Comptia Security+ Terms

5.0(1)
studied byStudied by 4 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/106

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

107 Terms

1
New cards

Vulnerability Scanner

An application that identifies security issues on a network and gives suggestions on how to prevent the issues. A management control type.

2
New cards

Port Scanner

An application that identifies ports and services that are at risk on a network.

3
New cards

IDS

An application that detects when network intrusions occur and identifies the appropriate personnel..

4
New cards

Virus Scanner

An application that protects a system against viruses.

5
New cards

NAT Server

Presents public IP addresses to the internet on behalf of computers on a private network.

6
New cards

Proxy Server

Can be used to enable hosts to access Internet resources. Can increase the performance of a network by cachig Web pages, which can reduce the amount of time required for clients to access Web pages.

7
New cards

Isolation Mode

Ensures that wireless clients can only communicate with the wireless access point and not with other wireless clients.

8
New cards

PEAP

Protected Extensible Authentication Protocol. A secure password-based authentication protocol created to simplify secure authentication.

9
New cards

LEAP

Lightweight Extensible Authentication Protocol. An authentication protocol used exclusively by Cisco.

10
New cards

RAID Level 0

Disk striping. Stripes data across the drives to improve disk read/write efficiency. Does not provide redundancy.

11
New cards

RAID Level 1

Disk mirroring or disk duplexing. Any data written to disk one is also written to disk two. Provides redundancy.

12
New cards

RAID Level 5

Disk striping with parity and data across all disks in the array. Requires at least three hard disks.

13
New cards

Protection against PBX attacks

Turn off remote maintenance features when not needed. Use strong authentication on the remote maintenance ports. Keep PBX terminals in a locked, restricted area. Replace or disable embedded logins and passwords.

14
New cards

Technical Controls

Used to restrict data access and operating system components, security applications, network devices, protocols, and encryption techniques. Include all authentication mechanisms.

15
New cards

Detective Controls

Used to detect intrusion when it occurs.

16
New cards

Preventative Controls

Used to prevent intrusion before it occurs.

17
New cards

Administrative/Management Controls

Dictates how security policies are implemented to fulfill the company's security goals.

18
New cards

Physical/Operation controls

Implemented to secure physical access to an object.

19
New cards

Bit-level copy of original disk

Making a copy at the sector level to cover every part of the area that can store user data. Preferred for forensic investigation.

20
New cards

Byte-level copy of the hard disk

Initiates the forensic imaging of the attacked workstation. Not preferred for forensic analysis.

21
New cards

Session Riding

XSRF. Involves unauthorized commands from a trusted user to a user or web site.

22
New cards

Baselining

Process of comparing performance to a recorded metric.

23
New cards

Buffer Overflow

A type of DoS attack and occurs when more data is put into the buffer than it can handle.

24
New cards

Macro Virus

Programming instructions in a programming language that commands an application to perform illegal actions.

25
New cards

IPSec

Can work in either tunnel mode or transport mode. Uses ESP and AH as security protocols for encapsulation. Framework is used in a VPN implementation to secure transmissions.

26
New cards

Diameter

RADIUS implementation that was created to deal with VoIP and wireless services.

27
New cards

TACACS+

CISCO implementation of RADIUS. Uses multiple challenge responses for authentication, authorization, and auditing.

28
New cards

Hubs

Packets are visible to every node on the network. Susceptible to traffic sniffing.

29
New cards

Switches

Packets are forwarded only to the hose for which the packet is intended. Provides some protection to traffic sniffing.

30
New cards

Anomaly-based Monitoring

Detects any changes or deviations in network traffic. Requires a baseline to be established.

31
New cards

Signature-based Monitoring

Watches for intrusions that match a known identity or signature when checked against a database that contains the identities of possible attacks.

32
New cards

Behavior-based Monitoring

Looks for behavior that is not allowed and acts accordingly.

33
New cards

Network-based Monitoring

Monitors all network traffic. It implements passive and active responses.

34
New cards

20, 21/989, 990 TCP

FTP/FTPS Port #

35
New cards

22 TCP

SSH, SCP, SFTP Port #

36
New cards

23 TCP

Telnet Port #

37
New cards

25/465 TCP

SMTP/SMTPS Port #

38
New cards

49 TCP

TACACS+ Port #

39
New cards

53 TCP/UDP

DNS Port #

40
New cards

67,68 UDP

DHCP Port #

41
New cards

69 UDP

TFTP Port #

42
New cards

80/443 TCP

HTTP/HTTPS Port #

43
New cards

88 TCP/UDP

Kerberos Port #

44
New cards

110/995 TCP

POP3/ POP3S Port #

45
New cards

119/563 TCP

NNTP/NNTPS Port #

46
New cards

139/445 TCP, 137,138/445 UDP

NetBIOS/SMB Port #

47
New cards

143/993 TCP

IMAP/IMAPS Port #

48
New cards

161,162 UDP

SNMP/SNMP Trap Port #

49
New cards

389/636 TCP

LDAP/LDAPS Port #

50
New cards

1701 UDP

L2TP Port #

51
New cards

1723 TCP

PPTP Port #

52
New cards

1812,1813 UDP

RADIUS Port #

53
New cards

2049 TCP

NFS Port #

54
New cards

6881-6999 TCP

Bit Torrents Port #

55
New cards

3389 TCP

RDP Port #

56
New cards

Business Continuity Plan

Ensures that policies are in place to deal with long-term outages and disasters to sustain operations. Mainly focuses on the continuity of the data, telecommunications, and information systems infrastructures.

