Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
221 Cards in this Set
- Front
- Back
Hacker
|
a person who uses digital devises to gain unauthorised access to digital systems or devices for malicious intent HIGH RISK |
|
Script Kiddie |
person who uses existing computer scripts ad codes to hack into digital devices,computer systems – lacking the expertise to write their own - without authorisation - can be malicious |
|
Hobbyiest hackers |
are computer hobbiest who like to push the boundaries of software andhardware. More just playful exploration hacking of programming. |
|
Disgruntled Employee |
employees with a grudge or have a problem with the employment or conditions and cause damage to computer systems or data with malicious intent |
|
Security Softie |
limited knowledge of security – allows family to use work computer at Home |
|
Gadget Geek |
people that come to work with many devices and able to connect into companycomputer systems |
|
The Squatter |
those who use the company computer systems to store data or play games on |
|
The Saboteur |
small group who able to maliciously able to hack into the areas os the IT system towhich they shouldn’t have access or infect the network purposely from within. |
|
Insider aiding others |
employees with the security clearance to pass knowledge or able to approve access tot a secure facility |
|
Hacktivist |
is the subversive use of computers and computer networks to promote a political agenda. Withroots in hacker culture and hacker ethics its ends are often related to the free speech, human rights, orfreedom of information movements. |
|
Industrial Espionage |
conducted for commercial purposes instead of purely national security |
|
Economic espionage |
is conducted and orchestrated by governments and its international in scope |
|
Industrial and corporate espionage |
is more often national and occurs between companies or corporations |
|
Foreign Espionage |
Most governments rely on a range of information being gathered to guide their decisions. This is not the same as espionage.Espionage is the process of obtaining information that is not normally publicly available, using human sources (agents) or technical means (like hacking into computer systems). lt may also involve seeking to influence decision-makers and opinion-formers to benefit the interests of a foreign power.
|
|
Terrorist - using computers on the internet |
is the act of Internet terrorism in terrorist activities, including acts of deliberate, large-scaledisruption of computer networks, especially of personal computers attached to the Internet, by the meansof tools such as computer viruses - can use the internet to recruit unaware or vulnerable people into their way of thinking |
|
State sponsored attack |
one nation targeting another via the internet able to gain access into the computersystems of a governments, electrical power grid, water treatment plants or eve nuclear systems i.e, stuxnetmalware highly advanced and specifically targeting the centrifuges used in the enrichment of uranium. -Ideally to disrupt the access of countries on the web or to organisation in another country. |
|
White hats |
Computer security specialist who ethically (with permission from the head of thecompany/organisation) uses skills and computer programs and techniques to find vulnerabilities incomputer systems and networks so that companies can apply patches and fixes to programs,computer systems and networks. To stop threats and vulnerabilities from being applied anddisrupting business. o Like black hats can use the same techniques but with the intent not to be malicious.o Also known as an ethical hacker. |
|
Black Hat |
attempts to break into the computer programs/systems/networks eithersteal data, do malicious harm to the data, apply techniques to the systems so that the businesscannot gain access or hold the data to ransom (ransomware) |
|
Grey hat |
|
|
Malware https://www.avast.com/c-malware |
- Shortfor malicious software - Annoying of harmful type of software intended to secretly access a device without the user's knowledge i.e.
|
|
Spyware https://www.microsoft.com/en-us/safety/pc-security/spyware-whatis.aspx |
softwarethat allow a hacker to covertly obtain information form another computersystem, and transmitting it covertly or can cause your computer to slow down orcrash – very much similar to adware ---------advertising --------Collecting personal info --------target comp config change --------web browser config changes |
|
prevention of spyware
|
understand what you are signing up for and make sure you check oruncheck boxes to stop or not allow spyware or changes made to your computersystem
|
|
Adware
|
softwarethat automatically displays advertising or banners or pop-upsalsocollects marketing data without the users knowledgebynot gaining the users permission isconsidered maliciousRedirectsusers to certain marketing or advertising websites.
