CIS 1350C –Exam 1 Study Guide

Flashcards for CIS 1350C Exam 1 Study Guide

Domain Name Service (DNS)

component of the internet that translates human readable domain names into machine-readable IP addresses.

Phreaking

the manipulation of telephone systems to make free phone calls, often involving the fraudulent manipulation of telephone signaling.

Social Engineering

Manipulating people to gain access to systems or information.

Malware

(Malicious software) Any software designed to disrupt, damage, or gain access to computer systems and networks.

Logic Bomb

Malware that executes when certain conditions are met.

Sneaker

Someone hired to test the security of a system.

Authentication

Verifying the identity of a user, process, or device.

CIA Triangle

Confidentiality, Integrity, Availability

SANS Institute

Cybersecurity information, training, and research.

Denial of Service (DoS) Attack

A malicious attempt to disrupt the normal functioning of a computer, network, or service by overwhelming it with a flood of illegitimate requests.

Session Hijacking

Taking control of an existing session between a client and server.

White Hat, Black Hat, and Gray Hat Hackers

Ethical hackers, malicious hackers, and hackers who sometimes act ethically and sometimes not.

Cracker

Someone who exploits vulnerabilities in computer systems and networks to breach security measures.

Script Kiddy

An unskilled hacker who uses pre-made tools.

Penetration Tester

Someone hired to find vulnerabilities in systems.

Firewall

Network security device that monitors and controls network traffic based on predefined rules.

Proxy Server

A server that acts as an intermediary between a client and a server, protecting users privacy and computer systems from attack.

First Computer Incident-Response Team

CERT

F-secure

Information about security threats and solutions.

CIDR

(Classless Inter-Domain Routing) Method of IP address allocation and IP routing that allows more efficient use of IP addresses.

Host

Any device connected to a network.

Proxy Server

A server that acts as an intermediary between a client and a server.

IPv4 Address

Consists of 4 octets (32 bits total) divided into network and host portions.

IP Address starting with 194

Class C

IP Address starting with 191

Class B

MAC Address

Media Access Control Address; a unique hardware address for a network interface, used to identify devices on a network.

Protocols at the Physical Layer of the OSI Model

None

What do the first 3 Bytes of MAC Address represent?

Manufacturer ID (Organizationally Unique Identifier)

tracert Command

Used to trace the route packets take to a destination.

ipconfig Command

Displays network configuration information.

ping Command

Sends ICMP echo requests to test network connectivity.

URL

Uniform Resource Locator; a web address. Specifies the location of a resource on the internet and a mechanism for retrieving it.

Session Layer of the OSI Model

Establishes, maintains, synchronizes, and terminates sessions between applications.

What Layer does TCP Protocol Works At?

Transport Layer

Specification for Category 5 Cable

100MHz/100Mbps

Binary Equivalent of 240

11110000

Hub

(simplest connection device) A device that connects multiple network segments, forwarding data to all connected ports.

Switch

smart hub, sends packets only to intended host, is a 2 layer device.

Router

A device that forwards data packets between networks. More sophisticated, limits traffic to intended network. Is a 3 layer device.

Repeater

A device that amplifies a signal to extend the range of a network.

TCP/IP Protocol on Port 53 (UDP)

DNS (Domain Name System)

TCP/IP Protocol on Ports 20 and 21

FTP (File Transfer Protocol)

TCP/IP Protocol on Port 80

HTTP (Hypertext Transfer Protocol)

TCP/IP Protocol on Port 25

SMTP (Simple Mail Transfer Protocol)

Pump and Dump

An illegal scheme of boosting the price of a stock artificially through false and misleading statements.

Cookie

A small text file that websites store on a user's computer to remember preferences or track browsing activity.

Country with Strictest Cybercrime Laws

Romania

Firefox and Google Chrome

Web Browsers

First Party vs Third Party Cookies

First-party cookies are set by the website being visited; Third-party cookies are set by a different domain.

