Year 10 Digi Tech - Test 2 Revision

These flashcards were created by my friend Andrew, and cover all three modules featured in the upcoming test.

Computer Network

Interconnected devices exchanging data using protocols.

Network Protocols

Rules governing data transmission between devices.

Physical Connection

Cables or wireless links between devices.

Router

Device directing data between different networks.

Switch

Device connecting multiple devices within a network.

Firewall

Security device protecting networks from threats.

Source Encoding

Converting user information to binary data.

Data Transfer

Moving binary data from application to communication system.

Transmission

Sending data as signals over a medium.

Local Area Network (LAN)

Network covering a small geographic area.

Wide Area Network (WAN)

Network covering a large geographic area.

Wireless Networks

Networks using wireless connections for communication.

OSI Model

Seven-layer framework for network protocol services.

Application Layer

User interface for accessing network services.

SMTP

Protocol for sending email.

FTP

Protocol for transferring files over the Internet.

HTTP

Protocol for transferring hypertext documents.

HTTPS

Secure version of HTTP using encryption.

TLS (write out acronym too)

Transport Layer Security - Encryption layer ensuring secure communications.

Phishing Attacks

Fraudulent attempts to obtain sensitive information.

Injection Attacks

Malicious code inserted into valid input fields.

Cross-Site Scripting

Injecting scripts into web pages to steal data.

Session Hijacking

Attacker impersonating a user by stealing session cookies.

Man-in-the-Middle Attack

Interception of communication to steal data.

Unencrypted Data Exposure

Sensitive data sent over unsecured connections.

Source Code Inspection

Reviewing webpage code for hidden information.

robots.txt

File listing pages excluded from search engines.

Path Traversal

Accessing system files by manipulating URLs.

Referrer Spoofing

Faking originating website to bypass restrictions.

Traffic Encryption

Securing network traffic to prevent monitoring.

Multi-factor Authentication

Security requiring multiple forms of verification.

Short Timeouts

Ending sessions after inactivity to enhance security.

Log Analysis

Skill to trace attack origins and compromised systems.

System Logs

Records of system activity and user behaviour.

Authentication Logs

Track login attempts and access success or failure.

Security Logs

Focus on security events like privilege escalation.

Application Logs

Capture data from specific applications or programs.

Timestamp

Exact time when an event occurred.

Event ID

Unique identifier for specific event types.

Username

Account attempting access in authentication logs.

Source IP Address

Origin of the login request.

Login Type

Method of access, e.g., local or remote.

Indicators of Compromise (IoC)

Signs of potential security breaches.

Anomalous Login Times

Logins occurring at unusual hours.

Failed Login Attempts

Repeated failures from the same IP address.

Privilege Escalation

Regular users gaining unauthorised elevated privileges.

Unauthorized Access Attempts

Access attempts from suspicious IP addresses.

Brute-Force Attack

Systematic guessing of user passwords.

Tor Exit Nodes

Final relay points in the Tor network.

Log Management Systems

Tools for automating log aggregation and detection.

Event Viewer

Windows tool for viewing system logs.

PowerShell

Command-line tool for advanced log filtering.

Scheduled Tasks

Unauthorised jobs set to run on a system.

Startup Modifications

Changes to startup files or registry entries to maintain access post-reboot.

C2 Communication

Outbound connections to external command servers.

Log Investigation Report

Document summarising findings and recommendations.

Impact Assessment

Evaluation of compromised systems and data.

Network Packet

Small data unit sent over a network.

Packet

Data broken into units for transmission.

Header

Metadata including source/destination IP addresses.

Payload

Actual data being transmitted in a packet.

tcpdump

Tool for capturing network packets.

pcap

Packet capture file format for storing data.

pcapng

Next-generation packet capture file format.

Wireshark

Open-source tool for packet analysis.

Packet Filtering

Narrowing data by IP, port, or protocol.

Identifying Protocols

Detecting protocols like HTTP or IRC.

Follow TCP/UDP Streams

Reconstructing conversations from packet captures.

Pattern Matching

Filtering packets by specific values or metadata.

List Conversations

Identifying all conversation streams in captures.

Export

Isolating and exporting specific conversation streams.

Draw Conclusions

Extracting data from streams for analysis.

Command-and-Control (C2) Traffic

Remote control of compromised machines by attackers.

Netcat Reverse Shells

Interactive access method for attackers.

IRC Communication

Using Internet Relay Chat for command reception.

File Transfers

Downloading malicious payloads using commands like wget.

Web Shells

Scripts providing ongoing access to compromised systems.

Sniffing Tools

Tools like Wireshark for analysing network traffic.