|
|
Phishing |
* fraudulent email disguised as a legitimate * often purporting to be from a trusted source * The message is meant to trick the recipient into sharing personal orfinancial information or clicking on a link that installs malware |
|
Spear phishing
|
Spear phishing is like phishing, but tailored for a specific individualor organization disguised as legitimate communication ideally tricking user into opening malware, spamware, ransomeware or just gaining information of the target |
|
Viruses
|
|
|
Trojan horses |
* often disguised as legitimate software but really malicious coding to harm a commuter system or network |
|
Exploit
|
Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer |
|
Rootkit
|
|
|
Worms |
Wormsdon’t need a host program and directly attacking the host memory or network vulnerabilities and application vulnerabilities Self-replicatingand propagate spread by email, p2p file sharing, FTP, network packets |
|
Rootkit 2
|
allow viruses and malware to “hide in plainsight” by disguising as necessary files that your antivirus software willoverlook simply used to hide malware, bots and worms an attacker must first gain access to the root accountby using an exploit or obtaining the password by cracking it or socialengineering |
|
Ransomware
|
encrypts target data
|
|
OSI stack numbers and layers and protocols
|
7 Application ****** Http, FTP, SMTP 6 Presentation***** JPEG, GIF, MPEG 5 Session (or Port)** AppleTalk, WinSOCK 4 Transport******** TCP, UDP, SPX 3 Network********* IP, ICMP, IPX 2 Data Link******** Ethernet, ATM 1 Physical********* Ethernet and token ring |
|
OSI way to remember 7 layers neumonic
|
People do not throw Sausage Pizza Away |
|
Application Layer |
Layer 7 - Http, FTP, SMTP, pop3 serves as the window for users and application processes
|
|
Presentation Layer
|
|
|
Session Layer
|
|
|
Transport Layer
|
Layer 4 - TCP, UDP, SPX open system interconnection
|
|
Network Layer
|
Layer 3 - IP, ICMP, IPX --- routers provides data routing paths for network communication Data is transferred in the form of packets via logical network paths in an ordered format controlled by the network layer |
|
Data-Link Layer
|
|
|
Physical Layer
|
Layer 1 - Ethernet and Token ring -- Hubs and Repeaters deals with bit-level transmission between different devices and supports electrical or mechanical interfaces connecting to the physical medium for synchronized communication |
|
IP Address Spoofing
|
|
|
TCP Sequence Number Prediction Attack |
hacker predict the sequence of the packet and apply a packet that the destination is expecting enabling the hacker to gain access to the session and takeover i.e. a bank session and transfer monies to hacker |
|
SYN Attacks
|
|
|
How SYN attacks work
|
|
|
Confidentiality
|
|
|
Confidentiality safeguard
|
|
|
Integrity
|
|
|
AVAILABILITY
|
|
|
OSI Upper layers |
|
|
What is a Bridge?
|
|
|
What is Router?
|
directions
|
|
AUTHENTICITY
|
|
|
NON-REPUDIATION
|
|
|
DIGITAL SIGNATURE
|
gives Authenticity and Non- repudiation requires PKI |
|
SYMMETRIC KEYS
|
|
|
ASYMMETRIC KEYS (key = Crypto variable) |
discreet logarithms |
|
technical controls
|
user id and passwords to logon to systems separation of admin roles and user roles antivirus at endpoints |
|
physical controls
|
|
|
separation of duties
|
two people do the same job and make sure the that they both are doing the correct procedures to policies and systems for example in updating data.
