Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
31 Cards in this Set
- Front
- Back
Looking for potential risks |
Vulnerability Assessment |
|
Confirms or denies vulnerabilities |
Penetration Testing |
|
HTTPS port |
443 |
|
Someone with knowledge and privilege from within the organization |
Insider Threat |
|
Someone trying to access an organization's resources from outside the organization |
External Threat |
|
FTP port |
21 |
|
SSH port |
22 |
|
TFTP port |
69 |
|
HTTP port |
80 |
|
POP3 |
110 |
|
Telnet port |
23 |
|
SMTP port |
25 |
|
SNMP port |
161 |
|
DNS port |
53 |
|
System placed within a DMZ or private network that is designed to lure malicious users away from production environments |
Honeypots |
|
Entire network designed to attract attackers away from production environments |
Honeynets |
|
Used to identify potential threats and weaknesses within a network infrastructure |
Vulnerability Scanners |
|
Multi-platform scanner |
GFI LANguard |
|
Patch, configuration and compliance auditing |
Nessus |
|
Identify IT exposures and prioritize remediation |
Retina |
|
Identify flaws in operating systems and applications |
IBM ISS Internet Scanner |
|
Specifically designed to help monitor the behavior and health of the Mac OS-X system |
X-Scan |
|
Security Auditors Research Assistant |
SARA |
|
Find and track vulnerabilities and perimeter servers and devices |
QualysGuard |
|
Uncovers areas of weakness and recommends fixes |
SAINT |
|
Provides a streamlined method to identify missing security updates and common misconfigurations |
MBSA |
|
Vulnerability scan that will not directly attack a system |
Passive Vulnerability Assessment |
|
Vulnerability scan that can disrupt normal network operations and trigger alerts |
Active Vulnerability Assessment |
|
Evaluate security posture using the same techniques employed by cyber criminals |
CORE Impact Pro |
|
Hundreds of exploits on automated exploitation system and development framework |
CANVAS |
|
Helps verify vulnerabilities and manage security assessments |
Metasploit |