Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

CIT292 Ch 8 and 9

CIT292 Network Security chapter 8 and 9 terms

Default account An account installed by default on a device or within an operating system with a default set of user credentials that are usually insecure
Privilege escalation The act of exploiting a bug or design flaw in a software or firmware application ot gain access to resources that normally would have been protected from an application or user.
Backdoors Used in computer programs to bypass normal authentication and other security mechanisms in place
Crosstalk When signal transmitted on one copper wire creates an undesired effect on another wire; the signal “bleeds” over, so to speak.
Data Emanation Electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversation or to steal data.
Vampire tape Device used to add computers to a 10BASE5 network. It pierces the copper conductor of a coax cable and can also be used for malicious purposes.
Wiretapping tapping into a network cable in an attempt to eavesdrop on a conversation or steal data.
Chromatic dispersion Refraction of light as in a rainbow. If light is refracted in such a manner on fiber optic cables, the signal cannot be read by the receiver.
Electromagnetic interference EMI A disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation.
Radio frequency interference Interference that can come from AM/FM transmissions and cell towers.
TEMPEST Refers to investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization.
Faraday cage Enclosure formed by conducting material or by a mesh of such material; it blocks out external static electricity fields and can stop emanations from cell phones and other devices with the cage from leaking out.
Butt set A device that looks similar to a phone but has alligator clips that can connect to the various terminals used by phone equipment, enabling a person to listen in to a conversation.
service set identifier SSID The name of a wireless access point or network to which network clients will connect; it is broadcast through the air.
Wired equivalent Privacy WEP A deprecated wireless network security standard, less secure that WPA.
Wi-Fi Protected Access WPA a security protocol created by the Wi-Fi Alliance to secure wireless computer networks, more secure that WEP.
Advanced encryption Standard AES Encryption standard used with WPA and WPA2. The successor to DES/3DES and is another symmetric key encryption standard composed of three different block ciphers: AES-128, AES-192, and AES-256
Temporal Key Integrity Protocol TKIP An algorithm used to secure wireless computer networks; meant as a replacement for WEP.
MAC Filtering Method used to filter out which computer can access the wireless network; the WAP does this by consulting a list of MAC addresses that have been previously entered.
AP isolation Each client connected to the AP will not be able to communicate with each other, but they can each still access the Internet.
Wardriving The act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna, often a particularly strong antenna.
IV attack Type of related-key attack, which is when an attacker observes the operation of a cipher using several different keys, find relationship between them and decipher the data.
Bluejacking the sending of unsolicited messages to Bluetooth enabled devices such as mobile phones and PDAs
Bluesnarfing The unauthorized access of information from a wireless device through a Bluetooth connection.
Identification When a person is in state of being identified. Can also be described as something that identifies a person such as an ID card.
Authentication When person’s identity is confirmed. Authentication is the verification of a person’s identity.
Authorization When user is granted access to specific resources when authentication is complete.
Identity proofing Initial validation of an identity.
Security tokens Physical devices given to authorized users to help with authentication. These devices might be attached to a keychain or are part of a card system.
Multifactor authentication When two or more types of authentication are used when dealing with user access control.
Biometrics Science of recongnizing humans based on one or more physical characteristics
802.1X Authentication Technology used to connect devices to a LAN or WLAN. Example of Port-based NAC
Mantrap an area between two doorways, meant to hold people until they are identified and authenticated.
Extensible Authentication Protocol EAP Not a authentication mechanism in itself but instead defines message formats. 802.1X would be the authentication mechanism and defines how EAP is encapsulated within messages.
Single sign-on SSO When a user can log in once but gain access to multiple systems without being asked to log in again.
False positive When a system authenticates a user who should not be allowed access to the system. For example, when a IDS/IPS blocks legitimate traffic from passing on to the network.
False negative When a system denies a user who actually should be allowed access to the system. For example, when a IDS/IPS fails to block an attack, thinking it is legitimate traffic.
False rejection When a biometric system fails to recognize an authorized person and doesn’t allow that person access.
Lightweight directory access protocol LDAP Application layer protocol used for accessing and modifying directory services data.
Kerberos Authentication protocol that enables computers to prove their identity to each other in a secure manner.
Mutual authentication When two computers, for example a client and a server, both verify each other’s identity.
Tickets Part of the authentication process used by Kerberos.
Challenge-Handshake Authentication Protocol (CHAP) An authentication scheme used by the Point-to-Point Protocol (PPP) that is the standard for dial-up connections.
Remote Access Service (RAS) a networking service that allows incoming connections form remote dial-in clients. It is also used with VPNs.
Virtual Private network VPN A connection between tow or more computers or devices that are not on the same private network.
Point-to-Point Tunneling Protocol (PPTP) A tunneling protocol used to support VPNs. Generally includes security mechanisms, and no additional software or protocols need to be loaded. A VPN device or server must have inbound port 1723 open to enable PPTP connections.
Layer 2 Tunneling Protocol (L2TP) A tunneling protocol used to connect virtual private networks. It does not include confidentiality or encryption on its own. It uses port 1701 and can be more secure than PPTP if used in conjunction with IPsec.
VPN concentrator A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN.
Remote Authentication Dial-In User Service (RADIUS) Used to provide centralized administration of dial-up, VPN, and wireless authentication.
Terminal Access Controller Access-Control System (TACACS) a remote authentication protocol similar to RADIUS used more often in UNIX networks.
Created by: Leisac