Index A | Security+ Certification Exam Cram 2 (Exam Cram SYO-101)

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

acceptable use policies
access control
authentication
biometric
biometrics
Challenge Handshake Authentication Protocol (CHAP) 2nd 3rd
digital certificates 2nd
evaluating levels of
function of
Kerberos 2nd 3rd 4th
multifactor
mutual
password-form
strengths
token-based
tokens
username/password combination 2nd
weaknesses
DAC (Discretionary Access Control)
basis for access control lists (ACLs)
Discretionary Access Control (DAC)
Domain 1.0 skill set (general security concepts)
encryption benefits 2nd
exam practice questions 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
least privilege practices 2nd
MAC (Mandatory Access Control)
sensitivity labels 2nd
Mandatory Access Control (MAC)
networks
hardening measure 2nd
nondiscretionary
nonessential services
disabling 2nd
physical security 2nd
environment 2nd 3rd 4th 5th 6th 7th 8th 9th 10th
facilities 2nd 3rd 4th 5th 6th 7th
physical barriers 2nd
social engineering 2nd 3rd 4th 5th 6th
planning 2nd
privileges
auditing 2nd
RBAC (Role-Based Access Control)
employee functions
lattice-based
task-based
RBAC (Rule-Based Access Control)
router/firewall implementation 2nd
role-based (RBAC)
single sign-on (SSO) 2nd
Trusted Computer System Evaluation System (TCSEC)
XML Access Control Language (XACL)
access control lists (ACLs)
discretionary access control
access controls
group -based
management
centralized versus decentralized 2nd
privileges
role-based
user -based
Acid Rain (Trojan horse)
ActiveX controls
signed versus unsigned execution
vulnerabilities
administrators
user education
implementing 2nd 3rd
methods 2nd
Advanced Encryption Standard (AES)
symmetric key algorithm
Advanced Intelligent Tape (AIT)
Airopeek NX
WLAN monitoring tool
AIT (Advanced Intelligent Tape)
algorithms
(cryptography)
asymmetric key 2nd 3rd
Diffie-Hellman Key Exchange
El Gamal Encryption Algorithm
Elliptic Curve Cryptography (ECC)
Rivest, Shamir & Adelman Encryption Algorithm (RSA)
Domain 4.0 skill set (cryptography basics)
function of
hashed 2nd
Message Digest Series Algorithm (MD2/MD4/MD5) 2nd
RIPEMD-160
Secure Hash Algorithm (SHA/SHA-1) 2nd
symmetric key
Advanced Encryption Standard (AES)
block ciphers
Blowfish Encryption Algorithm
comparison chart 2nd
Data Encryption Standard (DES)
International Data Encryption Algorithm (IDEA)
Rivest Cipher (RC2/RC4/RC5/RC6)
stream ciphers
Triple Data Encryption Standard (3DES)
versus asymmetric key bit strength 2nd 3rd 4th
types
anonymous access
FTP server vulnerability 2nd
antivirus policies
applets (Java)
signed 2nd
vulnerabilities 2nd
application servers
application testing
vulnerability scanning
application-level gateway
proxy service firewalls
applications
hardening measures
updates/patches
architectural documentation 2nd
assets
risk identification
asymmetric key algorithms 2nd 3rd
Diffie-Hellman Key Exchange
El Gamal Encryption Algorithm
Elliptic Curve Cryptography (ECC)
Rivest, Shamir & Adelman Encryption Algorithm (RSA)
versus symmetric key algorithms
bit strength 2nd
asymmetric key encryption
PKI
asymmetric keys
SSL communication
attack signatures
header
IDSs
knowledge-based
port
string
attackers
bastion hosts
honeynets
function of
honeypots
function of
social engineering
common tactics 2nd
attacks
back door programs
Back Orifice
NetBus
PCAnywhere
preventing 2nd
Sub7
Terminal Services
Virtual Network Computing (VNC)
buffer overflows 2nd
DDoS
(distributed denial of service)
filter protection
zombie machines
Domain 1.0 skill set (general security concepts)
DoS
(denial of service)
Boink
Bonk
Fraggle
Land
ping flood
Smurf
SYN flood
Teardrop
exam practice questions 2nd 3rd 4th 5th 6th 7th
man-in-the-middle
mathematical
password guessing
birthday
brute force 2nd
Crack tool
dictionary
John the Ripper tool
L0phtCrack tool
PBX telecom systems
protection measures 2nd
port numbers listing 2nd
prevention measures
replay
packet sniffer usage
shoulder surfing
social engineering
scenarios 2nd 3rd
software exploitation
spoofing 2nd
TCP/IP hijacking
weak key encryption
audit policies
exam practice questions
auditing
access control privileges 2nd
activity types 2nd 3rd
Domain 1.0 skill set (general security concepts)
policies
developing 2nd
authentication
biometric
biometrics
Challenge Handshake Authentication Protocol (CHAP)
Microsoft versions
on-demand mechanism
replay attacks
digital certificates
public key encryption 2nd
Domain 1.0 skill set (general security concepts)
encryption benefits
evaluating levels of
function of
Kerberos
process 2nd
symmetric keys 2nd
multifactor
mutual
password-form
strengths
token-based
tokens
unencrypted
FTP server vulnerability
username/password combination 2nd
weaknesses
Automatic Private IP Addressing (APIPA)