Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Stack #4685569
| Question | Answer |
|---|---|
| It works by manipulating a vulnerable website so that it returns malicious JavaScript to users. | Reflected XSS |
| It allows an attacker to circumvent the same-origin policy designed to segregate websites from each other. | Cross-site scripting (XSS) |
| It should not be used as the primary method of preventing XSS, SQL Injection, and other attacks but can reduce their impact if implemented properly. | Input Validation |
| It is a file-level computer data storage server connected to a network providing data access to heterogeneous clients. | Network-Attached Storage (NAS) |
| It arises when an application receives data from an untrusted source and includes it within later HTTP responses in an unsafe way. | Reflected Cross-Site Scripting |
| It is a concept in which multiple layers of security are used to defend assets. | Defense in Depth |
| It is a crypto processor that can be used to enhance security. | Hardware Security Module (HSM) |
| The process of making apps more secure by finding, fixing, and enhancing their security. | Application Security |
| It may include text, images, sounds, videos, and animations. | Web Content |
| These are composed of hosts, switches, storage elements, and storage devices interconnected using various technologies and protocols. | Storage Area Network (SAN) |
| A collection of devices, techniques, and best practices used to reduce vulnerabilities in applications, systems, infrastructure, and firmware. | Hardening |
| It enforces security policies to ensure the security of the system and its information. | Trusted Computing Base (TCB) |
| To prevent unauthorized access after an individual changes roles or departments, what should be implemented? | Permission Auditing and Review |
| These tools monitor user activity by collecting information from connected computers. | Auditing |
| It should include Microsoft's recommendations for configuring security settings. | Security Baseline |
| It defines a set of fundamental security objectives that any service or system must meet. | Security Baseline |
| A physical lock on a computer used for access control or anti-theft purposes. | Cable Lock |
| Software designed to prevent, detect, and remove malware from IT systems. | Anti-malware |
| These may be installed automatically or manually using editing tools or debuggers. | Patch |
| It records events occurring in an operating system, applications, or communications between users. | Logging |
| A collective noun referring to different types of data storage options. | Media |
| It standardizes computing functions into a universal set of rules and requirements for interoperability. | OSI Model |
| It delivers messages to the correct destination using the physical address in the incoming message. | Switch |
| It filters data packets traversing the network. | Firewall |
| A form of network security that detects and prevents identified threats. | Network-based Intrusion Prevention System (NIPS) |
| It monitors network traffic using sensors placed at key network locations such as DMZs and borders. | Network-based Intrusion Detection System (NIDS) |
| A basic operating system that runs on a network device such as a router or firewall. | Network Operating System (NOS) |
| Rules that specify how data is transmitted, commands used, and how transfers are confirmed. | Protocol |
| Logical network segments used to create separate broadcast domains. | Virtual LAN (VLAN) |
| A form of network security that detects and prevents identified threats. | Intrusion Prevention System (IPS) |
| Used to transfer files between computers on a network. | FTP |
| A firewall setup used to protect hosts on a network segment. | DMZ |
| Developed by Netscape in 1995 to ensure privacy, authentication, and data integrity in Internet communications. | SSL |
| Technology that uses encrypted tunnels to create secure connections across public networks. | Virtual Private Network (VPN) |
| A router device built specifically for creating and managing VPN infrastructures. | VPN Concentrator |
| A supporting protocol in the Internet Protocol suite. | ICMP |
| The first choice for businesses operating in industries with low privacy concerns. | Public Cloud |
| Resembles a private cloud, but differs in the set of users. | Community Cloud |
| A method used to modify network address information while traffic traverses a router or firewall. | Network Address Translation (NAT) |
| Available as standalone devices or firewall components. | Flood Guards |
| Maximum speed of 802.11ac. | 1 Gbps |
| Protects against flooding of the Ethernet switching table and is enabled on Layer 2 interfaces. | MAC Limiting |
| A network switch feature containing a mapping of device information to VLANs. | VLAN Management |
| Maximum speed of 802.11a. | 54 Mbps |
| Allows administrators to configure switch ports to permit only a specified number of MAC addresses. | Port Security |
| A security protocol designed to provide wireless LAN security comparable to wired LAN security. | WEP |
| The prevention of unauthorized access or breaches through wireless networks. | Wireless Security |
| Performs a specified action when BPDUs are not received on a non-designated port. | Loop Protection |
| Can provide security by segregating clients with unknown MAC addresses and integrating with ACLs. | VLAN Management |
| Targets state-changing requests rather than theft of data because the attacker cannot see the response. | Cross-Site Request Forgery (CSRF) |
| The process of making applications more secure by identifying and fixing vulnerabilities. | Application Security |
| The simplest form of cross-site scripting. | Reflected XSS |
| A specialized high-speed network providing block-level access to storage. | Storage Area Network (SAN) |
| A computer network that provides access to consolidated block-level data storage. | Storage Area Network (SAN) |
| An attack that forces a user to execute unwanted actions on a web application where they are authenticated. | Cross-Site Request Forgery (CSRF) |
| Often necessary to fix software problems discovered after release. | Patch Management |
| Ensures only properly formed data enters an information system. | Input Validation |
| Supplemental code used to update software. | Patch |
| Includes fixing security vulnerabilities and software bugs. | Patch |
| Implements security arrangements to ensure system and data security. | Trusted Computing Base (TCB) |
| A company wants to prevent specific applications from being used. What should be implemented? | Blacklisting |
| Detects spyware through rules-based methods or downloaded definition files. | Anti-spyware |
| May be permanent until patched again or temporary. | Patch |
| Forwards packets based on information in a routing table. | Router |
| OSI layer where end users and applications directly interact with software applications. | Application Layer |
| A standard set of rules allowing electronic devices to communicate. | Protocol |
| The term can also refer collectively to the press or news-reporting organizations. | Media |
| A device or software application that monitors networks for malicious activity or policy violations. | Intrusion Detection System (IDS) |
| Developed as an alternative to deploying multiple routers. | Virtual LAN (VLAN) |
| Can provide input, output, or both to a computer. | Device |
| Used mainly by network administrators and security personnel to monitor network operations. | Network Monitoring Systems |
| Method used to secure internal routing. | VPN |
| A strategy used to hide private network information while allowing traffic over a public network. | Network Address Translation (NAT) |
| Used to protect users from malicious web traffic, websites, and malware. | Web Security Gateway |
| A file transfer protocol similar to FTP but much more limited. | TFTP |
| Detects attacks by searching for known malicious patterns or signatures. | Signature-based Detection |
| An intrusion detection system that classifies activity as normal or abnormal. | Anomaly-based Detection |
| Especially suitable for companies seeking to safeguard mission-critical operations or handle changing requirements. | Hybrid Cloud |
| A suite of protocols providing security for Internet Protocol communications. | Internet Protocol Security (IPsec) |
| Maximum speed of 802.11b. | 11 Mbps |
| A Layer 2 traffic-control feature on Cisco Catalyst switches. | Port Security |
| Helps reduce diagnosis and resolution time while improving infrastructure management. | Log Analysis |
| Portable, inexpensive, and requires no obtrusive cabling connections. | Wireless Standards |
| A set of services and protocols that govern Wi-Fi and other data transmission networks. | Wireless Standards |
| Which wireless security protocol is the strongest? | WPA3 |
| Helps reduce issue diagnosis time and improve application and infrastructure management. | Log Analysis |
| Used to partition a network into smaller subnetworks or network segments. | Network Separation |
Created by:
kreiprie