CISSP2B.txt

Card Set Information

Author:
usma1976
ID:
306673
Filename:
CISSP2B.txt
Updated:
2015-08-23 16:10:37
Tags:
cissp
Folders:

Description:
smaller set
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user usma1976 on FreezingBlue Flashcards. What would you like to do?


  1. Address space layout randomization (ASLR)
    a control that involves randomly arranging the positions of a process's address space and memory segments

    makes it more difficult for an attacker to predict target addresses for specific memory attacks
  2. Microkernel
    a reduced amount of code running in kernel mode to carry out critical operating system functionality

    • remaining operating system code runs in user mode
    • traditional operating system functions such as device drivers, protocol stacks and file systems are run in user space
  3. Mode transitions
    when the CPU has to change from processing code in user mode to kernel mode

    a protection measure, but it causes performance hits because all of the information in the new process has to be loaded into registers

    lower privilege to higher privilege transitions must take place through secure "gates"
  4. Hybrid microkernel
    combination of monolithic (MS-DOS) and microkernel architectures

    critical functions happen in the microkernel and remaining functions are carried out in client/server running within the kernel mode
  5. Bluejacking
    Attacker sends someone an unsolicited message when they have bluetooth enabled
  6. 802.11a
    • uses OFDM
    • 5GHz
    • 54Mbps; much faster than 802.11b
    • shorter range
    • not backwards compatible with other 802.11
  7. Connectionless protocols
    • Examples are:
    • UDP
    • IP
    • ICMP
  8. VLAN hopping attack
    Attacker inserts tagging values into layer 2 network and switch based protocols to manipulate traffic
  9. Smurf attack
    Attacker sends an ICMP ECHO REQUEST with a spoofed source address to the victim's broadcast network; ends up with a denial of service as everyone responds to the victim

    • Smurf
    • and Ping of death use ICMP

    Fraggle attack is like a smurf but uses UDP
  10. Proxy firewall
    • Breaks the connection
    • 2 types
    • Circuit - only looks at protocol headers and session information; works at the session layer

    Application proxy firewall - inspects the packet up thru the app layer; can make access decisions based on the content of the packet
  11. Virtual firewall
    can operate in "bridge" mode and monitor individual traffic links between virtual machines
  12. Metro Ethernet
    access, aggregation within the distribution network, metro, core (connects different metro networks)

    can be pure ethernet or MPLS
  13. IPSEC
    • contains 4 pieces:
    • AH - authentication header = data integrity, data origin authentication, protection from replay attacks
    • ESP - encapsulating security payload = provides confidentiality, data-origin authentication, and data integrity
    • ISAKMP - Internet Security Association and Key Management = framework for security association and key exchange
    • IKE - Internet Key Exchange = authenticated keying material for use with ISAKMP

    AH and ESP can be used separately or together

    IPSEC provides encryyption, data integrity and system based authentication
  14. Protocols and layers
    • Application = TFTP or FTP, SMTP, HTTP; message
    • Presentation layer = syntax and format (TIFF, ASCII, GIF, JPEG); encryption, compression
    • Session layer = establishing a connection; establish, data transfer, release; DIALOG management (SQL, NETBIOS, RPC); simplex, half-duplex
    • Transport = UDP, TCP, SSL, SPX; handshake; reliable data transfer; error detection; connection oriented; STREAM
    • Network = IP, RIP, OSPF, BGP, IGMP; routing; send and pray; DATAGRAM
    • Data Link = ARP, PPP, L2TP, FDDI, Ethernet, Token Ring; has 2 sublayers = LLC (logical link control) and MAC (media access control); 802.11, 802.16 etc refers to protocols at the MAC sublayer; FRAMING; bridges and swtches
    • Physical = electrical (bits)
  15. Network convergence
    Combining of SERVER, STORAGE and NETWORK into a single framework; Pool resources, automate resource provisioning, increase and decrease processing capacity; dynamic
  16. SIP
    IETG defined

    Session Initiation Protocol is a SIGNALING protocol for multimedia applications; unicast or multicast

    analogous to SS7 used in the PSTN network

    has a UAC (User Agent Client) and a UAS (User Agent Server)

    uses a Proxy server, Registrar server and Redirect Server
  17. RTP
    Real-time transport Protocol = used to actually carry multimedia over IP (SIP)
  18. 4 step DHCP process
    • DISCOVER
    • OFFER
    • REQUEST
    • ACK (actually sends the IP address from the server to the client)
  19. DHCP snooping
    Ensures that DHCP servers can assign IP addresses only to selected systems, identified by their MAC address

    can shield networks from unauthenticated DHCP clients
  20. Ports
    • Well known ports: 0 to 1023; commonly used services; only used by privileged or root system processes
    • Registered ports: 1,024 to 49,151 for proprietary software; must be registered with ICANN
    • Dynamic ports: 49,152 to 65,535; private ports available for ANY application
  21. Well known ports
    • Telnet port 23
    • SMTP port 25
    • HTTP port 80
    • SNMP ports 161 and 162
    • FTP ports 21 and 20
  22. SYN flood
    can also be called a half-open attack

    attacker sends the target system SYN packets with a spoofed address; causes the target system to set aside resources to respond and will eventually be "full"; type of DOS attack
  23. TCP session hijacking
    attacker spoof's the sender's address and sends packets with the correct sequence number to take over the session
  24. RPC
    remote procedure call; session layer

