UPDATED COMP 344 NOTES

0.0(0)
studied byStudied by 0 people
linked notesView linked note
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/28

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

29 Terms

1
New cards

Confidentiality

Protecting information from unauthorized access. Example: Encryption.

2
New cards

Integrity

Ensuring data has not been altered. Example: Checksums, Hashing.

3
New cards

Availability

Ensuring authorized users have access when needed. Example: Redundant servers, DDoS mitigation.

4
New cards

Threat

A potential danger that could exploit a vulnerability. Example: A hacker attempting SQL injection.

5
New cards

Vulnerability

A weakness in a system that could be exploited. Example: Outdated software with known exploits.

6
New cards

Asset

Anything of value that needs protection. Example: Customer data.

7
New cards

Symmetric Encryption

Uses the same key for encryption and decryption (e.g., AES).

8
New cards

Asymmetric Encryption

Uses public and private keys for encryption and decryption (e.g., RSA, ECC).

9
New cards

Salt in Encryption

Random data added to passwords before hashing to prevent rainbow table attacks.

10
New cards

Encoding vs. Encryption

Encoding is for data representation (Base64, ASCII) and is not secure; encryption protects data using keys and algorithms.

11
New cards

Digital Signature

Used to verify integrity and authenticity, created by signing a hash with a private key.

12
New cards

Certificate Authority (CA)

Issues digital certificates to verify identity.

13
New cards

Root CA

Top-level trusted authority that issues certificates.

14
New cards

TLS

Secures data in transit with encryption.

15
New cards

Understand basic TLS handshake

  • Client and Server agree on encryption

  • Server presents a certificate signed by a CA

  • Client verifies the certificate

  • Secure communication begins by establishing a secure session key.

16
New cards

TCP SYN Flood

A protocol attack that exploits the TCP handshake by sending many SYN requests without completing them.

17
New cards

IP

Routes packets to destinations.

18
New cards

Port

Specifies services on a device (e.g., HTTP = port 80).

19
New cards

Network Zones

boundary that controls access to devices and computers on a network. It can be based on IP addresses, geographic locations, or ranges of IP addresses. 


20
New cards

Packet Filter

A firewall type that checks packet headers without maintaining connection state.

21
New cards

Stateful Firewall

Monitors connection state and allows or blocks traffic accordingly.

22
New cards

whois

Identifies domain ownership.

23
New cards

nmap

Scans open ports and services on a network.

24
New cards

Principle of Least Privilege

Limits user permissions to minimize risk.

25
New cards

System Hardening

Regular updates, disable unnecessary services, and log monitoring to improve security.

26
New cards

Virus

A type of malware that attaches itself to files to spread.

27
New cards

Trojan

Malware disguised as legitimate software.

28
New cards

Spyware

Collects data secretly from users.

29
New cards

Phishing

A social engineering attack aimed at stealing credentials.