IT Security Agreements and Vulnerability Assessment

Flashcards covering key concepts from IT security agreements, vulnerability assessments, and security tools.

MOU (Memorandum of Understanding)

An informal, non-binding agreement expressing the intent to collaborate, often includes confidentiality clauses.

BPA (Business Partnership Agreement)

A common model in IT involving partner agreements between large IT companies and resellers.

NDA (Non-Disclosure Agreement)

A legal agreement protecting information assets; breaking it can lead to legal consequences.

SLA (Service Level Agreement)

A contractual agreement detailing the terms under which a service is provided.

MSA (Measurement Systems Analysis)

Evaluates data collection and statistical methods for effectiveness in quality management.

MOA (Memorandum of Agreement)

A formal, legally binding contract detailing rights and responsibilities of parties involved.

SOW (Statement of Work)

A document that defines security services, tasks, deliverables, and timelines for a client.

SIEM (Security Information and Event Management)

Combines management of security data inputs for reporting and alerting.

SOAR (Security Orchestration, Automation, and Response)

Automates and coordinates complex security tasks using playbooks and machine learning.

ST&E (Security Test and Evaluation)

Examination of protective measures placed on an operational network.

Network Scanners

Probes hosts for open ports and searches for known vulnerabilities.

Application Scanners

Access source code to test applications from within, without running them.

Web Application Scanners

Identifies vulnerabilities specifically in web applications.

Password Cracking

Software used to test and detect weak passwords needing changes.

Log Review

The practice of examining security logs to identify potential threats.

Integrity Checkers

Systems that detect and report changes in the system's integrity.

Virus Detection

Software that identifies and removes computer viruses and malware.

ipconfig

Command that displays TCP/IP settings, including IP address and DNS information.

Arp

Maps known MAC addresses to their associated IP addresses.

Ping

Tests network connectivity by sending ICMP requests to a host.

Pathping

Combines ping and tracert to determine latency and packet loss.

Tracert

Traces the route packets take to a destination, recording each hop.

Nslookup

Queries a DNS server to help troubleshoot DNS issues.

Nbtstat

Helps troubleshoot NetBIOS name resolution problems in Windows.

nmap

Used for security auditing, locating hosts, and detecting operating systems.

Netcat

Gather information from TCP/UDP connections for various network tasks.

Hping

Assembles and analyzes packets for port scanning and firewall testing.

Zenmap

Used to discover computers and services on a network, creating a map.

Tripwire

Tool that validates IT configurations against security standards.

Nessus

Vulnerability scanning software focusing on remote access configurations.

L0phtCrack

A password auditing and recovery application.

Metasploit

Provides information on vulnerabilities for penetration testing.

theHarvester

Tool for gathering open-source intelligence on a specific domain.

Dnsenum

Packages numerous tests in a single query for DNS hosting information.

Scanless

Uses third-party sites to scan for open ports and services defensively.

Curl

Command-line client for performing data transfers over various protocols.

CVE (Common Vulnerabilities and Exposure)

Dictionary of vulnerabilities in published operating systems and applications.

CVSS (Common Vulnerability Scoring System)

Generates a score based on vulnerability characteristics, ranked from 0-10.

False Positives

Scanned vulnerabilities incorrectly flagged as risks that are not actually vulnerable.

False Negatives

Potential vulnerabilities that are missed during scans.

Active Reconnaissance Tools

Directly interact with network systems to gather information.

Passive Reconnaissance Tools

Learn about networks indirectly through information sources.

Examples of Active Reconnaissance Tools

Tools such as Nmap, Metasploit, Superscan, Traceroute, and Pathping used to probe systems.