wkwk.docx
Document Details
Uploaded by CleanRocket
Related
- A Concise History of the World: A New World of Connections (1500-1800)
- Lg 5 International Environmental Laws, Treaties, Protocols, and Conventions
- Ziraat Finans Grubu Uygulamaları
- Psychoanalytic Diagnosis: Understanding Personality Structure
- Dynamics of the Cell Membrane PDF - Istanbul Atlas University
- Health Education Chapter 1 Notes PDF
Full Transcript
**IDENTIFICATION** 1\. Redirect victims to a malicious site by corrupting name resolution \- Pharming 2\. Prevent users contacting legitimate services \- Denial of Service (DOS) 3\. Resolves host names and domain labels to IP addresses \- Domain Name System (DNS) Security 4\. Spoof responses...
**IDENTIFICATION** 1\. Redirect victims to a malicious site by corrupting name resolution \- Pharming 2\. Prevent users contacting legitimate services \- Denial of Service (DOS) 3\. Resolves host names and domain labels to IP addresses \- Domain Name System (DNS) Security 4\. Spoof responses to queries by exploiting weak transaction ID generation in DNS servers \- DNS server cache poisoning 5\. Taking over a company\'s legitimate domain \- Cybersquatting 6\. Register domains that are very similar to the victim domain \- Typosquatting 7\. HTML web pages and associated binary files \- HTTP Payload 8\. Protocol enables clients to request files from server (port 80) \- Hyper Text Transport Protocol (HTTP) 9\. Used with TCP applications (notably HTTPS over port 443) \- SSL/TLS (*Secure Sockets Layer / Transport Layer Security*) 10\. Used to identify a host during authentication \- PKI digital certificates 11\. Offload cryptographic calculations to a dedicated processor \- SSL/TLS accelerators 12\. Run FTP over SSH on port 22 \- SSH FTP (SFTP) 13.Period that a function can be unavailable \- Maximum Tolerable Downtime (MTD) 14.Time to bring a system back online \- Recovery Time Objective (RTO) 15.Assigns concrete values to risk factor likelihood and impact \- Quantitative approach 16.The overall process of reducing exposure to or the effects of risk factors \- Risk mitigation 17.Keeps data private while transiting the public network \- Secure tunnel 18.Two private networks connected by VPN routers across the Internet \- Site-to-site VPN 19.Network layer security---application-independent \- Internet Protocol Security (IPSec) 20.Encrypts the original IP header and replaces it with another \- Tunnel mode 21.Handles authentication and key exchange/agreement (Security Associations) \- IKE 22.Positioned at network edge, protected by firewall/DMZ configuration \- VPN concentrators 23.The client accesses the Internet directly using its \"native\" IP configuration and DNS servers \- Split tunnel 24.Remote administration with public key cryptography security \- Secure Shell (SSH) 25.Route mail between servers \- Simple Mail Transfer Protocol (SMTP) 26.Allows VoIP calls to be placed to telephone network \- Media gateway 27\. Categorized as hot, warm, or cold \- Sites 28.System sprawl and undocumented assets \- Rogue VMs 29.IT infrastructure providing on-demand resources over the network/Internet \- Cloud Computing
