Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

CIT292 Ch 6 and 7

CIT292 Network Security Chapters 6 and 7

MAC Flooding Method used to filter used to filter out which computers can access the wireless network; the WAP does this by consulting a list of MAC addresses that have been previously entered.
Failopen mode When switch broadcast data on all ports like hub
CAM table Content Addressable Memory table also known as a MAC address table that a switch builds associating ports with MAC addresses
Network Address Translation NAT, process of changing IP address while in transit across router, usually from a internal private address to a public address.
Static NAT When single private IP address translates to single public IP address. Also known as one-to-one mapping.
Port Address Translation PAT, like NAT, but translates both IP addresses and port numbers.
Demilitarized zone Area of network that houses servers that host info accessed by clients or other networks on the Internet. Example: web server, mail server
3-leg perimeter type of DMZ where a firewall has three legs that connect to the LAN, Internet, and DMZ
Back-to-back perimeter Type of DMZ where DMZ is located between the LAN and the Internet.
Network Access Control NAC, Sets the rules by which connections to network are governed.
Cloud computing Way of offering on-demand services that extend the capabilities of a computer or network
Software as a Service (SaaS) cloud computing service where users access applications over the Internet that are provided by a third party
Infrastructure as a Service (IaaS) Cloud computing service that offers computer networking, storage, load balancing, routing and VM hosting.
Platform as a Service (PaaS) Cloud computing service that provides various software solutions to organizations especially the ability to develop applications without the cost or administration of a physical platform.
VLAN hopping act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.
Wardialing act of searching for wireless networks by person in vehicle through the use of a device with a wireless antenna, often a particularly strong antenna.
TCP reset attack Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.
Implicit deny Denies all traffic to a resource unless users generating traffic are specifically granted access to the resource. For example, when a device denies all traffic unless rule is created to open port associated with type of traffic desired to be left in.
TCP/IP hijacking hacker takes over TCP/IP session between tow computers without the need of a cookie or any other type of host access.
Man-in-the-middle attack (MITM) form of eavesdropping that intercepts all data between client and server , relaying that information back and forth.
Cross-script scripting Type of vulnerability found in web applications used with session hijacking
Denial of Service (DoS) Broad term given to many types of attacks that attempt to make computer resources unavailable.
Ping flood Also known as ICMP flood attack, when attacker attempts to send many ICMP echo request packets (pings) to host in attempt to use up all available bandwidth.
Smurf attack type of DoS that sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network. The header of the ICMP echo requests will have a spoofed IP address. That IP address is the target of the attack. Every computer tha
Fraggle Type of DoS similar to Smurf attack, but traffic is UDP echo traffic as opposed to ICMP echo traffic
Permanent DoS attack Consists of attacker exploiting security flows in routers and other networking hardware by flashing the firmware of the device and replacing it with a modified image.
Ping of Death (POD) Type of DoS that sends an oversized and/or malformed packet to another computer.
Fork bomb Attack that works by creating a large number of processes quickly to saturate the available processing space in the computer’s operating system. Type of wabbit.
SYN flood type of DoS where an attacker sends a large amount of SYN request Packets to a server in an attempt to deny service.
Teardrop attack type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.
Distributed Denial of Service (DDoS) Attack in which group of compromised systems attack single target, causing DoS to occur at host. Usually zombies that are part of botnet.
Spoofing When attacker masquerades as another person by falsifying information
Phishing Criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
Replay attack Attack in which valid data transmission is maliciously or fraudulently repeated or delayed.
Nonce Random number generated by authentication protocol that can only be used once.
Null session When used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$)
Domain name kiting process of deleting domain name during 5 day grace period (AGP) and immediately reregistering for another 5 day period to keep domain name indefinitely and for free.
DNS poisoning Modification of name resolution information that should be in DNS server’s cache.
Pharming When attacker redirects one website’s traffic to another bogus and possibly malicious website by modifying a DNS server or hosts files.
ARP Poisoning Attack that exploits Ethernet networks that may enable attacker to sniff frames of info, modify the info, or stop it from reaching destination device
UDP flood attack Similar to Fraggle attack. Uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process.
Stateful packet inspection Type of packet inspection that keeps track of network connections by examining the header in each packet, also known as SPI
Firewall part of computer system or network designed to block unauthorized access while permitting authorized communications. Device configured to permit or deny applications, addresses, networks based on a set of rules.
Packet filtering As applied to firewalls, inspects each packet passing through the firewall and accepts or rejects based on rules. Two types include stateless and stateful.
Application-level gateway Applies security mechanisms to specific applications, such as FTP and/or BitTorrent. It support address and port translation and checks whether the type of application traffic is allowed.
Circuit-level gateway Works at the session layer of OSI Model and applies security mechanisms when TCP or UDP connection is established; act as go between for Transport and Application layers in TCP/IP.
Application firewall Firewall that can control the traffic associated with specific applications. Works up to the Application Layer of the OSI Model.
Implicit deny denies all traffic to resource unless users generating traffic are specifically granted access to the resource. For example when device denies all traffic unless rule is made to open port associated with type of traffic desired to be let through.
Explicit allow Administrator sets a rule that allows a specific type of traffic through a firewall, often with ACL
Explicit deny Administrator sets a rules that denies specific type of traffic through a firewall, often with a ACL.
Proxy server acts as intermediary for clients usually located on LAN and servers that they want to access that are usually located on the Internet.
IP Proxy Secures network by keeping machines behind it anonymous; it does this through use of NAT.
HTTP proxy Also known as web proxy, caches web pages from servers on the Internet for a set amount of time.
Internet content filter usually applied as software at Application layer and can filter out various types of Internet activities such as websites accessed, email, instant messaging, and more. Used to disallow access to inappropriate web material.
Honeypot Single computer but could also be file, group of files, area of unused IP address space used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network.
Honeynet One or more computers, servers, or area of network, used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network.
Network intrusion detection system (NIDS) Attempts to detect malicious traffic such as port scans and DoS attacks by constantly monitoring traffic.
Network intrusion prevention system (NIPS) Designed to inspect traffic, and based on configuration or security policy, the system can remove, detain, or redirect malicious traffic
False positive System authenticates user who should not be allowed access to system. For example when IDS/IPS blocks legitimate traffic on network.
False negative System denies user who should be allowed access to the system. For example when IDS/IPS fails to block attack thinking it is legitimate traffic
Access control list List of permissions attached to an object. Specifies what level of access a user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that apply to a list of network names, IP addresses, and port numbers.
Network perimeter border of computer network, commonly secured by devices such as firewalls and NIDS/NIPS solutions
Promiscuous mode In a NIC, this passes all traffic to the CPU, not just the frames addressed to it.
Created by: Leisac