IT 120 - Lesson 7 Configuring SOHO Network Security

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465
Across
  1. 5. phase in an attack or penetration test in which the attacker or tester gathers information about the target before attacking it
  2. 6. biometric camera-based scanner that uses unique features of a palm shown by visible and infrared light
  3. 9. technique of discovering things about an organization or person based on what they throw away
  4. 11. information is accessible to those authorized to view or modify it
  5. 12. mechanism to configure access through a firewall for application that require more than one port
  6. 14. attack technique where the threat actor disguises their identity or impersonates another user or resource
  7. 16. AAA protocol used to manage remote and wireless authentication infrastructures
  8. 17. security entry system with two gateways, only one of which is open at any one time
  9. 19. type of port forwarding where the external port is forwarded to a different internal port on the LAN
  10. 24. home router implementation of DMZ where all ports with no existing forwarding rules are opened and directed to a single LAN host
  11. 27. person or entity responsible for an event that has been identified as a security incident or as a risk
  12. 31. social engineering attack where an attacker pretends to be someone they are not
  13. 33. password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to crack encrypted passwords
  14. 35. system whose configuration is different from its secure baseline
  15. 40. wireless access point that deceives users into believing that it is a legitimate network access point
  16. 42. vulnerability in software that is unpatched by the developer or an attack that exploits such a vulnerability
  17. 43. weakness that could be triggered accidentally or exploited intentionally to cause a security breach
  18. 44. security framework and tools that facilitate the use of personally-owned devices to access corporate networks and data
  19. 45. physical intrusion detection and warning that can use circuit, motion, proximity, and duress triggers
  20. 48. any type of physical, application, or network attack that affects the availability of a managed resource
  21. 50. symmetric 128-, 192, or 256-bit block cipher used for bulk encryption in modern security standards
  22. 54. tactic to obtain someone's password or PIN by observing him or her as it is typed in
  23. 56. specific method by which malware code infects a target host, often via some vulnerability in a software process
  24. 58. protocol framework allowing network devices to autoconfigure services
  25. 59. authentication mechanism that allows a user to present a smartcard to operate an entry system
  26. 60. allowing a threat actor to enter a site or controlled location without authorization
  27. 61. security measure used to identify and block suspicious, malicious and/or inappropriate content in accordance with an organization's policies
  28. 62. an attack that uses multiple compromised hosts to overwhelm a service with request or response traffic
  29. 63. activity where the goal is to use deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines
  30. 65. physical security control that uses cameras and recording devices to visually monitor the activity in a certain area
Down
  1. 1. threat actor who is assigned privileges on the system that cause an intentional or unintentional incident
  2. 2. email based attack, in which the attacker sends email from a supposedly reputable source to try to elicit private information from the victim
  3. 3. malicious script hosted on an attacker's site or coded in a link injected onto a trusted site designed to compromise client browsing the trusted site, circumventing the browser's security model of trusted zones
  4. 4. security barrier designed to prevent unauthorized access to a site perimeter
  5. 7. protection of computer systems and digital information resources from unauthorized access, attack, theft, or data damage
  6. 8. data is stored and transferred as intended and any modification is authorized
  7. 10. one or more required security controls is missing or misconfigured on a system
  8. 13. attack where the threat actor makes an independent connection between two victims and is able to read and possible modify traffic
  9. 15. sturdy vertical post installed to control road traffic or designed to prevent ram-raiding and vehicle-ramming attacks
  10. 18. form of phishing which targets specific individuals
  11. 20. cipher that uses mathematically linked public and private keys
  12. 21. function that converts an arbitrary length string input to a fixed length string output
  13. 22. software instructions embedded on a hardware device
  14. 23. technique to gain access to a building by following someone who is unaware of their presence
  15. 25. hand-held or walkthrough metal detector designed to detect concealed weapons
  16. 26. password attack that compares encrypted passwords against a predetermined list of possible password values
  17. 28. likelihood and impact of a threat actor exercising a vulnerability
  18. 29. standards for authenticating and encrypting access to Wi-Fi networks
  19. 30. process in which a router takes requests from the Internet for a particular application and sends them to a designated host on the LAN
  20. 32. two way encryption scheme in which encryption and decryption are both performed by the same key
  21. 34. physical security mechanisms that ensure a site is sufficiently illuminated for employees and guests to feel safe and for camera-based surveillance systems to work well
  22. 36. attack that injects a database query into the input data directed at a server by accessing the client side of the application
  23. 37. character string that identifies a particular wireless LAN
  24. 38. message digest encrypted using a sender's private key that is appended to a message to authenticate the sender and prove message integrity
  25. 39. biometric scanner based on analysis of the unique pattern of blood vessels at the back of the eye
  26. 41. framework for negotiating authentication methods that enables systems to use hardware-based identifiers for authentication and establish secure tunnels through which to submit credentials
  27. 46. threat actor extracts information while speaking over the phone or VoIP service
  28. 47. any method by which cryptographic keys are transferred among users, thus enabling the use of a cryptographic algorithm
  29. 49. certain information should only be known to certain people
  30. 51. form of phishing which targets senior executives or wealthy individuals
  31. 52. group of hosts or devices that have been infected by a control program called a bot that enables attacks to exploit the hosts to mount attacks
  32. 53. physical security device that restricts access to ports and internal components to key holders
  33. 55. segment isolated from the rest of a private network by one or more firewalls that accepts connections from the Internet over designated ports
  34. 57. single sign-on authentication and authorization service that is based on a time-sensitive, ticket-granting system
  35. 64. personal authentication mechanism for Wi-Fi networks introduced with WPA3