57
New cards

Ping of Death

DoS attack. Major increase in ICMP traffic.

58
New cards

Reducing Surface Area Attacks

Disable unnecessary ports/services/protocols. Use least privilege. Apply defense in depth. Don't trust user input. Fail securely. Secure the weakest link. Create secure defaults.

59
New cards

Hardening

Disable unnecessary accounts. Protect management interfaces and applications. Implement password protection.

60
New cards

DLL Injection

Spyware technique that inserts a dynamic link library (DLL) into a running processes memory.

61
New cards

SMTP Open Relay

An email feature that allows any internet user to send e-mail messages through the SMTP server.

62
New cards

Web Security Gateway

Filters Web content

63
New cards

Spam filter

blocks unwanted messages

64
New cards

VPN Concentrator

Tunnels private communication over internet

65
New cards

Rootkit

A collection of programs that grants a hacker administrative access to a computer or network.

66
New cards

ICQ

An Instant Messaging (IM) package. Enables users to send and receive IMs in real time.

67
New cards

ICP

Enables Web Caching servers to interoperate for improved performance.

68
New cards

IPP

Supports remote printing on Transmission Control Protocol/Internet Protocol (TCP/IP) networks.

69
New cards

IPX

A routing and addressing protocol used on IPX/SPX networks.

70
New cards

L2TP

Encrypts transmitted traffic on VPN connections.

71
New cards

Bastion Host

A system that is hardened to resist attacks.

72
New cards

Layer 1

Physical. Provides function to establish and maintain the physical link between network devices. Repeaters work at this level.

73
New cards

Layer 2

Data Link. Bridges, MAC Addresses work here.

74
New cards

Layer 3

Network. Routers operate at this layer.

75
New cards

Layer 4

Transport. Segments and reassembles data into a data stream and provides reliable and unreliable end-to-end data transmission.

76
New cards

Layer 5

Session. Starts, maintains, and stops sessions between application on different network devices.

77
New cards

Bcrypt or Password-Based Key Derivation Function 2 (PBKDF2)

Key stretching functions

78
New cards

LDAP

Entries are contained in a directory information tree (DIT) which is a hierarchical structure that can be searched for directory information.

79
New cards

ad hoc

An 802.11b communications mode that enables wireless devices to communicate directly.

80
New cards

BitLocker

The windows vista (and higher) component that encrypts an entire volume with 128-bit encryption to prevent information from being read if the drive is lost or stolen.

81
New cards

Fault generation

A smart card attack that allows a hacker to uncover the encryption key using reverse engineering.

82
New cards

Microprobing

An intrusive smart card attack in which the card is physically manipulated until the ROM chip can be accessed.

83
New cards

Spanning Tree Protocol (STP)

Primary loop protection on an Ethernet network. Helps mitigate the risk of Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling network connections between switches.

84
New cards

Time To Live (TTL)

Primary loop protection on an IP network.

85
New cards

Keyed Hashing for Message Authentication Code (KHMAC)

Used to digitally sign packets that are transmitted on Internet Protocol Security (IPSec) connections.

86
New cards

RADIUS

Enables remote access users to log on to a network through a shared authentication database.

87
New cards

Wildcard

PKI component that reduces the certificate management burden by allowing one certificate to be used for multiple subdomains.

88
New cards

OCSP

PKI component that checks online certificate status in real time.

89
New cards

CSR

PKI component that messages sent from an user or application to a CA to apply for a digital certificate.

90
New cards

CRL

PKI Component that contains a list of certificates that have been issued and subsequently rescinded by a given CA.

91
New cards

SSH

A protocol that uses a secure channel to connect a server and a client

92
New cards

SSL

A protocol that secures messages between the Application and Transport layer

93
New cards

SCP

A protocol that allows files to be copied over a secure connection.

94
New cards

ICMP

A protocol used to test and report on path information between network devices.

95
New cards

56 bit

DES old NIST standard

96
New cards

168 bit

3DES used in PGP

97
New cards

128,192,256 bit

AES NIST current standard

98
New cards

40-128bit

CAST used in PGP

99
New cards

Stream WEP

RC4

100
New cards

up to 2048bit

RC5