Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Security+
Study for Security+ exam
| Term | Definition |
|---|---|
| Active Inception | placing a computer between sender and receiver with hope of capturing and possibly modifying information |
| Zombie | Individual compromised computer in a botnet |
| Worm | Code that runs on a computer without the user's knowledge; a worm replicates whereas a virus does not |
| Virus | Code that runs on a computer without the user's knowledge; it infects the computer when the code is accessed or executed |
| Typosquatting | URL Hijacking; method used by attackers that take advantage of user typos when accessing websites |
| Trojan Horse | Application that appears to perform desired functions but is performing malicious functions behind the scenes |
| Time bomb | Trojan programmed to set off on a certain date |
| Threat Vector | Method a threat uses to gain access to a target computer |
| Spyware | Malicious software either downloaded from a website or installed along with other third--party software |
| Spam | Abuse of electronic messaging systems: email, broadcast media, and instant messaging |
| Rootkit | Type of software designed to gain administrator level control over a computer system without being detected |
| Ransomware | Type of malware that restricts access to a computer system and demands a ransom be paid to restore access |
| Remote Access Trojan | Type of Trojan used to gain back-end access to a server taking control of it often for malicious purposes |
| Privilege Escalation | The act of exploiting a bug or design flaw in a software or firmware application to gain access to resources that would have been protected from an application or user |
| Open Mail Relay | known as SMTP open relay' enables anyone on the internet to send email through an SMTP server |
| Malware | Software designed to infiltrate a computer system and possibly damage it without the user's knowledge or consent |
| Logic bomb | Code that has been inserted into software; meant to initiate some type of malicious function when specific criteria are met |
| Grayware | General term used to describe applications that are behaving improperly but without serious consequences; often describes types of spyware |
| Botnet | Group of compromised computers used to distribute malware across the internet; the members are referred to as "Bots" and are usually zombies |
| Backdoors | used in computer programs to bypass normal authentication and other security mechanisms in place |
| Attack Vector | Path or means by which an attacker gains access to a computer |
| Adware | Type of spyware that pops up advertisements based on what it has learned about the user |
| Advanced Persistent Threat (APT) | Set of computer attacking processes that targets private organizations or nation states. Also refers to a group that persistently targets a specific entity |
| Defense In Depth | Building up and layering security measures that protect data from inception on through storage and network transfer and lastly to final disposal |
| Hacktivist | An attacker who has an agenda that may or may not be benign |
| Non-Repudiation | The idea of ensuring that a person or group cannot refute the validity of your proof against them |
| Organized Crime | Criminal enterprise run by well-funded and sophisticated people motivated mainly by money using computer systems and hacking techniques to gain access to company information and secrets |
| Script Kiddie | An individual with little technical skill that reuses code and scripts that are freely available on the internet |
| Ad Filtering | Ways of blocking and filtering out unwanted advertisements; pop-up blockers and content filters are considered to be ad filtering methods |
| Application Blacklisting | A method of disallowing one or more applications from use |
| Application Whitelisting | Method of restricting users to specific applications |
| Attestation | The act of verifying whether a process is secure; example: secure boot process for UEFI-based system |
| Bluejacking | Sending unsolicited messages to Bluetooth enabled devices such as mobile phones and tablets |
| Bluesnarfing | Unauthorized access of information from a wireless device through a Bluetooth connection |
| Content Filters | Individual computer programs that block external files that use JavaScript or images from loading into a browser |
| Hardware Security Module | Physical device that deals with the encryption of authentication processes, digital signings, and payment processes |
| Measured Boot | Takes measurements of the secure boot process, signs those results with a TPM, and reports those measurements to a trusted third-party such as a remote attestation service |
| High Availability | When a system or component is continuously operational for an extended period of time. Component should have 9939% uptime or higher |
| Host-based Intrusion Detection System (HIDS) | Type of system loaded on an individual computer that analyzes and monitors what happens inside the computer - if any changes have been made to file integrity |
| Mobile Device Management - MDM | A centralized software solution that allows for the control and configuration of mobile devices |
| Personal Firewall | An application that protects an individual computer from unwanted internet traffic' it does so by way of a set of rules and policies |
| Pop-up blocker | An application or add-on to a web browser that blocks pop-up windows that usually contain advertisements |
| Removable Media Controls | Security controls put in place to protect the data residing on USB flash drives and other removable media and to protect the systems they connect to |
| Root of Trust (RoT) | Set of code and functions usually embedded into a trusted platform module (TPM) that allows or denies tasks such as booting and drive encryption |
