Section 21 Security Techniques

avatar
Created by
Joshua Huh

Subdecks (4)

Cards (64)

  • WAPs stands for Wireless Access Points
  • WAPs allow wireless devices to connect to a wired network using WIFI standards
  • ESS stands for Extended Service Set
  • ESS are multiple WAP to work together to provide seamless network coverage
  • Site Surveys is the process of planning and designing a wireless network to provide a solution
  • Heat Map is a graphical representation of wireless coverage and signal strength
  • WEP stands for Wired Equivalent Privacy
  • WEP is outdated wireless security
  • WPA stands for Wifi Protected Access
  • WPA3 is the latest and most secure wireless security protocol
  • SAE stands for Simultaneuous Authentication of Equals
  • SAE enhances security by key to guard against offline dictionary attacks
  • AAA Protocol stands for Authentication, Authorization, and Accounting Protocol
  • AAA plays a role in network security by permiting only authroized users to access network resources
  • RADUIS stands for Remote Authenticaion Dial-In User Service and is a network protocol for AAA
  • TACACS+ stands for Terminal Access Controller Access Control System
  • TACACS+ separates the functions of AAA to allow for more granular control over processess
  • EAP stands for Extensible Authentication Protocol
  • PEAP stands for Protected Extensible Authentication Protocol. This secures EAP within an excrypted and TLS tunnel
  • EAP - TTLS stands for Exensible Authentication Protocol Tunneled Transport Layer Security
  • Application Security focuses on building secure applications
  • Input Validation acts as a gatekeeper to ensure that applciatins only act on well-defined and uncontaminated data
  • Secure Cookies are transmitted over HTTPS for enchanced security
  • SAST stands for Static Code Analysis
  • SAST is a method of debugging an application by reviewing and examining its source code before the program is ever run
  • DAST stands for Dynamic Code Analysis
  • DAST analyze code while its running
  • Fuzzing finds software flaws by bombarding it with random data to trigger crashes
  • Code Signing is used to confirm the identity of the software author to guarantee that the code has not been altered or corrupted
  • Sandboxing isolates running programs, limiting their access to resources
  • NAC stands for Network Access Control
  • NAC scans devices for their security status before granting network access
  • Persistent Agents are installed on devices in corporate environment where the organization owns and controls device software
  • Non-Persistent Agents are common in environments with personal devices
  • IEEE Standard 802.1x is a port-based netowkr access control mechanism
  • Web Filtering is used to control or restrict the content users can access on the internet
  • Centralized Proxy uses a proxy server as an intermediary between an oganization's end users and the internet
  • Block Rules are guidelines set by organizations to prevent access to certain websites
  • DNS filtering blocks access to specific websites by preventing the translation of domain names to their IP addresses