Security+
0.0 / 5
- Created by: Jude1819
- Created on: 09-11-23 14:01
SPIM SPAT meaning?
SPIM - Spam over internet message
SPAT - Spam over telephony
SPAT - Spam over telephony
1 of 50
Pharming Smishing Meaning?
Smishing - impersonation over text
Pharming - directing users to malicious sites
Pharming - directing users to malicious sites
2 of 50
Prepending meaning?
Prepending - decieving a user
3 of 50
PUP meaning?
PUP - Potentially unwanted program
4 of 50
c2server and RAT use/meaning?
c2server - botnet controller
RAT - Remote access Trojan
RAT - Remote access Trojan
5 of 50
rainbow table and Spraying meaning?
Spraying - common used pws against all accs
rainbow table - predetermined pw hashes to crack
rainbow table - predetermined pw hashes to crack
6 of 50
What is DLL injection?
DLL - precompiled windows application to save sys resources
dll injection - allows to run code in memory of another process
dll injection - allows to run code in memory of another process
7 of 50
What is a race condition
race condition - Malfunction preprogrammed access to shared resource (time of use vullnerability due to time between tasks not being taken into account)
8 of 50
waht is ssrf
ssrf - server side request forgery
9 of 50
What is Refactoring and Shimming?
Shimming - alters behaviour without changing code
Refactoring - change code without altering what it does
Refactoring - change code without altering what it does
10 of 50
What is Pass the hash?
Pass the hash - auth to server withotu cleartext pw
11 of 50
What is bluejacking and Blusnarfing ?
Blusnarfing - unauthed access
bluejacking - spam over bt
bluejacking - spam over bt
12 of 50
What is code obfuscation?
obfuscation - no longer useful for hacker but useful for user
13 of 50
What is layer 2 attack and APT ?
layer 2 attack - Hardware based
APT - advanced persistent threat
APT - advanced persistent threat
14 of 50
What is OT ?
OT - operational technology
15 of 50
What is OSINT, STIX and AIS?
OSINT - openly securable information
STIX - structured threat information - common language for threat info
AIS - automated indicator sharing - US governemnt
STIX - structured threat information - common language for threat info
AIS - automated indicator sharing - US governemnt
16 of 50
What is TAXII and TTP?
TAXII - transport for threat info
TTP - tactics tequniques procedures
TTP - tactics tequniques procedures
17 of 50
What is SIEM and SOAR?
SIEM - security information events manager
SOAR - automated threat response
SOAR - automated threat response
18 of 50
What is DNS Sinkhole
DNS Sinkhole - returning cannot connect error when its a known malicious site
19 of 50
What is Fog computing and edge computing?
Fog computing - speed up transmission between IOT and cloud
edge computing - compute data closer to the user for speed
edge computing - compute data closer to the user for speed
20 of 50
What is SDV and SDN?
SDV - software defined visibility
SDN - software defined networkign
SDN - software defined networkign
21 of 50
what is VPC and SDK?
VPC - virtual private cloud
SDK - software development kit
SDK - software development kit
22 of 50
What is normalisation?
Normalization - removing redundant entries
23 of 50
What is Federation?
federation - sso for multiple systems across diff organisations
24 of 50
What is differential backup and incremental backup?
differential backup - all that changed since last full backup
incremental backup - all that changed since backup
incremental backup - all that changed since backup
25 of 50
What is SCADA, ICS and RTOS?
SCADA - supervisory control and data aquisition
ICS - industrial control sys
RTOS - real time OS (FAST OPERATING SYS)
ICS - industrial control sys
RTOS - real time OS (FAST OPERATING SYS)
26 of 50
What is SoC and Air Gap?
SoC - sytem on a chip
Air Gap - isolation from external compt networks
Air Gap - isolation from external compt networks
27 of 50
What is ECC, PFC, Ephemeral and session keys?
ECC - eliptical curve cryptography - fast key gen small key fast signature aymmetric
pfc - perfect forward secrecy - temp key generation for sessions
ephemeral key - used one time
session key - symetric used only in single session
pfc - perfect forward secrecy - temp key generation for sessions
ephemeral key - used one time
session key - symetric used only in single session
28 of 50
What is ECB and GCM
ecb - electronic code book - weak and simple
GCM - Galis count mode - provides data integrity and confidentiality
GCM - Galis count mode - provides data integrity and confidentiality
29 of 50
Whats SNMP and SRTP?
SRTP - secure realtime protocol video and audio
snmp - simple network management protocol 1,2 community hash
snmp - simple network management protocol 1,2 community hash
30 of 50
Whats ah and ESP?
ah - authentication header
esp - encapsulating security payload
esp - encapsulating security payload
31 of 50
Whats DHCP snooping and NGFW?