|
|
Media reuse
|
when getting rid of hardware delete hard drives securely
|
|
Eve's dropping threat
|
technical control by having a packet analyser on the network which can see any packets in plain text. |
|
Kerberos
|
|
|
Attacks on PRIVACY
|
|
|
accidental modification
|
integrity detect accidental modification not malicious integrity checking produce digital representation of a file |
|
intentional modification |
integrity and authenticity digital signatures - |
|
PLAINTEXT
|
unencrypted text |
|
Initialization vector (IV)
|
adds complexity based on variables (ie sudo random date and time and added) |
|
algorithm (cypher)
|
math processes symmetric algorithms (session keys for a time period) block or stream or Asymmetric algorithms (discrete or factorisation) |
|
key in cryptography
|
how to use the math known as "crypto variable" prefer a long key for better protection random key i.e. 56 bit key 2 to the 56 power possibilities of different keys |
|
NONCES
|
uniqueness to a packet sequence number to packets without being sequential |
|
symmetric cypher
|
|
|
AES
|
256 bit key - but requires more process power 128 bit key 92 bit key block cipher efficient |
|
CRL
|
certificate revocation list |
|
3DES
|
|
|
AES
|
|
|
STREAM CIPHER
|
|
|
transposition
|
in stream cipher, moving the characters to right or left scrambling then to make them non coherent |
|
substitution
|
stream cipher method
|
|
XOR
|
|
|
public / private key cryptography
|
|
|
Hash / msg digest
|
|
|
digital signature
|
|
|
PKI
|
ie VeriSign authority trusted to assign certificates to trusted authority servers ie bank of america |
|
OCSP
|
- streamline the ability to see if a certificate has been revoked i.e. drivers license and policeman should check to see if license has been revoked |
|
HTTPS
|
hyper text transport protocol secure |
|
HASH MAC
|
|
|
hash collision
|
two diff pieces of txt produce the same hash |
|
what do digital signatures use?
|
Asymmetric - RSA encrypted with senders private key |
|
protecting data at rest
|
needs to digital sign i.e. VeriSign from a trusted source
|
|
Physical MAC card
|
|
|
Router
|
|
|
Switches and Hubs
|
|
|
FRAMES |
|
|
Packets |
|
|
TCP - general |
|
|
UDP |
mostly for streaming sends with not comms back from other end |
|
IP Addresses |
|
|
multi-layer switches |
devices that can work at layer 2 or 3 can work as a switch or a router |
|
HUB |
dumb switch does not map ports or mac addr's sends packages incoming to all outgoing ports |
|
encryption devices |
|
|
cable |
layer 1 a physical device |
|
NIC |
layer 1 physical device manufacturer applies MAC address |
|
BRIDGE |
layer 2 device one to another point connectivity |
|
IP Address |
a logical address mapped to a physical address on a interface card 'MAC' |
|
firewalls |
|
|
application firewalls |
network traffic to applications allowed to access application on host web servers |
|
stateful firewall |
if traffic implemented from in or out, but has no previous connection established the block
|
|
DMZ |
|
|
secure router configuration |
|
|
Security on switches |
switches learn MAC addresses after 1st time traffic on a port also able to apply v-lan managment |
|
Load Balancers |
can be used as load balancers to stop servers from being over whelmed with traffic
|
|
Proxies |
middle man function keeps private addresses private by applying one public address to internet |
|
caching |
proxies cache the addresses from internal |
|
reverse proxies??? |
in a network to protect against malicious traffic |
|
network address translation (NAT) |
proxy would convert private addresses into public addresses firewalls can also do this |
|
virtual private network (VPN) concentrators |
|
|
secure router management |
|
|
ACL's |
Access control list dictate or limit users access to a system |
|
Port security |
logical security - by disabling ports on the system physical access to ports are locked down by locking the cabinet |
|
802.1x |
|
|
Flood guards |
protection from ;
|
|
spanning tree protocol |
triggered to prevent loops |
|
implicit deny |
all traffic, unless explicit allowed should be denied |
|
log analysis |
event log incident logs successful logs denied logs should be secured on NTFS based for integrity |
|
SIEM |
priority |
|
Next gen FW |
PRO: all in one solution to manage IDS / IPS CON: can be a single point of failure |
|
VOIP |
Voice over internet protocol encrypted voice transmission |
|
WAR Dialing |
attackers tapping on tel numbers to try an identify modems |
|
BASELINE |
|
|
NAC |
|
|
Virtualization Pros |
|
|
Virtualization Security concerns |
|
|
Layered security logical |
defense in depth multiple layers of defense via different types of technologies |
|
physical layers of defense in depth |
combination locks to doors bio-metric locks cameras lighting guards fencing all the above o protect physical access to technology systems within a building |
|
TCP define |
|
|
IP protocol |
logical addressing - devices packets are coming frm and where going to IPv4 and IPv6 |
|
IPv4 |
32 bit address expressed in decimals 4 octets each octet is 8 bits long |
|
Classes of IPv4 |
|
|
private IPv4 addressing |
only used within organization class A - 10.0.0.0 - 10.255.255.255 class B - 192.16.0.0 - 192.16.255.255 class C - 192.168.0.0 - 192.168.255.255 |
|
manual IP addressing |
Static |
|
Dynamic IP addressing |
|
|
APIPA |
automatic private IP addressing 169.254.0.1 - 169.254.255.255 |
|
IPv6 |
128 bit address hexodecimal 8 quartets punctuated by colon signs ie 2001:odb8:85a3:0000:0000:8a2e:3713:7334 |
|
secure protocol recognition |
S at beginning = secure = SSH S at end = secure = SSL |
|
SSH |
port 22 secure shell shells msgs - creates secure tunnel to transport msgs |
|
SSL port, layer ? |
|
|
FTP |
|
|
SFTP |
Port 22 Secure file transfer protocol |
|
SCP |
|
|
HTTP |
|
|
HTTPS |
|
|
TFTP |
|
|
RDP |
|
|
Telnet |
port 23 connects to other computers over the network |
|
SNMP |
port - 160 port - 161 port - 162 gathering config parameters across the network |
|
SMTP |
port 25 allows emails from one exchange svr to another exchange server |
|
DNS |
Port 53 Domain naming server - name resolution browser query area for URL's |
|
POP3 |
port - 110 post office protocol v3 only email retrieval protocol |
|
IMAP |
port 143 internet msg access protocol creates folders in email and search facility for emails |
|
ICMP |
port - internet msg control protocol used to ping ip addresses on the network lets you the state of the machine or its details |
|
PING floods |
used to flood ping messages on a network uses ICMP some networks block ICMP to avoid ping attacks |
|
IPsec |
Internet Protocol Security between routers, fw's and each other uses Auth Headr (AH) and Encop Security Payloads (ESP) Internet Key Exchange (IKE) VPN - by encaps'ing orig IP headr in tunnleing |
|
AH port and which attacks |
Authentication Header port 51 Integrity protection against Spoofing and replay attack mostly obsolete |
|
ESP which port, layer and encryption? |
Encapsulating Security Payload Port 50 Layer 4 uses 3DES can function with NAT'ing |
|
3DES what kind of cipher block or stream? |
Data Encryption Standard block ciper each block algo'd 3 times - DES x 3 each block 64 bits (56+8) |
|
AES |
Advanced Encryption Standard fixed 128 bit block size key lengths of 128, 192, 256 |
|
Hashing |
(coffee beans and granules) into HASH
|
|
Cryptography |
|
|
SYMMETRIC KEY IMAGE
|
|
|
public key encryption
|
|
|
SSL
|
old protocol to TLS port 443 handshake to establish secure conn for Authentication between applications and svrs vulnerability = poodle |
|
TLS
|
transport layer security v1.2- crypto protocol new protocol to SSL for Authentication for Authentication between applications and svrs vulnerability = beast on older versions Public Key algo = RSA / Diffie Hellman / DSA Private key crpyto algo's = DES / 3DES / AES / RC4 |
|
private key which CIA
|
encrypting receivers PUBlic key only receivers PRIVate key opens msg = |
|
public key which CIA |
sender PRIVate key encrypts senders PUblic key decrypts |
|
Hash of a message which keys and which CIAN |
senders PRIVate key = authenticity |
|
non-repudiation achieved by
|
the assumption that a human has used a digital signature on a message to prove that they sent the message. |
|
authorisation vs authentication |