| Self-encrypting Drive (SED) | Hard drives that encrypt all of the contents held within using encryption keys that are maintained independently from the CPU of the housing computer |
| Sideloading | The loading of 3rd party apps from a location outside of the official location store for that device. direct internet connection, connecting to a second mobile device via USB OTG or Bluetooth, or copying apps directly from microSD card |
| Storage Segmentation | A clear separation of organizational and personal information, applications, and other content |
| Transitive Trust | When two or more networks have a relationship where users from one network can gain access to resources on the other |
| Application containerization | A virtualization method that allows an organization to run applications without launching an entire virtual machine. Also known as "Containerization" |
| Baselining | The process of measuring changes in networking, hardware, software, and so on. |
| Group Policy | Used in Microsoft environments to govern user and computer accounts through a set of rules |
| Hardening | The act of configuring an OS securely, updating it, creating rules and policies to help govern the system in a secure manner removing unnecessary applications and services |
| Hotfix | Defined as a patch to an individual OS or application to fix a single problem installed live while the system was up & running without necessary reboot |
| Hypervisor | Portion of virtual machine software that allows multiple virtual operating systems to run at the same time on a single computer |
| Least Functionality | When a computer is configured to only allow required functions, applications, services, ports, and protocols |
| Patch Management | The planning, testing implementing, and auditing of patches |
| Security Template | Groups of policies that can be loaded in one procedure |
| Trusted Operating System (TOS) | A system that adheres to criteria for multilevel security and meets government regulations |
| Virtual machine (VM) | An operating system or application created by virtual machine software that runs within a hosting operating system |
| Virtual Machine Escape | When a user or malware is able to break out of a VM's isolation and gain access to the hosting computer |
| Virtualization | The creation of a virtual memory entity, as opposed to a true or actual entity |
| Virtualization Sprawl | Also known as VM Sprawl, when there are too many VM's for an administrator to manage effectively |
| Flood Attack | Attacker sends many packets to a single server or other host in an attempt to disable it |
| Ping Flood | Known as ICMP Flood Attack. When an attacker attempts to send many ICMP echo request packets to a host in an attempt to use up all available bandwidth |
| Smurf Attack | Attacking computer broadcasts ICMP echo request to every computer on its network or subnetwork |
| Fraggle | Traffic sent is UDP echo's - traffic directed to port 7 (echo) and port 19 (Character Generator) |
| Sync Flood | Known as Sync Attack. occurs when attacker sends large amount of SNN request packets to server in an attempt to deny service |
| Xmas Attack | Christmas Tree Attack or TCP Xmas scan attack - can deny service to routers and other devices or cause them to reboot - based on Christmas Tree packet |
| Ping of Death (POD) attack | Attack that sends oversized and malformed packets to another computer |
| Teardrop Attack | Sends mangled IP fragments with overlapping and oversized payloads to target machine - can crash and reboot various OS due to bug in TCP/IP fragmentation reassembly code |
| Permanent DoS Attack | Consists of an attacker exploiting security flaws in routers and other networking hardware by flashing the firmware of the device and replacing it with modified image |
| Fork Bomb | Works by creating large number of processes to saturate the available processing space in a computer's Operating System - Running processes can be forked to create other running processes - not considered virus or worm - rabbit malware |
| DNS Amplification Attack | Generate high volume of packets intended to flood a target website - Attacker relies on reflection- responses not sent back to attacker but sent back to victim server |
| DNS Sinkhole | Is a DNS server that can be configured to hand out false information to bots and can detect and block malicious traffic by redirecting it to non-routable addresses |
| DNS Blackhole | Can be used to identify domains used by spammers, domains that contain malware, and block traffic to those domains - can be remotely triggered (RTBH) |
| Spoofing | Attack is when attacker masquerades as another person by falsifying information |
| Session theft | Accomplished by making use of packet header manipulation or by stealing a cookie from the client computer which authenticates the client computer to a server - done at application layer (Layer 7) |
| TCP/IP Hijacking | When attacker takes over TCP session between two computers without the need of a cookie or any other type of host |
| Blind Hijacking | When attacker blindly injects data into a data stream without being able to see whether the injection was successful - could be attempting to create new admin acct |
| Clickjacking | When user browsing web is tricked into clicking something different that what the user thought he/she was clicking - implemented as a concealed link - embedded code or script on website that executes when user clicks element |
| Man-In-The-Browser | Makes use of Trojan that infects a vulnerable web browser and modifies web pages and online transactions in attempt to steak data or money |
| Man-In-The-Middle | intercept all data between a client and server - type of active inception |
| Watering Hole Attack | When attacker profiles the websites that the intended victim accesses - Attacker scans those websites for vulnerabilities |
Created by:
Security Engineer