Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/27

Click to flip

27 Cards in this Set

  • Front
  • Back

Allows entities to prove their identity by using credentials known to another entity

Authentication

Occurs when a user claims or professes an identity, such as with a username, an email address, a PIV card, or by using biometrics

Identification

Occurs when an entity provides proof of an identity (such as a password)

Authentication

The authenticator that verifies the authentication

A second identity

Provides access to resources based on a proven identity

Authorization

Five Factors of authentication

- Something you know


- Something you have


- Something you are


- Somewhere you are


- Something you do

Username and password

Example of something you know factor

Smart card, CAC, PIV, or a token

Example of something you have factor

Biometrics, such as fingerprints or retina scans

Example of something you are factor

Location using geolocation technologies

Example of somewhere you are factor

Gestures on a touch screen

Example of something you do factor

Typically refers to a shared secret, such as a password or PIN. This is the least secure form of authentication

Something you know factor

Should be strong and changed often. Strong ones are complex and at least eight characters long.

Passwords

Automate password recovery

Self-service password systems

Administrators should do this before resetting the user's password

Verify a user's identity

Lock out an account after a user enters an incorrect password too many times

Account lockout policies

Credit card-sized cards that have embedded certificates used for authentication. They require a PKI to issue certificates.

Smart cards

Can be used as photo IDs and as smart cards (both identification and authentication)

Common Access Cards (CACs) and Personal Identity Verification (PIV) cards

Display numbers in an LCD. These numbers provide rolling, one-time use passwords and are synchronized with a server.

Tokens (or key fobs)

Include an embedded chip and a USB connection

USB tokens

Open sources standards used to create one-time-use passwords

HOTP and TOTP

Creates a one-time-use password that does not expire

HOTP

Creates a one-time password that expires after 30 seconds

TOTP

Most difficult methods to falsify, physical methods include fingerprints, retina scans, iris scans, and palm scans. Methods can also be used for identification.

Biometric

Includes one or more authentication methods in the same factor, such as a PIN and a password.

Single-factor authentication

Uses two factors of authentication, such as a USB token and a PIN.

Dual-factor (or two-factor) authentication

Uses two or more factors of authentication and is stronger than any form of single-factor authentication

Multifactor authentication