user name and password = AUTHENTICATION access to a computer/network/files= AUTHORISATION |
|
Man in the middle attack
|
a adversary connects at a point in the network to take over a connection between clients and clients and servers |
|
MITM attack
|
captures public key transaction and applies own gives new pub key to user and relays own pub key to server request comms now travelling through adversary |
|
DOS Countermeasures |
OS updated monitor frequent connections attempts to services |
|
syn flood
|
an attacker floods a server with syn packets svr becomes inundated and not able to deal with other requests creates unavailability of services and apps within the server |
|
types of firewalls
|
application stateful all use rule based access control |
|
packet firewall
|
applied at layer 3 routers that filter for src / dst / port bouncer at a night club cannot block viruses blocks all or nothing |
|
application firewalls |
layer 7 inspects traffic trying to access applications accepts and denies traffic to application can be proxies / kernel proxies looks for viruses/ inspect deep content |
|
State full inspection fw's
|
layer 5 knowledge of ignition of session block at all levels of a packet src/dst/port/spoofing/syn floods circuit level monitor |
|
VPN |
virtual private network over internet securely |
|
VPN protocols |
- encaps / ecrypts / authenticates |
|
VPN Concepts
|
uses internet to establish secure conn encrypts traffic secure remote access Authenticate |
|
VPN endpoints |
|
|
VPN types
|
hardware |
|
Software VPNs |
- integrated with fw's
- increase network security - uses fw's and routers - can be complex |
|
Hardware VPN's
|
uses firewalls, routers, IDPS, AV, e-mail to securely connect adv - cost, interoperability, easier management DisAdv- single point of failure |
|
VPN COR activities
|
encryption AUTHentication |
|
VPN encapsulation |
provides integrity encrypts data src and dst ip addr can be reserved |
|
IPsec componenets
|
IKE Oakley policy management driver |
|
IPsec VPN componenets
|
ESP - encapsulation security payload |
|
Encryption components |
digital certificates certification authority |
|
encryption EXCHANGE METHODS |
asymmetric key IKE - internet key exchange |
|
3DES explain
|
Data Encryption Standard mostly used in VPN's |
|
AES
|
US gov standard uses Rijndael encryption standard is a block cipher applies algo to blocks of data called rounds 10 rounds = 128 / 12 rounds = 192 14 rounds = 256 |
|
SSL How it works?
|
|
|
how is SSL cert acquired
|
verifies web service with padlock on url CA chks references of the certification requester VeriSign / RSA / global sign |
|
TLS vs SSL
|
uses Hashed message authentication code HMAC combines hash algo to shared secret key recombines uses XOR function |
|
TLS cryptography (cipher types)
|
PUBkey SYMM - RSA / Diffie Hellman / DSA PRIVkey - ASYMM - RC4, IDEA, DES, 3DES, AES HASH algo - MD5, SHA-1 and SHA-256 |
|
IKE SA explain phase 1 in a vpn tunnel |
bi-directional comms on which crypto to use between client and srvr |
|
IKE SA explain phase 2 in a vpn tunnel |
IPsec to protect data |
|
Wireless Security WEP
|
easily hacked |
|
WPA
|
WPA layer 2 based port based AUTHentication protocolTKIP -Temporal key integrity protocolprevents packet replaymessage integrity code (MIC)encrypted method256 bit key
|
|
WPA2
|
|
|
WPA FOUR WAY HAND SHAKE
|
|
|
TKIP
|
Temporal Key Integrity Protocol uses changing keys convenient cost saving but used some WEP which made it vulnerable |
|
WPA with AES
|
|
|
Wireless frames
|
Layer 2 or Data-Link based on header field frame control consists of = src&dst / protocol / data type / chk sequence / MAC addrs Mngmnt frames Control frames Data frames |
|
management Frames
|
Probes Associations Authentication |
|
wireless frame BEACON?
|
an access point shows ssid |
|
wireless frame PROBE
|
responses - req followed up by supported data rates |
|
wireless frame ASSOCIATION
|
response - to accept conn rejection - not allowed to connect DisAssociation - |
|
wireless frame AUTH Frame
|
DeAuth frame - |
|
wireless frame CONTROL |
Request to snd frame RTS clear to snd frame CTS Ack frame ACK data frame Power Save Poll PS-Poll |
|
MAC frames used for
|
|