    SRPC: Secure RPC which requires authentication via shared secrets, public keys or Kerberos before allowing communication
  25. Single mode versus multi mode fiber
    Single mode is for long distances on a small glass core

    Multimode is for short distances on a large glass core
  26. Smurf attack
    Sends ICMP ECHO REQUEST to the broadcast address (all computers) so that they respond back and overwhelm the victim
  27. SNMP V3
    adds cryptography to SNMP

    provides encryption, message integrity and authentication so sniffers can not sniff the traffic
  28. DNSSEC
    DNS Security which can validate the origin of a message and ensure it is not spoofed

    validates the digital signature before accepting information

    great tool but hard to implement because it requires all computers to participate in PKI
  29. Firewall rule types - Silent rule
    Drop noisy traffic without logging it; reduces log sizes by not responding to unimportant packets
  30. Firewall rule types - Stealth rule
    Disallow access to firewall software from unauthorized systems
  31. Firewall rule types - clean up rule
    The last in the rule base; drops and logs any traffic that does not meet the preceding rules
  32. Firewall rule types - Negate rule
    opposite of "any-any"; provides tighter permission by specifying what system can be accessed and how
  33. Tarpit
    software configured to emulate a service so attackers send packets to it; seems to be live

    But victim machine is programmed to respond slowly which forces time outs on the attacker traffic; thus defeating DOS attacks
  34. 802.1X
    a port based network access control; does not allow a connection until the user is authenticated

    uses TKIP and CCMP

    requires a supplicant (wireless device), the authenticator (AP) and an authentication server (usually RADIUS)
  35. EAP
    allows for mutual authentication

    • LEAP = lightweight extensible authentication protocol
    • PEAP = protective EAP
    • EAP-TLS = uses digital certificates
    • EAP-TTLS = tunneled transport layer security; extends EAP-TLS
  36. IEEE 802.16
    MAN wireless standard; extends wireless over a large geographic area

    broadband wireless access

    also called WIMAX
  37. IEEE 802.15
    deals with a wireless personal area network (WPAN)

    short-range local devices

    Bluetooth is based on a portion of the 802.15 standard

    802.11, 802.15 and 802.16 all deal with wiFi
  38. IPV6
    128 bits instead of 32 bits

    integrates IPSEC into the protocol stack; provides more flexibility and QOS

    does not require NAT

    uses jumbograms

    uses automatic tunneling

    • can use Teredo - uses UDP encapsulation so as not to affect NAT addresses
    • can use 6to4 - uses a well known IPV4 anycast address
    • or can use ISA-TAP (Intra-site automatic tunnel addressing protocol) - virtually maps each IPv4 address to IPV6
  39. SASL
    Simple Authentication and Security Layer

    protocol independent framework for performing authentication; inserts a security layer for data integrity, and confidentiality

    can be used by POP, IRC, LDAP, SMTP
  40. WPA2
    uses 802.1X plus EAP plus CCMP (AES CounterMode)
  41. Difference between HMAC and CBC-MAC
    HMAC concatenates a symmetric key with the message and puts thru a hashing algorithm; provides integrity and system or data authentication

    CBC-MAC uses a block cipher to create a MAC which is the last block of the ciphertext
  42. MAC (3)
    Message Authentication Code

    • 3 types:
    • HMAC: symmetric key plus message = hash = provides integrity and data message authentication; not confidentiality
    • CBC-MAC: symmetric chain block cipher = last block becomes the MAC
    • CMAC: Cipher-Based MAC; same as CBC-MAC but more mathematically secure
    • CCM: combines CTR and CBC-MAC; used in 802.11i
  43. DSS
    Digital Signature Standard

    • federal digital signature standard
    • requires DSA, RSA or ECDSA PLUS SHA 160 bit message digest
  44. RSA vs DSA
    2 most popular algorithms for DIgital Signatures

    RSA can provide digital signatures, plus encryption, plus secure distribution of symmetric keys

    DSA can only provide digital signatures

    DSA is slower than RSA
  45. Digital Signature
    a message digest that has been encrypted with the sender's private key

    • A digital signature provides:
    • authentication (knowing who sent it)
    • integrity (using a hashing algorithm) and
    • nonrepudiation
  46. Messages
    • a message encrypted = confidentiality
    • a message hashed = integrity
    • a message digitally signed = authentication, nonrepudiation and integrity
    • a message encrypted and digitally signed = confidentiality, authentication, nonrepudiation and integrity
  47. DES key size
    has EFFECTIVE key length of 56 bits because it uses 8 bits of the 64 for parity

    DEA is the algorithm for DES

    DES is really the standard

    DES = data encryption standard = federal govt and NIST standard to encrypt sensitive but unclassified data
  48. DEA
    Data Encryption Algorithm for DES

    uses symmetric block cipher of 64 bit blocks, 16 rounds, with a 56 bit key
  49. Diffie Hellman
    first public key algorithm

    used only for key distribution

What would you like to do?

Home > Flashcards > Print Preview