Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

SecurityCHPT7

terms

QuestionAnswer
ip protocol that functions primarily at the open systems interconnection network layer,three, to provide addressing and routing
tcp main transport layer four protocol that is responsible for establishing connections and the reliable data transport between devices
ip responsible for addressing packets and sending them on the correct route to the destination
tcp responsible for reliable packet transmission
tcp ip uses its own four layer architecture that includes network interface
tcp ip uses its own four layer architecture that includes internet
tcp ip uses its own four layer architecture that includes transport
tcp ip uses its own four layer architecture that includes application
basic tcp/ip protocols are internet message control protocol
basic tcp/ip protocols are simple network management protocol
basic tcp/ip protocols are domain name system
basic tcp/ip protocols are file transfer protocol
icmp is used by devices to communicate updates or error information to other devices
icmp is also used to relay query messages
icmp message contains three fields type eight bit
icmp message contains three fields code eight bit
icmp message contains three fields checksum sixteen bit
icmp eight bit TYPE field identifies the general category of the message
icmp eight bit CODE field gives specific additional information regarding the type field
icmp sixteen bit CHECKSUM field used to verify the integrity of the message
several types of icmp attacks network discovery
several types of icmp attacks smurf DoS attack
several types of icmp attacks ping of death
several types of icmp attacks icmp redirect attack
popular protocol used to manage network equipment simple network management protocol
snmp allows network administrators to remotely monitor, manage,and configure devices on the network
type of community string read only
community string like a user id or password that allows access to a router's or other device's statistics.
type of community string read-write
read only string allow information from the agent to be viewed
read write string allows settings on the device to be changed
SNMPv1 uses a simple authentication scheme to determine which Simple Network Management Protocol (SNMP) manager stations can access its Management Information Base (MIB) variables.
domain name system tcp/ip protocol
domain name system resolves,maps,an ip address with its equivalent symbolic name
dns a database of the name os each site on the internet with its corresponding ip number
dns poisoning substitutes addresses so that the computer is automatically redirected to another device
dnssec domain name system security extensions
dnssec uses advanced measures to determine the authenticity of data
dns transfer an atatckers asks the valid dns server for a zone transfer
zone transfer the term used to refer to the process by which the contents of a DNS Zone file are copied from a primary DNS server to a secondary DNS server.
tcp/ip protocols used for transferring files ftp
tcp/ip protocols used for transferring files secure copy protocol
methods for using ftp on a local host computer command prompt
methods for using ftp on a local host computer web browser
methods for using ftp on a local host computer ftp client
unsecure tcp/ip protocol ftp
ftp active mode client initiates a session to a server by opening a command channel connection to the servers tcp port number twebty one
port 21 control port
port 20 data port
ftp passive mode the client initiates the data channel connection,instead of using the port command the client sends a pasv command on the command channel
options for securing transmissions over file transfer protocol ftps
options for securing transmissions over file transfer protocol sftp
ftps combination of file transfer protocol and secure sockets layer/transport layer security
secure ftp an entire protocol and is not pieced togetehr with multiple parts
sftp uses a single tcp port instead of two ports
sftp encrypts and compresses all data and commands
scp secure copy protocol
scp enhanced version of remote copy protocol
scp encrypts files and commands
scp found mainly on unix and linux platforms
one way to understand the difference between ipv4 and ipv6 compare the structure of their headers
rule based management approach process of administration that relies on following procedural and technical rules
procedural rules authoritative and prescribed direction for conduct
technical rules
device security includes establishing a secure router configuration,
device security includes implementing flood guards
device security includes analyzing device logs
basic secure router configuration tasks create a design
basic secure router configuration tasks use a meaningful router name
basic secure router configuration tasks secure all ports
basic secure router configuration tasks strong password
basic secure router configuration tasks make changes from the console
one of the most important appliances on a network router
one of the most dreaded attacks denial of service
one of the most dreaded attacks distributed denial of service
type of dos attack syn flood attack
syn flood attack takes advantages of the procedures for initiating a session
denial of service attack
flood guard defense against a dos and ddos syn flood attack
flood guard controls a devices tolerance for unanswered service requests
flood guards are found on firewalls
flood guards are found on intrusion detection systems
flood guards are found on intrusion prevention systems
types of security hardware logs network intrusion detection system
types of security hardware logs network intrusion prevention system
types of security hardware logs domain name system
types of security hardware logs proxy server
