9781111640125_IM_ch03

Security+ Guide to Network Security Fundamentals

  • No School
  • NONE 0
  • Notes
  • 9
  • 75% (8) 6 out of 8 people found this document helpful

This preview shows page 8 - 9 out of 9 pages.

DNS poisoning An attack that substitutes DNS addresses so that the computer is automatically redirected to another device. Domain Name System (DNS) A hierarchical name system for matching computer names and numbers. first-party cookie A cookie that is created from the Web site that currently is being viewed. Flash cookie A cookie named after the Adobe Flash player. Also known as local shared objects (LSOs). Flash cookies cannot be deleted through the browser’s normal configuration settings as regular cookies can. Typically, they are saved in multiple locations on the hard drive and can be take up as much as 100,000 bytes of storage per cookie (about 25 times the size of a normal cookie). Flash cookies can also be used to reinstate regular cookies that a user has deleted or blocked. host table A list of the mappings of names to computer numbers. HTTP header Part of HTTP that is composed of fields that contain the different characteristics of the data that is being transmitted. HTTP header manipulation Modifying HTTP headers to create an attack. man-in-the-middle An attack that intercepts legitimate communication and forges a fictitious response to the sender. persistent cookie (tracking cookie) A cookie that is recorded on the hard drive of the computer and does not expire when the browser closes. ping A utility that sends an ICMP echo request message to a host. ping flood An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets. privilege escalation An attack that exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining. replay An attack that makes a copy of the transmission before sending it to the recipient. secure cookie A cookie that is only used when a browser is visiting a server using a secure connection. session cookie A cookie that is stored in Random Access Memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting a Web site.
Image of page 8

Subscribe to view the full document.

Security+ Guide to Network Security Fundamentals, Fourth Edition 3-9 session hijacking An attack in which an attacker attempts to impersonate the user by using his session token. session token A form of verification used when accessing a secure Web application. smurf attack An attack that broadcasts a ping request to all computers on the network yet changes the address from which the request came to that of the target. spoofing Impersonating another computer or device. SQL injection An attack that targets SQL servers by injecting commands to be manipulated by the database. SYN flood attack An attack that takes advantage of the procedures for initiating a TCP session. third-party cookies A cookie that was created by a third party that is different from the primary Web site. transitive access An attack involving using a third party to gain access rights. XML (Extensible Markup Language) A markup language that is designed to carry data instead of indicating how to display it. XML injection An attack that injects XLM tags and data into a database. zero day attacks Attacks that exploit previously unknown vulnerabilities, so victims have no time (zero days) to prepare or defend against the attacks.
Image of page 9
You've reached the end of this preview.
  • '
  • NoProfessor
  • HTTP cookie, Code injection, Network Security Fundamentals

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern