The most common protocol suite used today for local area networks (LANs) and the Internet
What is the Transmission Control Protocol/Internet Protocol (TCP/IP)
100
A 24-bit value used in WEP that changes each time a packet is encrypted
What is an initialization vector (IV)
100
A set of permissions that are attached to an object.
What is an access control list (ACL)
100
A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched with those in a stolen password file.
What is a brute force attack
100
Data that has been encrypted
What is ciphertext
200
An unsecure TCP/IP protocol that is commonly used for transferring files
What is File Transfer Protocol (FTP)
200
An Access Point set up by an attacker to mimic an authorized AP and capture transmissions, so a user's device will unknowingly connect to this AP instead.
What is an evil twin
200
Rejecting access unless a condition is explicitly met.
What is implicit deny
200
Large pregenerated data sets of encrypted passwords used in password attacks.
What are rainbow tables
200
The process of changing ciphertext into plaintext
What is decryption
300
A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack
What is a flood guard
300
An attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers.
What is bluesnarfing
300
The act of moving individuals from one job responsibility to another.
What is job rotation
300
Using fingerprints or other unique physical characteristics of a person's face, hands, or eyes for authentication.
What are standard biometrics
300
Free and open-source software that is commonly used to encrypt and decrypt e-mail messages.
What is the GNU Privacy Guard (GPG)
400
The next generation of the IP protocol that addresses weaknesses of IPv4 and provides several significant improvements.
What is Internet Protocol version 6 (IPv6)
400
An unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks.
What is rogue access point
400
An authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users
What is Kerberos
400
Authenticating a user by the normal actions that the user performs.
What are behavioral biometrics
400
A symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES.
What is the Advanced Encryption Standard (AES)
500
A means of managing and presenting computer resources by function without regard to their physical layout or location.
What is virtualization
500
The second generation of WPA security from the Wi-Fi Alliance in 2004 to address authentication and encryption on WLANs.
What is Wi-Fi Protected Access 2 (WPA2)
500
The most restrictive access control model, typically found in military settings in which security is of supreme importance.
What is Mandatory Access Control (MAC)
500
A card that contains an integrated circuit chip that can hold information used as part of the authentication process.
What is a smart card
500
A variation of a hash that encrypts the hash with a shared secret key before transmitting it.
What is a Hashed Message Authentication Code (HMAC)