chapter security + 4th chapter

Protocol Analyzer

A tool that captures and inspects network traffic to troubleshoot issues and detect malicious activity.

Intrusion Detection System (IDS)

Monitors network or host activity and alerts administrators when suspicious or malicious behavior is detected.

Intrusion Prevention System (IPS)

Monitors traffic and actively blocks or rejects malicious traffic in real time.

Active IDS

An IDS that automatically responds to threats instead of only alerting.

HIDS (Host-based IDS)

Monitors activity on a single host such as logs, files, and system calls.

NIDS (Network-based IDS)

Monitors traffic across a network segment.

Signature-Based IDS

Detects attacks by matching activity to known attack signatures.

Signature-Based IPS

Blocks traffic that matches known malicious signatures.

Heuristic-Based HIDS

Detects threats using rules and behavior patterns rather than signatures.

Anomaly-Based HIDS

Detects threats by identifying deviations from a normal baseline.

False Positive

Benign activity incorrectly identified as malicious.

False Negative

Malicious activity that goes undetected.

IDS vs IPS

IDS detects and alerts while IPS detects and blocks.

Baseline

A known normal behavior state used for comparison.

Honeypot

A decoy system designed to attract attackers.

Honeynet

A network of honeypots used for attack analysis.

Honeyfile

A fake file used to detect unauthorized access.

Honeytoken

A fake credential or data item used to detect misuse.

Wireless Access Point (AP)

Connects wireless devices to a wired network.

SSID

Service Set Identifier, the name of a wireless network.

SSID Broadcast

Advertising the SSID so devices can discover the network.

Wireless Footprinting

Identifying wireless networks, signal ranges, and security settings.

Channel Overlap Map

A diagram showing overlapping wireless channels that cause interference.

Architectural Diagram

A visual layout showing network components and their connections.

WPA2

A wireless security protocol using AES encryption.

WPA3

A more secure wireless protocol protecting against password and replay attacks.

AES

Advanced Encryption Standard used for strong encryption.

CCMP

An AES-based encryption protocol providing confidentiality and integrity.

Open Mode

Wireless mode with no authentication.

PSK (Pre-Shared Key)

A shared password used for authentication.

Enterprise Mode

Uses individual authentication via 802.1X and RADIUS.

802.1X

Port-based network access control.

RADIUS

A centralized authentication, authorization, and accounting service.

RADIUS Federation

Trust relationship allowing authentication across organizations.

RADIUS Port

UDP 1812 for authentication and UDP 1813 for accounting.

EAP

Extensible Authentication Protocol framework.

PEAP

EAP method that protects credentials inside a TLS tunnel.

Captive Portal

A web login page required before network access.

Disassociation Attack

Forces a wireless client to disconnect and reauthenticate.

WPS

Wi-Fi Protected Setup that weakens security.

Rogue Access Point

An unauthorized access point on a network.

Evil Twin

A fake access point impersonating a legitimate one.

Wireless Jamming Attack

Disrupts wireless communication using interference.

Initialization Vector (IV)

A random value used to prevent encryption repetition.

IV Attack

Exploits weak or reused IVs to break encryption.

Wireless Replay Attack

Capturing and retransmitting valid wireless traffic.

Near Field Communication (NFC)

Short-range wireless communication technology.

NFC Jamming Attack

Disrupting NFC communication with interference.

RFID

Radio Frequency Identification technology.

Active RFID Tag

An RFID tag with its own power source.

Passive RFID Tag

An RFID tag powered by the reader.

RFID Eavesdropping

Intercepting RFID communications.

RFID Cloning

Copying RFID data to impersonate a tag.

RFID Denial of Service

Preventing RFID systems from functioning.

Bluetooth

Short-range wireless communication protocol.

Bluejacking

Sending unsolicited messages over Bluetooth.

Bluesnarfing

Stealing data from a Bluetooth device.

Bluebugging

Gaining remote control of a Bluetooth device.

VPN

Virtual Private Network that encrypts traffic.

Remote Access VPN

Allows users to securely connect to a private network.

BPDU Guard

A switch feature that disables ports receiving unauthorized BPDUs.

Baseline Detection

System that compares activity to normal behavior trends.

Raspberry Pi Device

A small, low-cost general-purpose computer.