area Network
  • WMAN
    Wireless Metropolitan Area Network
  • Use
    WPA2, WPA3
  • Don't use
    WEP, WPA
  • RADIUS
    Provides AAA services to remote access clients
  • PPSK
    Personal Pre-shared Key
  • SAE
    provides forward frequency(PFS), better than PPSK.
  • PFS
    protects past sessions against future compromises
  • 802.11
    WLAN
  • Predictive site survey
    using software to model a WIFI network
  • Heat map
    visual representation of wireless coverage
  • Wireless Access Point
    Transmitter and receiver of wireless signals
  • SSID
    Code that indicates membership with an access point
  • Warstorming
    Using a drone and a WIFI equipped device to detect WIFI networks
  • Mobile Connectivity
    Facilitates portable (mobile) device communication
  • RFID
    Method of data collection using low power radio waves. Uses tags and readers
  • NFC
    Short-range wireless technology that requires close proximity. Utilized RFID. Ex: Apple Pay, photo sharing
  • WiFi
    Wireless Fidelity
  • WUSB
    Wireless Communication between USB devices and the host system
  • 5G
    Cellular network that uses aggregated frequency bands
  • UEM
    Unified Endpoint Management- MDM for IOT devices
  • COPE
    Company Issued, Personally Enabled
  • COBO
    Company Issued, Business Only
  • Geofencing
    Defining a virtual boundary
  • Jailbreaking
    Removing software restrictions imposed by the manufacturer
  • Rooting
    Gaining administrative access on an android device
  • Sideloading
    Installing applications from unauthorized sources
  • GPS Tagging
    Reveal location, movements, and activities
  • Secure Staging
    Process of planning, scheduling, and controlling the movement of developed or acquired code
  • DEV
    Code Development
  • TEST
    Code merging, checking quality, bug analysis
  • STAGE
    Ensure product performs like it should. Mirrors the production environment
  • PROD
    live environment
  • Immutability
    "known good state". Principle of using automatron to replace rather than fix.
  • SAST
    Static (Source Code) Application Security Testing
  • DAST
    Dynamic (Runtime) Application Security Testing
  • Fuzzing
    inputting invalid, unexpected, or semirandom data
  • Threat Modeling
    Used to anticipate the threats to which the software will be subjected and the attack surface could be exploited
  • Survivability
    applications ability to survive an attack