Wireless Network Security
Web App Attacks
Ports and Services
Secure Protocols
Social Engineering
100

An attack that sends unsolicited messages to Bluetooth-enabled  device

What is Bluejacking

100

It is an attack where software or malware is downloaded and installed without explicit consent from the user

What is Drive-by-download

100

Associated port for Domain Name System (DNS)

What is port 53

100

Was developed by VISA and MasterCard to secure Credit Card transactions

What is Secure Electronic Transaction (SET)

100

Refers to an unauthorized person listening to conversations of employees or other authorized personnel discussing sensitive topics

What is Eavesdropping

200

Access Point configured by attackers to mimic an organization's AP

What is Evil twin

200

Occurs when the operating system or an application does not properly enforce boundaries for how much and what type of data can be inputted

What is Buffer-overflow

200

Corresponding ports for File Transfer Protocol service

What is port 20/21(TCP)

200

Was developed by Netscape to secure Internet based client/server interactions

What is Secure Sockets Layer (SSL)

200

The type of phishing attack that automatically redirects the user to a fake web site

What is pharming

300

_____ is a form of tailgating that involves the tailgater colluding with an authorized person

Piggy-backing

300

It is an attack that injects scripts into Web pages. When the user views the Web page, the malicious scripts run allowing the attacker to capture information or perform other actions

What is Cross-site scripting (XSS)

300

Corresponding port for Simple Mail Transfer Protocol (SMTP) service

Port 25 (TCP)

300

Was developed for the UNIX platform to encrypt or secure communications for remote facilities

What is Secure Shell (SSH)

300

____ are privileges that are granted to users to access hardware and software resources

Access Rights

400

Ensures that a wireless LAN can provide its intended functionality and meet its requirement and desired goals ______

Site Surveys

400

This attack occurs when an attacker includes database commands within user data input fields on a form, and those commands subsequently execute on the server

What is SQL injection

400

The associated port for Network Time Protocol (NTP) service

What is port number 123

400

is a commercial asymmetric cryptosystem used for e-mail protection

What is Pretty Good Privacy (PGP)

400

A variation of spam that targets instant messaging users instead of email users 

What is spim

500

is an arbitrary number that can be used along with a secret key for data encryption in WLAN

What is Initialization vector (IV)

500

What is the Markup language designed to carry data?

What is XML

500

Corresponding port for Remote Desktop service

What is Port 3389

500

Was developed by CISCO to secure Remote Access Dial-in User Service (RADIUS)

What is TACACS+? (Terminal Access Controller Access-Control System Plus) 

500

Redirecting a user to a fictitious web site based on misspelling of the URL

What is typo squating