External research is expected (please place citations in your submission with a bibliography at the end!)

List 1:

Database

Database management system (DBMS)

Structured query language (SQL)

Relational database

Table of data consisting of rows (tuples) and columns (attributes)

Primary and Foreign Keys

Database access control

 

List 2:

Malicious software (malware)

Terminology for malicious software

Viruses –mechanism, trigger, payload

dormant, propagation, triggering, and

execution phases

Boot sector infector

Polymorphic, and metamorphic viruses

worms

Scanning/fingerprinting

Spam e-mail/trojans – social engineering

System corruption

Bots

Remote control (command and control)

Phishing

Backdoor/trapdoor

Rootkit

Countermeasures

 

 

List 3:

Denial-of-service (DoS) attacks

Distributed DDoS attacks

Reflection attacks

Amplification attacks

DNS amplification attacks

Application-based bandwidth attacks

SIP flood

HTTP-based attacks

Defenses against DoS attacks

 

List 4:

Intruders

Masquerader

Misfeasor

Clandestine user

Criminal enterprise ($)

Internal threat

Security intrusion/intrusion detection

SIEM Software

Intrusion detection systems (IDS)

Host-based IDS

Network-based IDS

Honeypots

Sensors, analyzers, user interface

 

 

List 5:

Firewall types and locations

Packet vs. Stateful

Proxy Servers (App and Circuit)

Firewall locations and configurations

Demilitarized Zone (DMZ)

Virtual Private Networks (VPN)

Firewall restrictions (external vs.

internal)

Host-based IDS

Network-based IDS

Know figure 9.2

Word Bank

Attack Reaction

“defense in depth”

Bastion host

Blended attack

Dentralized

Centralized

Flooding

Computer Emergency Response Teams (CERTs)