WGU D430 Fundamentals of Information Security – Definition
of terms Professional Study Notes & Structured Review
UPDATED 2025/2026
Proxy servers
Can serve as a choke point in order to allow us to filter traffic for attacks or
undesirable content such as malware or traffic to Web sites hosting adult
content.
DM2
Demilitarized zone. Combo of network design feature and a protective device
such as a firewall
Intrusion Detection System (IDS)
Performs strictly as a monitoring and alert tool, only notifying us that an attack
or undesirable activity is taking place
Signature-based detection
Works in a similar way to host antivirus systems
Anomaly-based detection
Analyzes the current traffic against an established baseline and triggers an
alert if outside the statistical average
Wireless network security
Chief method of protecting traffic is encryption. The encryption is used by
802.11 wireless devices. The most common wireless families are - wired
equivalent privacy (wep) - Wi-Fi protected access ( wpa) - Wi-Fi protected
access v2 (wpa2)
WPA2
,Wireless Protected Access 2. Wireless network encryption system. Offers the
strongest security
VPN
Virtual Private Network. Can provide us with a solution for sending sensitive
traffic over unsecured networks. VPN connection is often referred to as a
tunnel. Is encrypted connection between two points
Secure Protocols
Easiest way we can protect our data
Mobile devices
Any device that communicate via a wireless network
kismet
Commonly used to detect wireless access points and can find them even
when attempts have been made to make doing so difficult
Netstumbler
A Windows tool used to detect wireless access points. Does not have as full
feature set as kismet
Portscanners
check to see what ports are open
Nmap
A network utility designed to scan a network and create a map. Frequently
used as a vulnerability scanner. (Network mapper)
Packet sniffers
,A network or protocol analyzer, is a tool that can intercept traffic on a network,
commonly referred to as sniffing. Sniffing basically amounts to listening for
any traffic that the network interface of our computer or device can see,
whether it was intended to be received by us or not. Some examples might be
Wireshark (GUI) or Tcpdump (command-line tool)
Wireshark
A widely used packet analyzer.
TCP Dump
Command line packet sniffing tool . Runs on Linux and unx operating systems
Honeypots
can detect, monitor, and sometimes tamper with the activities of an attacker.
are configured to deliberately display vulnerabilities or materials that would
make the system attractive to an attacker.
hping3
A tool used to test the security of firewalls and map network topology.
- constructs specially crafted ICMP packets to evade measures to hide
devices behind firewall
- scripting functionality to test firewall/IDS
Anti-malware tools
applications detect threats in the same way as an IDS either by matching
against a signature or by detecting anomalous activities taking place.
executable space protection
A hardware and software-based technology that prevents certain portions of
the memory used by the operating system and applications from being used
to execute code.
, Buffer overflow
Occur when we do not properly account for the size of the data input into our
applications
Software firewall
This type of firewall generally contains a subset of the features on a large
firewall appliance but is often capable of similar packet filtering and stateful
packet inspection activities
Host Intrusion Detection System (HIDS)
A system used to analyze the activities on or directed at the network interface
of a particular host
Scanners
We can look for ports and versions of service that are running, examine
banners displayed by services for information. Examine the info our systems
display over the network and similar tasks
Vulnerability assessment tools
Often include some portion of the feature set we might find in a tool such as
Nmap, are aimed specifically at the task of finding and reporting network
services on hosts that have known vulnerabilities.
exploit framework
A group of tools that can include network mapping tools, sniffers, and exploits
software development vulnerabilities
• Buffer overflows
• Race conditions
• Input validation attacks
• Authentication attacks
of terms Professional Study Notes & Structured Review
UPDATED 2025/2026
Proxy servers
Can serve as a choke point in order to allow us to filter traffic for attacks or
undesirable content such as malware or traffic to Web sites hosting adult
content.
DM2
Demilitarized zone. Combo of network design feature and a protective device
such as a firewall
Intrusion Detection System (IDS)
Performs strictly as a monitoring and alert tool, only notifying us that an attack
or undesirable activity is taking place
Signature-based detection
Works in a similar way to host antivirus systems
Anomaly-based detection
Analyzes the current traffic against an established baseline and triggers an
alert if outside the statistical average
Wireless network security
Chief method of protecting traffic is encryption. The encryption is used by
802.11 wireless devices. The most common wireless families are - wired
equivalent privacy (wep) - Wi-Fi protected access ( wpa) - Wi-Fi protected
access v2 (wpa2)
WPA2
,Wireless Protected Access 2. Wireless network encryption system. Offers the
strongest security
VPN
Virtual Private Network. Can provide us with a solution for sending sensitive
traffic over unsecured networks. VPN connection is often referred to as a
tunnel. Is encrypted connection between two points
Secure Protocols
Easiest way we can protect our data
Mobile devices
Any device that communicate via a wireless network
kismet
Commonly used to detect wireless access points and can find them even
when attempts have been made to make doing so difficult
Netstumbler
A Windows tool used to detect wireless access points. Does not have as full
feature set as kismet
Portscanners
check to see what ports are open
Nmap
A network utility designed to scan a network and create a map. Frequently
used as a vulnerability scanner. (Network mapper)
Packet sniffers
,A network or protocol analyzer, is a tool that can intercept traffic on a network,
commonly referred to as sniffing. Sniffing basically amounts to listening for
any traffic that the network interface of our computer or device can see,
whether it was intended to be received by us or not. Some examples might be
Wireshark (GUI) or Tcpdump (command-line tool)
Wireshark
A widely used packet analyzer.
TCP Dump
Command line packet sniffing tool . Runs on Linux and unx operating systems
Honeypots
can detect, monitor, and sometimes tamper with the activities of an attacker.
are configured to deliberately display vulnerabilities or materials that would
make the system attractive to an attacker.
hping3
A tool used to test the security of firewalls and map network topology.
- constructs specially crafted ICMP packets to evade measures to hide
devices behind firewall
- scripting functionality to test firewall/IDS
Anti-malware tools
applications detect threats in the same way as an IDS either by matching
against a signature or by detecting anomalous activities taking place.
executable space protection
A hardware and software-based technology that prevents certain portions of
the memory used by the operating system and applications from being used
to execute code.
, Buffer overflow
Occur when we do not properly account for the size of the data input into our
applications
Software firewall
This type of firewall generally contains a subset of the features on a large
firewall appliance but is often capable of similar packet filtering and stateful
packet inspection activities
Host Intrusion Detection System (HIDS)
A system used to analyze the activities on or directed at the network interface
of a particular host
Scanners
We can look for ports and versions of service that are running, examine
banners displayed by services for information. Examine the info our systems
display over the network and similar tasks
Vulnerability assessment tools
Often include some portion of the feature set we might find in a tool such as
Nmap, are aimed specifically at the task of finding and reporting network
services on hosts that have known vulnerabilities.
exploit framework
A group of tools that can include network mapping tools, sniffers, and exploits
software development vulnerabilities
• Buffer overflows
• Race conditions
• Input validation attacks
• Authentication attacks