types of security hardware logs firewall
items that should be examined in a firewall log ip addresses that are rejected or dropped
items that should be examined in a firewall log probes to ports that have no applications running on them
items that should be examined in a firewall log source routed packets
items that should be examined in a firewall log suspicious outbound connections
items that should be examined in a firewall log unsuccessful logins
network separation principle of design network management
loop protection can easily move a server's Ethernet connectivity profile without help from the network administrator
vlan management
switching loop occurs in computer networks when there is more than one Layer 2 (OSI model) path between two endpoints (e.g. multiple connections between two network switches or two ports on the same switch connected to each other
broadcast storm occurs when a network system is overwhelmed by continuous multicast or broadcast traffic
spanning tree algorithim can determine that a switch has multiple ways to communicate with a host and then determine the best path while blocking out other paths
vlan allows scattered users to be logically grouped together even though they may be attached to different switches
vlan reduces network traffic and provides a degree of security
one way to provide network separation physically seperate users by connecting them to different switches and routers
steps in port security disabling unused ports
steps in port security using mac limiting and filtering
steps in port security IEEE 802.1x
disabling unused ports turn of ports that are not required on a network device
mac limiting and filtering this enables only a single authorized host to connect thru that port
mac limiting and filtering configuration options static
mac limiting and filtering configuration options dynamic
mac limiting and filtering configuration options sticky
static mac addresses manually entered and stored on the device
dynamic mac addresses are automatically learned and stored,when the switch restarts the settings are erased
sticky mac addresses are automatically learned and stored along with any addresses that were learned prior to using the sticky configuration,if config is disabled then the addresses are kept in memory yet removed from table
ieee 802.1x blocks all traffic on a port by port basis until the client is authenticated using credentials stored on an authentication serever
ieee 802.1x prevents an authenticated device from receiving any network traffic until its identity can be verified
ieee 802.1x strictly limits access to the device that provides the authentication to prevent atatckers from reaching it
virtualization means of manageing and presenting computer resources by function without regard to their physical layout or location
operating system virtualization an entire operating system is virtualized
virtual machine is simulated as a self contained software environment by the host system
host system the native operating system to the hardware
guest system a foreign virtual operating system
hypervisor software that runs on a physical computer to manage one or more virtual machine systems
security advantages to hosts running virtualization host operating system virtualization can be used for training purposes
server virtualization creating and manageing multiple server operating systems
virtualization security tool features basic protection
virtualization security tool features restrict changes
virtualization security tool features auditing
virtualization security tool features compliance
virtualization security tool features customization
virtualization security tool features reporting
security advantages to hosts running virtualization penetration testing can be performed using a simulated network environment on a pc using multiple virtual machines
security advantages to hosts running virtualization the latest patches can be downloaded and run rather then doing it on a production pc
server virtualization advantages reducing costs
server virtualization advantages beneficial in providing uninterrupted server access to users
live migration technology enables a virtual machine to be moved to a different physical pc with no impact on users
ip telephony using a data based op network to add digital voice clients and new voice applications onto the ip network
multiplexed combining various services such as voice,video,and data
ip telephony benefits cost savings
ip telephony benefits management
ip telephony benefits application development
ip telephony benefits infrastructure requirements
ip telephony vulnerabilities operating systems
ip telephony vulnerabilities voip protocols
ip telephony vulnerabilities lack of encryption
ip telephony vulnerabilities network acknowledgement
ip telephony vulnerabilities spam
cloud computing pay per use computing model in which customers pay only for the computing resources they need
cloud computing model for enabling convenient ,on demand network access to a shared pool of networks,servers,storage ,applications and services
cloud computing characteristics on demand self service
cloud computing characteristics universal client support
cloud computing characteristics immediate elasticity
cloud computing characteristics metered service
cloud computing has three service models cloud software as a service Saas
cloud computing has three service models cloud platform as a service PaaS
cloud computing has three service models cloud infrastructure as a service IaaS
IaaS allows the customer to deply and run the customers own software
PaaS the consumer can install and run their own specialized applications on the cloud computing network
SaaS applications do not require any installation,configuration,upgrading or user management
Created by: cgeaski