Security + Set 2
Terms
undefined, object
copy deck
- Who developed Back Orifice?
- Cult of the Dead Cow
- Name three applications that make MITM attacks easier?
- Juggernaut, T-sight, Hunt
- What is a birtday attack?
- A type of brute force attack that uses hash functions
- What is the Stoned virus?
- MBR virus that is transmitted by floppy.
- What is Acid Rain?
- A DOS trajoan that deletes system files, renames folders and create empty folders
- What is Sub7?
- Win9x Internet backdoor
- What is Simpsons?
- A trojan hours that deletes files on selected drives using an extracted BAT file. Uses deltree.exe
- What is the difference between worms and viruses?
- Worms do not need to attach themselves to a host program to replicate.
- What is Morris?
- A worm that took advantage of the SendMail vulnerabilty and shut down the entire internet in 98
- What is BadTrans
- Mass-mailing worms that attempts to sedn itself by using Outlook by replying to unread emails
- What is NIMDA?
- A mass mailing worm that uses network share propagation and several MS vulnerabilities
- What is CodeRed?
- Worm that exploits buffer overflow vulnerabilities in Win 2000 web servers
- What is SAFESuite?
- Scans TCP/IP networks looking for vulnerabilities in web servers
- What does TACACS+ provide that TACACS does not?
- authentication
- What protocol does TACACS+ rely on?
- TCP
- What is IDEA?
- The default encryption method used in SSH uses 128-bit symetric key block cipher
- What three utilities comprise SSH?
- Slogin, SSH & SCP
- What layer of the OSI model does IPSEC function at?
- network layer
- How does IPSEC provide authentication services?
- through IKE
- What IPSEC service provides authentication?
- AH
- What encryption scheme does PGP use?
- RSA or Diffe-Helman
- What can PGP include to validate an email to its recipient?
- digital certificate
- How does SSL communicate?
- Using asymmetric key with a cipher strenght of 40-128 bits
- What are the two layers of TLS
- TLS Record protocol and TLS handshake protocol
- What type of encryption does HTTPS use?
- RC4 stream
- What are the two general categories of CGI exploits?
-
1. May leak information about the server
2. may be exploited to execute unwanted commands - What types of attacks are LDAP servers vunerables to?
- buffer overflow
- What is 802.11a
- An extention to 802.11 that provides up to 54Mbps in the 5GHz range
- What is required before implementing any WLAN solution?
- Site Survey
- What is a firewall?
- A component that is placed between computers and networks that helps eliminate undesired network access
- What are the three main types of firewalls?
-
Packet filtering
Proxy Service
Stateful inspection - At what layer of the OSI model to packet filtering firewalls operate?
- network
- What are the two types of Proxy Service firewalls?
- Circuit-levl gateways & Application level gateways
- What type of domains do switches create?
- collision domains
- What type of attacks are wireless networks most suceptible to?
- session hijacking & MITM
- What is SNMP?
- Application layer protocol that collects stats from TCP/IP devices
- What ports does SNMP use
- Ports 161,162 (UDP)
- What is a Bastion Host?
- the first line of security that a company allows to be addressed directly from the internet
- What is a screened host gateway?
- A type of bastion host system that is implemented using a screening router and a bastion host
- What is a screened subnet gateway?
- Includes two screened host gateway devices that isolate the LAN from the internet
- What is the purpose of a VLAN?
- to unite network nodes logically into the same broadcast domain reguardless of their phsycial attachement to the network
- Which standard defines a mechanism that encapsulates the frames with the headers and tags them w/a VLAN ID
- 802.1Q
- What is the difference between intrustion and misuse?
- intrusion is from the outside misuse is from the inside
- Define SHA-1
- A hash algorithm designed by the US gov't that generates 168-bit hash from any variable length string of data
- Define MD series
- a series of encryption algorithms designed to be fast, simple & secure. Generates a has of 128-bit strength
- Define 3DES
- Symetric uses three distinct keys for a total strength of 168-bits
- Define AES
- also called rijndael it is a symetric block cipher, is the successor to DES and can create keys from 128-256 length, has three layers
- Define Elliptic Curve cryptography
- utilizes a method in which elliptical curves can be used to calculate simple but very difficult to break encryption keys
- What is confidentiality
- the act of limiting disclosure of private information
- What is integrity
- ensuring that the data you send arrives at the destination unmodified
- What is non-repudiation
- provides through encryption, a method in which there is no refute from where data has come
- What type of key system is non-repudiation unique to and why?
- asymmetric because the private key is not shared
- What is a new more popular way of implementing access control?
- XML
- What is the version of XML specifically designed for access control?
- XACL
- What is a digital certificate?
- a digitally signed block of data that allows PKI cryptography to be used for identification purposes.
- What is PKI based on?
- x.509 certificate
- What is ISAKMP?
- a protocol that defines a common frame work for the creation, negation, modification, and deletion of security associations in VPNs
- What types of encyrption does S/MIME support?
- DES, 3DES, and RC2