Threats, Attacks and Vulnerabilities
An unsolicited and unwanted malicious program.
What is a virus
Is a collection of standardized policies, procedures and guides, meant to direct a: user, firm, or any organization.
What is a Framework?
Determining what an individual can and cannot access on a system.
Authorization
A shared secret key used by the sender and receiver to encrypt and decrypt.
What is Symmetric algorithm
A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
What is a Firewall?
A self-contained infection that can spread itself through networks, emails, and messages.
What is a Worm
Instructions that have been developed over years that are designed to give organizations the best and most secure configurations for a particular system.
Benchmarks/secure configuration guides
Developed by MIT, for mutual authorization between client and server. It uses a ticket granting system for authorization. Is a government standard.
Kerberos
Provides integrity, verifies that the original sender is actually the one who sent it. This can be done through asymmetric encryption, where there is a hash message then they will encrypt the hash using their private key, creating a digital signature that can only originate from them.
Digital signatures
The default mode for IPSec, the entire pack is protected.
Tunnel mode
A backdoor program that allows full remote access to a system.
What is a rootkit
Translates private IP addresses in to public and public IP addresses to private.
NAT (Network Address Translation):
Authenticates through a third-party source to gain access, the resource is not responsible for the authentication. The request is passed through a trusted third-party server.
What is SAML
Hashing a password, and then hashing that hashed value. Protects a weak password from brute force attacks.
What is Key stretching
IPSec component that provides the same services as AH and also ensures confidentiality when sending data
ESP (Encapsulating Security Payload)
Software that installs itself to spy on the infected machine, sends the stolen information over the internet back to the host machine.
What is A Spyware
A wireless network without an access point, the connected devices communicate directly.
What is an Ad hoc
An authentication mechanism that can be used to identify and authenticate, and to deny and allow access.
Secure token
First practical use of public key cryptography, uses large prime numbers as the basis for encryption.
RSA (Rivest, Shamir, Adleman)
Forwards requests from internal clients to external servers.
Forward proxy:
A remotely operated Trojan.
RAT (Remote Access Trojan)
Authenticates VPN clients and establishes between tunnels.
What is a VPN concentrators
Based on classification rules. Objects are given sensitivity labels, subjects given clearance labels, and users obtain access by having the correct clearance. The classifications are hierarchical
What is MAC (Mandatory Access Control
Hashing algorithm, 128-bit hash with strong security, collision was found in 1996 so it is not used as much nowadays.
What is MD5 (Message-Digest Algorithm v5)
An already created set of exploits that already have all the major components designed, the user just needs to figure out how to inject them into the network. These toolsets can be used offensively by hackers or defensively by pen testers.
What are Exploitation frameworks