DHCP snooping - used to counter against rogue dhcp
NGFW - next gen firewall
NGFW - next gen firewall
32 of 50
Whats SED and fde?
SED - self encrypting drives
fde - full disk encryption
fde - full disk encryption
33 of 50
Whats reverse proxy, Forward proxy and transparent proxy?
reverse proxy - acts on behlaf of server hiding identity
Forward proxy - acts on behalf of client hiding identity
transparent proxy - doesnt require config can be invisible and doesnt modify response
Forward proxy - acts on behalf of client hiding identity
transparent proxy - doesnt require config can be invisible and doesnt modify response
34 of 50
Whats port mirror, GRE ?
port mirror - can view traffic
GRE - connection between 2 USB devices
GRE - connection between 2 USB devices
35 of 50
What is COPE, CASB and IDP?
COPE _ corp owned used for personal
CASB - cloud access security broker
IDP - Identity Service Provider
CASB - cloud access security broker
IDP - Identity Service Provider
36 of 50
What is RADIUS, TACACS+ and Kerberos?
RADIUS - remote session authentication
TACACS+ - remote session auth used for device admin seperates
Kerberos - trusted devices over untrusted netowrk
TACACS+ - remote session auth used for device admin seperates
Kerberos - trusted devices over untrusted netowrk
37 of 50
What is ABAC, RBAC and MAC?
ABAC - attribute based access control
RBAC - rules based access control done by fw rules
MAC - manditory access control - strictest
RBAC - rules based access control done by fw rules
MAC - manditory access control - strictest
38 of 50
What is FACL, PKI and OSCP?
FACL - file access control list
PKi - public key infrastructure
OCSP - official checked security procedure - quickest way to check if digital cert is legit
PKi - public key infrastructure
OCSP - official checked security procedure - quickest way to check if digital cert is legit
39 of 50
What is PFC, PEM and P7B?
PFX - microsoft encoded in binary
PEM - Encoded in ASCII used for APACHE
P7B - ASCII microsoft and JAVA
PEM - Encoded in ASCII used for APACHE
P7B - ASCII microsoft and JAVA
40 of 50
What is Stapling and Pinning?
Stapling - check validity of cert without contact CA
Pinning - defend against fruad certs
Pinning - defend against fruad certs
41 of 50
What is netcat and ARP?
netcat - read write tcp/udp
ARP - IP to MAC
ARP - IP to MAC
42 of 50
What is Cuckoo, Cat, DD and winhex?
Cuckoo - antimalware to analyse files in sandbox
cat - used to create linux files etc
dd - linux to copy image files/create
winhex - used to low level data process and digi forensics
cat - used to create linux files etc
dd - linux to copy image files/create
winhex - used to low level data process and digi forensics
43 of 50
What is COOP and IRT?
COOP - US gov initiative to ensure essential function
IRT Incident response team
IRT Incident response team
44 of 50
What is IPFIX?
IPFIX - IP info exporter
45 of 50
What is hashing and checksums used for ?
validation - hashing checksums
46 of 50
What is e-descovery, CSI and CSF?
e-descovery - legal proceeding checking data
CSI - cyber security inspectors global org
csf- cyber security framework, developed by NIST
CSI - cyber security inspectors global org
csf- cyber security framework, developed by NIST
47 of 50
What is Pii and PIV?
Pii- personally identifiable infromatrion
PIV - persoanl indetity verification
PIV - persoanl indetity verification
48 of 50
What is SLE/a, RTO and mttr?
SLE/a - single/ Annual loss expectancy
RTO - recovery time objective
mttr - meantime til recovery
RTO - recovery time objective
mttr - meantime til recovery
49 of 50
What is CSA, aup, moa/u/msa and bpa?
CSA - cloud security authority
aup - acceptable use policy
moa/u/msa - for the companies to agree policies
bpa - business policy agreement
aup - acceptable use policy
moa/u/msa - for the companies to agree policies
bpa - business policy agreement
50 of 50
Other cards in this set
Card 2
Front
Pharming Smishing Meaning?
Back
Smishing - impersonation over text
Pharming - directing users to malicious sites
Pharming - directing users to malicious sites
Card 3
Front
Prepending meaning?
Back
Card 4
Front
PUP meaning?
Back
Card 5
Front
c2server and RAT use/meaning?
Back
Similar Fun resources:
0.0 / 5
0.0 / 5
0.0 / 5
0.0 / 5
0.0 / 5
0.0 / 5
0.0 / 5
Comments
No comments have yet been made