Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
44 Cards in this Set
- Front
- Back
What is identification? |
Unproven assertion of identity. |
|
What is authentication? |
Proven assertion of identity. |
|
How does a system store userids and passwords? |
Typically stored in a database table. Userid stores in plaintext. |
|
List 6 centralized management of access controls. |
(1) LDAP (2) Active Directory (3) RADIUS (4) Diameter (5) TACACS (6) Kerberos |
|
What does SSO stand for? |
Single Sign-On |
|
What is SSO? |
Authenticate once, access many info systems without having to re-authenticate into each. |
|
What is Reduced Sign-On? |
Single credential for many systems, but no inter-system session management - User must log into each system separately. |
|
What are the 5 attack objectives? |
(1) Guess credentials (2) Malfunction of access controls (3) Bypass access controls (4) Replay known good logins (5) Trick people into giving up credentials |
|
What is buffer overflow? |
Cause malfunction in a way that permits illicit access. |
|
What is script injection? |
Insertion of scripting language characters into application input fields.
Execute script on server side - SQL injection - obtain data from application database.
Execute script on client side - trick user or browser. |
|
What is data remanence? |
Data that remains after it has been deleted. |
|
What is DoS? What does it stand for? |
Denial of Service
Actions that cause target systems to fail, thereby denying service to legitimate users. (Flood) |
|
What is dumpster diving? |
Literally, going through company trash in the hopes of sensitive printed documents were discarded that can be retrieved. |
|
What is eavesdropping? |
Interception of data transmissions through network sniffing. |
|
What are emanations? |
Electromagnetic radiation that emanates from computer equipment - Most prevalent in networks with coaxial cabling. |
|
What is spoofing and masquerading? |
Specially crafted network packets that contain forged address of origin. |
|
What does TCP/IP protocol permit in terms of spoofing? |
Forged MAC and IP address. |
|
What does SMTP protocol permit in terms of spoofing? |
Forged email "From" address. |
|
What is social engineering? |
Tricking people into giving out sensitive information by making them think they are helping someone. |
|
What is phishing? |
Incoming, fraudulent email messages designed to give the appearance of origin from a legitimate institution.
Tricks user into providing sensitive data via a forged web site (common) or return email (less common). |
|
What is pharming? |
Redirection of traffic to a forged website.
Example: Attack of DNS Server (poison cache)
Example 2: Attack of "hosts" file on client system |
|
What is password cracking? |
Obtain/retrieve hashed passwords from target.
Run password cracking program - runs on attacker's system. |
|
What are the 3 principles of access control? |
(1) Separation of duties
(2) Least privilege
(3) Defense in depth |
|
What are the 6 categories of control? |
(1) Detective controls (3) Preventive controls (4) Corrective controls (6) Compensating controls |
|
What are detective controls? |
Monitor and record specific types of events. Does not stop or directly influence events. |
|
Give 4 examples of detective controls. |
(1) Video surveillance (2) Audit logs (4) Intrusion detection system |
|
What are deterrent controls? |
Designed to prevent specific actions by influencing choices of would-be intruders.
Does not prevent or even record events. |
|
Give 3 examples of deterrent controls. |
(1) Signs (2) Guards, guard dogs (3) Razor wire |
|
What are preventive controls? |
Block or control specific events. |
|
Give 7 examples of preventive controls. |
(1) Firewalls (2) Anti-virus software (3) Encryption (4) Key card systems (5) Fencing (6) Bollards (7) Crash guards |
|
What are corrective controls? |
Post-event controls to prevent recurrence. "Corrective" refers to when it is implemented - can be preventive, detective, deterrent, administrative. |
|
Give 3 examples of corrective controls. |
(1) Spam filter (2) Anti-virus on email server (3) WPA WiFi encryption |
|
What are recovery controls? |
Post-incident controls to recover systems. "Recovery" refers to when it is implemented. Can be detective, preventive, deterrent, administrative. |
|
Give 2 examples of recovery controls. |
(1) System restoration (2) Database restoration |
|
What are compensating controls? |
Control that is introduced that compensates for the absence or failure of a control. "Compensating" refers to why it is implemented. Can be detective, preventive, deterrent, administrative. |
|
Give 2 examples of compensating controls. |
(1) Daily monitoring of anti-virus console
(2) Monthly review of administrative logins |
|
What are testing access controls? |
|
|
What are 3 types of tests to test access controls? |
(1) Penetration tests (2) Application vulnerability tests (3) Code reviews |
|
What is penetration testing? |
Automatic scans to deliver vulnerabilities.
|
|
Give 7 examples of penetration testing tools. |
|
|
What is application vulnerability testing? |
Discover vulnerabilities in an application. Automated tools and manuals. |
|
What is audit log analysis? |
Regular examination of audit and event logs. Detect unwanted events:
|
|
What is two-factor authentication? |
Includes something the user knows and something the user has. |
|
Give 4 examples of authentication standards. |
|