Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
25 Cards in this Set
- Front
- Back
What are 7 access control categories?
|
Directive - Administrative controls. Controls designed to specify acceptable rules of behavior within an org
Deterrent - controls designed to discourage people from violating security directives Preventive - prevent incident or breach Compensating - controls to substitute for the loss of primary controls Detective - to signal a warning Corrective - to remedy circumstance, mitigate damage, restore controls Recovery - to restore conditions to normal |
|
What is strong authentication?
|
AKA two factor authentication is two out of three: something person knows, has or is
|
|
A series of computer networking standards covering electronic directory services such as LDAP.
|
X.500
|
|
An application protocol for querying and modifying data of directory services implemented in Internet Protocol (IP) networks.
|
LDAP
|
|
Main gate between users and corporate web based resources. Commonly a plug-in for web server
|
WAM - Web Access Management
|
|
In Biometrics, what is a Type 1 error?
|
False rejection - rejects authorized individual
|
|
In Biometrics, what is a Type 2 error?
|
False acceptance - accepts imposture
|
|
Syncs with authentication service by using time or a counter
|
Synchronous token devices
|
|
A type of token which uses challenge/response. Auth server sends user a challenge (nonce) which is random value. The user enters the random value into token device which encrypts it and sends it back to auth server. Returns a one time password
|
Asynchronous token
|
|
What is a security domain?
|
Resources in a logical structure working under same security policy and managed by same group
|
|
Authentication protocol that uses a KDC and tickets and is based on symmetric key cryptography
|
Kerberos
|
|
Authentication protocols that uses PAS and PACs and is based on symmetric and asymmetric cryptography
|
SESAME
|
|
Type of access control based on assignment of permissions to read, write, execute. Require an administrator to assign rights
|
Nondescretionary access control
|
|
Type of access control in which access to objects is determined by content of the object
|
Content dependent access control
|
|
Type of access control which makes access decisions based on context of the collection of information rather than the sensitivity
|
Context dependent access control
|
|
Type of intrusion detection also known as misuse detection. Pattern matching similar to antivirus software
|
Signature based intrusion detection
|
|
Behavior based or heuristic intrusion detection
|
Anomaly based intrusion detection
|
|
Name 3 kinds of Anomaly based intrustion detection
|
Statistical anomaly based - creates profile of normal and compares activities to profile
Protocol anomaly based - Identifies protocols used outside of their common bounds Traffic anomaly based - Identifies unusual activities in network traffic |
|
Type of intrusion detection that uses if then rule based programming within expert systems
|
Rule based intrusion detection
|
|
Type of intrusion detection that uses network interface card (NIC) in promiscuous mode. Reviews packets and headers
|
Network based intrusion detection (NIDS)
|
|
Type of intrusion detection that can be installed on workstations or servers. Does not monitor traffic or user activity
|
Host based intrusion detection (HIDS)
|
|
Penetration testing done by group with knowledge of organization. Can be done frequently and less expensively.
|
Blue Team
|
|
Penetration testing done by external group in stealth mode
|
Red Team
|
|
Ethical hacker not knowing what to look for
|
Black Box
|
|
Ethical hacker knows what to look for
|
White Box
|