Network Vulnerabilities
Crypto graphy
Network Security
Operational Security
Access Controls
100

Person or element with power to carry out a threat

Threat Actor

100

The length of time for which a key is authorized for use.

Cryptoperiod

100

The three most common interception attacks

Man-in-the-Middle

Man-in-the-Browser

Replay

100

The rules for communication

Protocol

100

Password weakness is linked to

Human Memory
200

This malicious software enters a computer system without the owners knowledge or consent.

Malware

200

The most common asymmetric cryptography algorithm

Rivest-shamir-adleman (RSA)

200

The three types of attacks that inject "poison" into a normal network process to facilitate an attack

ARP Poisoning

DNS Poisoning

Privilege Escalation

200

Manages virtual operating systems and supports one or more guest systems

Hypervisor

200

The two key stretching algorithms

brypt

PBKDF2

300
This is a more malicious form of ransomware that enables threat actors to encrypt and lock all files on a device.

Crypto-Malware

300

The framework that contains entities involved in digital certificate management.

Public Key Infrastructure (PKI)

300

The attack that takes advantage of procedures for initiating a session

Synchronize Flood Attack (SYN)

300

Established when a bluetooth device comes within range of another

Piconet

300

The two unique keystroke variables

Dwell time

Flight Time

400

Three types of information protection (Often called the CIA triad)

Confidentiality

Integrity

Availability

400

The three classes of cryptographic algorithms

Hash, Symmetric, Asymmetric

400

Two basic types of intrusion detection systems

Host Intrusion Detection System (HIDS)

Network Intrusion Detection System (NIDS)

400

The encryption method for WPA2

Cipher Block Chaining Message Authentication Code Protocol (CCMP)

400

Individual to whom day-to-day actions have been assigned by the owner

Custodian or Steward

500

The five fundamental defensive security principles

Layering, Limiting, Diversity, Obscurity, Simplicity

500

Five basic protections of Cryptography

Confidentiality, Integrity, Authentication, Non-repudiation, Obfuscation

500

A separate network located outside of the secure network perimeter

Demilitarized Zone (DMZ)

500

Autonomous AP that manages wireless authentication, encryption, and other functions for wireless devices.

Fat APs

500

Allows an organization to maintain user profiles in a central database that all remote servers can share.

RADIUS