• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/21

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

21 Cards in this Set

  • Front
  • Back
Define Mandatory Access Control
A strict, hierarchical model where the operating system controls data access. The data owner can not override this control. A system of clearance levels and categories narrowly defines what information a user can access. MAC is found most often in government systems.
Define Discretionary Access Control
Uses Access Control Lists to determine who has what access to a given piece of data. ACLs are enforced by the operating system and defined by either the data owner or an administrator.
Define Rule-Based Access Control
Access is granted or denied based on a list of rules. Firewalls are a good example of Rules-Based Access Control. It is considered a type of mandatory access control.
Define Role-Based Access Control
Based on a user's role within the organization. Unlike a group based environment a user can only belong to one role.
Does authentication occur before or after authorization?
Authentication must occur before authorization.
Define Kerberos
A symmetric-key authentication protocol
Define Mutual Authentication
A process by which the client authenticates the server as well as the server authenticating the client. This guards against man in the middle attacks.
Define Challenge Authentication Protocol (CHAP)
CHAP provides on-demand authentication during data transmission. Chap uses a one way hashing function. The hashed value is generated using the MD5 hashing algorithm.
What are the two Microsoft specific implementations of CHAP?
MS-CHAP and MS-CHAPv2
What determines the strength of a password?
The difficulty an attacker would have in guessing the password or cracking it with tools such as brute force and dictionary attacks. Typically, the longer and more complicated the password, the harder it will be to break.
Define Public Key encryption
A public and private key are issued by a certificate authority (CA). The public key is used to encrypt data sent to the client, which then decrypts the data with it's private key. This is a form of asymmetric encryption. Only the public key can encrypt data and only the private key can decrypt data.
What is a token?
A token is a one time pass code often generated by a physical device which the user carries on their person. Examples would be smart cards or RSA's SecureID. The device generates a token which is good for only a brief period of time (typically 60 seconds). In most cases this token must be combined with the correct username and password to authenticate with the system. A potential attacker, in addition to obtaining the user's username and cracking their password would also have to physically posses the token generator at the time of attack to input the currently valid token. This would be an example of multi factor authentication.
Define Biometrics
Using unique qualities of a person's body, such as finger print or retinal scan to authenticate the user.
Define multi-factor authentication
Combining multiple types of authentication for increased security. An example would be username, password and token, or username, password and biometrics.
Explain the security threat posed by nonessential services and protocols
Systems which have unneeded services and protocols turned on provide an attacker with additional avenues of attack making the system more vulnerable. Nonessential services or protocols are often enabled by default. By turning them off an administrator can minimize the number of ways an attacker could enter the system.
What is a Denial of Service Attack (DoS)
DoS attacks seek to disrupt the service provided by one or more systems on a network. These attacks can be used without authenticating on the target network
What is a Distributed Denial of Service Attack (DDoS)?
A variation of the DoS attack, DDoS uses multiple systems to disrupt the services provided by the target network or server(s). DDoS attacks can employ hundreds or even thousands of systems, often without their owner's knowledge to attack prominent networks attached to the internet. Major websites have been taken down by such attacks in the past.
Explain a smurf attack
Smurf attacks use "pings" broadcast to the network with the target's network address inserted into the requests. This causes the target to be flooded with replies to the ping requests which were really sent by the attacker, not the target. The result would be a denial of service
Explain a Fraggle attack
Similar to Smurf, a Fraggle attack uses spoofed UDP packets sent to port 7 or 19.
Explain a ping flood or ping of death attack
The attacker sends a stream of ping packets to the target overloading it with traffic. The ping of death is a variation that sends oversized ping packets to the target, which it can't handle.
Explain a SYN flood attack
SYN flood abuses the TCP three-way hand-shake to flood the target system with SYN requests. The ACK is never sent so the SYN requests remain open for a time. If the SYN requests come in faster than the stack closes them it overflows preventing the target system from servicing legitimate requests.