ARP spoofing is an attack where an attacker sends a fake ARP (Address Resolution Protocol) messages over a local area network. This results in associating the attacker's MAC address with the IP address of an authorized computer or server on our network.

MAC (Mandatory Access Control): Often used when confidentiality is most important. Access to an object is determined by labels and clearance. This is often used in the military or in organizations where confidentiality is very important.

Something you know - Type 1 Authentication: passwords, pass phrase, PIN, etc., also called knowledge factors. The subject uses these to authenticate their identity: they know the secret, therefore they must be who they say they are.

The CIA (Confidentiality, Integrity, Availability) Triad: Confidentiality - We keep our data and secrets secret. Integrity - We ensure the data has not been altered. Availability - We ensure authorized people can access the data they need, when they need to.

Walls should be "slab to slab" (from the REAL floor to the REAL ceiling); if subflooring or sub ceilings are used, then they should be contained within the slab to slab walls.

Remote journaling: Sends transaction log files to a remote location, not the files themselves. The transactions can be rebuilt from the logs if we lose the original files.

CSMA/CD (Carrier Sense Multiple Access Collision Detection): Used for systems that can send and receive at the same time, like Ethernet. If two clients listen at the same time and see the line is clear, they can both transmit at the same time, causing collisions; CD is added to help with this scenario. Clients listen to see if the line is idle, and if idle, they send; if in use, they wait a random amount of time (milliseconds). While transmitting, they monitor the network. If more input is received than sent, another workstation is also transmitting, and they send a jam signal to tell the other nodes to stop sending, and wait for a random amount of time before starting to retransmit.

DAC (Discretionary Access Control): Often used when Availability is most important. Access to an object is assigned at the discretion of the object owner. The owner can add, remove rights, commonly used by most OS’. Uses DACL’s (Discretionary ACL), based on user identity.

There are many different types of Distributed Denial Of Service (DDOS) attacks, there is no such thing as an IPSec flood. UDP, SYN and MAC floods are all Distributed Denial Of Service (DDOS) attacks.

Collisions: When 2 hashes of different data provide the same hash. It is possible, but very unlikely.