Identity Theft and Identity Fraud

Identity theft evolves stealing someone’s personal info., while fraud is the use of that info. to commit crimes.

Should you use your real name in a chat room?

No

Guidelines for online investing

Only invest with well known, reputable brokers. If it’s to good to be true, avoid it.

Guidelines for using online auction sites

Only use reputable auction sites. Read feedback. Use separate credit card.

Cyberstalking

Using electronic communication to harass or stalk someone.

Phishing

Form of identity theft that relies on individuals unwillingly volunteering personal details or info.

Shill Bidding

Placing bids on an item to artificially inflate its price.

Bid Shielding

Submitting very high bids to discourage others from bidding.

Bid Siphoning

Lure bidders away from legitimate auction sites by offering same item at lower price.

Guidelines for protecting against identity theft

Limit providing personal info., destroy documents that have personal info. on them, check credit frequently, check online driving records once per year.

Why should a cybercrime law be specific?

To ensure clarity and prevent misinterpretations.

Most common type of attacks on a system

Denial of Service attack, cyberattack where an attacker attempts to make a website or network inaccessible to legitimate users by overwhelming it with traffic

What is a firewall used for?

To protect a system or network from unauthorized access. Monitor/Control traffic.

Land Attack

(Simplest of all attacks) An attack where the source and destination IP addresses of a packet are the same, causing a system to crash.

Smurf Attack

A type of DoS attack that floods a network with ICMP echo requests using a spoofed source address.

Teardrop Attack

An IP fragmentation attack involving sending fragmented packets that, when reassembled, overflow a buffer.

Buffer Overflow Attack

Exploiting a vulnerability where a program writes data beyond the allocated buffer, potentially overwriting adjacent memory.

Ways to prevent or defend against denial-of-service attacks

Configure firewall to filter out ICMP packets, egress filter fo ICMP packets, disallow any incoming traffic. Use tools such as NetStat and other. Disable all IP broadcasts.

Defenses Against TCP SYN Flood Attacks

SYN cookies

What was myDoom?

Fastest spreading email worm in history.

What is Tribal Flood Network?

Set of computer programs designed to DDoS.

What is stack tweaking?

Method of Dos prevention, alters TCP stack.

What are SYN cookies?

Defense mechanism against SYN Flood Attacks.

What is ping of death?

DoS attack, sending a single large packet.

What command instructs the ping utility to send packets until explicitly told to stop?

-t

What is the group Anonymous?

Decentralized and international activist and hacktivist collective.

What does the ping -l option do?

Test network connectivity.

How are RST cookies used?

Protect servers from SYN flood attacks.

Virus

A self-replicating program that infects files and requires a host to spread.

Worm

A self-propagating program that can spread without human interaction.

Trojan Horse

Malware disguised as legitimate software.

Rootkit

Malware that hides its presence on a system and is designed to get unauthorized access to to a computer system.

Buffer Overflow Attack

Exploiting a vulnerability where a program writes data beyond the allocated buffer, potentially overwriting adjacent memory.

Logic Bomb

Malware that executes when certain conditions are met.

Web-Based Code

Malicious code embedded in websites.

McAfee and Norton

Antivirus software

What was the Bagle virus?

Botnet involved int proxy-to-relay email spam.

What was the I Love You virus?

Massive worm spread through email in 2000, stealing passwords.

Why is Microsoft Office a tempting target for viruses?

Because it is widely used and has known vulnerabilities.

Most common delivery method for spyware

Email or Drive by downloads.

Most common way for a virus to spread

Email attachments.

What was the Sobig virus?

Worm from 2000’s, caused $35 billion in damage.

What was the MacDefender virus?

Trojan horse from 2011, masquerading as antivirus program in attempt to get users to share their credit card info.

What was the Mimail virus?

family of mass-mailing computer worms that first emerged in August 2003.

What is the Nonvirus virus?

Applications that are not malicious by nature.