Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how



What is penetration testing? A security professional performs an attack on a network with permission from the owner to discover vulnerabilities; penetration testers are also called ethical hackers
What are two models of penetration testing? • Two main penetrating tools are the white box and black box. There is also a hybrid version of the two models, which is the grey box.
What is footprinting? Footprinting is to find information on company’s network and is passive and nonintrusive.
What are some footprinting tools? Whois, Namedroppers, and Google. Five methods including: Web site searching, Email, URL, Cookies.
what is port scanning? a method of finding out which services a host computer offers
What is enumeration? The process of connecting to a system and obtaining information such as logon names, passwords, group membership, and shared resources. Process of extracting information, User names, Passwords, Shared resources
Windows Enumeration tools? -Backtrack Smb4K tool -DumpSec: –Produced by Foundstone, Inc. -Allows user to connect to a server and “dump”: –Permissions for shares, Permissions for printers, Permissions for the Registry, Users in column or table format,Policies, Rights, Servic
nix enumeration tools? Finger utility, Most popular enumeration tool for security testers, Finds out who is logged in to a *nix system, Determines who was running a process, Nessus
Netware enumeration tools? NetWare 5.1 –Still used on many networks -New vulnerabilities are discovered daily –Vigilantly check vendor and security sites
Windows OS vulnerabilities? Windows 2000 and earlier •Administrators must disable, reconfigure, or uninstall services and features –Windows XP, Vista, Server 2003, Server 2008, and Windows 7 •Most services and features are disabled by default
Tools for identifying OS vulnerabilities? Using more than one is advisable •Using several tools –Helps pinpoint problems more accurately
Method for hardening windows? Penetration tester –Finds and reports vulnerabilities •Security tester –Finds vulnerabilities –Gives recommendations for correcting them
Linux OS vulnerabilities? Linux can be made more secure –Awareness of vulnerabilities –Keep current on new releases and fixes Many versions are available –Differences ranging from slight to major
Tools for identifying Linux OS vulnerabilities? •Identify a computer on the network by using port scanning and zone transfers •Identify the OS by conducting port scanning and enumeration •Identify via enumeration any logon accounts and passwords •Learn names of shared folders by using enumeration
What is embedded OS? Small program developed for embedded systems •Stripped-down version of OS commonly used on general-purpose computers •Designed to be small and efficient
Windows Embedded OS example? Windows Embedded Standard, code-named Quebec Windows Embedded Enterprise
Other Embedded OS example and *Nix Embedded OS? –Monolithic OS •Used in industrial, medical, and consumer items –Supports widest variety of hardware –Allows adding features •Dynamic kernel modules•Real Time Linux (RTLinux) –OS microkernel extension –Turns “regular” Linux into an RTOS
Vulnerabilities of Embedded OS? •Impact of attacks have become more serious 22. –Embedded OSs are no exception 23. •Easiest way to profit from hacking 24. –Attack devices that store and dispense cash (e.g., ATMs) 25. •Involves use of card skimmers or stealing the machines
Web application mainly types and mainly components? •Static Web pages –Created using HTML •Same information regardless of time or user 4•Dynamic Web pages –Information varies –Need special components •Common Gateway Interface (CGI) •Active Server Pages (ASP) and PHP •ColdFusion and JavaScript
Web application vulnerabilities? Cross-site scripting (XSS) flaws –Injection flaws and malicious file execution –Unsecured direct object reference –Cross-site request forgery (CSRF) –Information leakage and incorrect error handling –Broken authentication and session management
Web application vulnerabilities countermeasures? Open Web Application Security Project (OWASP) –Finds and fights Web application vulnerabilities –Publishes Ten Most Critical Web Application Security Vulnerabilities •Built into Payment Card Industry (PCI) Data Security Standard
How to assess the web with questions? –Does the Web application use dynamic Web pages? –Does the Web application connect to a back-end database server? –Does the Web application require authentication of the user? –On what platform was the Web application developed?
Web application assessing Wfetch? •GUI tool that queries status of Web server •Multiple HTTP methods •Configuration of hostname and TCP port •HTTP 1.0 and HTTP 1.1 support •Anonymous, Basic, NTLM, Kerberos, Digest, and Negotiate authentication types
Web application assessing Wapiti? Web application vulnerability scanner –Uses a black box approach •Doesn’t inspect code –Inspects by searching from outside •Ways to take advantage of XSS, SQL, PHP, JSP, and file-handling vulnerabilities
Understanding wireless network technology and standard? •Standard –Set of rules formulated by an organization •Institute of Electrical and Electronics Engineers –Defines several standards for wireless networks •IEEE Project 802: LAN and WAN standards
802.1X authentication method? Defines process of authenticating and authorizing users on a WLAN –Addresses concerns with authentication –Point-to-Point Protocol (PPP) –Extensible Authentication Protocol (EAP) –Wired Equivalent Privacy (WEP) –Wi-Fi Protected Access (WPA)
Created by: srhiggins