Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/36

Click to flip

36 Cards in this Set

  • Front
  • Back
What is:



Identification
Finding out who someone is
What is:



Authentication
A mechanism of verifying identification
What are the:



Five factors of authentication:
Something you know (i.e. a password or pin)
Something you have (i.e. a smart card, token, or identification device)
Something you are (i.e. biometrics)
Something you do (such as an action you must take to complete authentication)
Somewhere you are (geolocation)
What is:



Single–Factor Authentication (SFA)
Only one type of authentication is checked
What is:



Multi–Factor Authentication
When two or more access methods are included as part of the authentication process. (Access methods should not be from the same categories, i.e. don’t use a PIN and password as these are both “something you know”)
What is a:



Federation
A collection of computer networks that agree on standards of operation, such as security.
What is the:


Password Authentication Protocol (PAP)
An old system that is no longer used. Sends username and password in plaintext
What is the:



Shiva Password Authentication Protocol (SPAP)
Replaced PAP. Encrypts username and password
What is the:



Challenge Handshake Authentication Protocol (CHAP)
as designed to stop man–in–the–middle attacks. During the initial authentication, the connecting machine is asked to generate a random number (usually a hash) and send it to the server. Periodically the server will challenge the client machine, demanding to see that number again.
What is a:


Time–Based One–Time Password (TOTP)
A unique password that is created by an algorithm that uses a time–based factor.
What is a:



HMAC–Based One–Time Password (HOTP)
A password that is created using a Hash Message Authentication Code (HMAC) algorithm
What is a:



Terminal Access Controller Access–Control System (TACACS)
A client/server–oriented environment that operates in a manner similar to RADIUS
What is a:



Extended Terminal Access Controller Access–Control System (XTACACS)
A client/server–oriented environment that operates in a manner similar to RADIUS, it replaced TACACS and combined authentication and authorization with logging to enable auditing
What is a:



Extended Terminal Access Controller Access–Control System+ (TACACS+)
The most current method of TACACS. Allows credentials to be accepted from multiple methods, including Kerberos.
What is the:



Security Assertion Markup Language (SAML)
An open standard based on XML that is used for authentication and authorization data
What is:



Kerberos
An authentication protocol. Allows for single sign–on to a distributed network
What is a:



Key Distribution Center (KDC)
Authenticates the principal (user, system, or program) and provides it with a ticket. The ticket can be used to authenticate against other principals
What is a:



Ticket Granting Ticket (TGT)
Lists the privileges that a user has. Is encrypted and has a time limit of up to 10 hours
What is:



Single Sign–On (SSO)
Gives users access to all application and systems they need when they log in instead of requiring a login for each application or system
What are the:



Four Primary methods of access control
MAC – Mandatory Access Control – All Access is predefined
DAC – Discretionary Access Control – Incorporates some flexibility
RBAC – Role–Based Access Control – Allows the user’s role to dictate access capabilities
RBAC – Rule–Based Access Control – Uses preconfigured policies
What is:



Least Privilege
A given user (or system) is given the minimum privileges necessary to accomplish his or her job.
What are:



Access Control Lists (ACLs)
Enable devices in your network to ignore requested from specified users or systems, or to grant them access to certain network capabilities
What is:



Implicit Deny
If the request in question has not been explicitly granted, then access is denied
What are the:



Three areas of port security
MAC Limiting and Filtering – Limit access to the network to MAC address that are known, and filter out those that are not
802.1X – Port–based security for wireless network access control. Offers a means of authentication
Unused Ports – All unused ports should be disabled
What is a:



Trusted Operating System (TOS)
Any operating system that meets the government’s requirements for security.
What are the:



Evaluation Assurance Levels (EALs)
A comprehensive set of evaluation criteria (for operating systems) that is broken down into 7 levels. The levels are EAL 1 (least secure) to EAL 7 (most secure).
What is:

Mutual Authentication
When two or more parties authenticate each other.
What is a:


Federated Identity
A means of linking a user's identity with their privileges in a manner that can be used across business boundaries (i.e. Google checkout).
What is:


Transitive access
One party (A) trusts another party (B). If the second party (B) trusts another party (C), then a relationship can exist where the first party (A) also may trust the third party (C).
What is a:

Remote Authentication Dial–In User Service (RADIUS)
A mechanism that allows authentication of remote and other network connections.
What is a:

Common Access Card (CAC)
A card that is issued by the DoD as a general identification/authentication card for military personnel, contractors, and non–DoD employees
What is a:


Personal Identity Verification Card (PIVC)
A card that is issued to all U.S. government employees and contractors and will be required to can access (physical and logical) to government resources.
What is a


Token
Similar to certificates, they are used to identify and authenticate the user. They contain the rights and access privileges of the token bearer as part of the token.
What is a


Flood Guard
A protection feature built into many firewalls that allows the administrator to tweak the tolerance for unanswered login attacks. Reducing this tolerance makes it possible to lessen the likelihood of a successful DoS attack.
What is


Loop Prevention
Works in layer 2 switching configurations and is intended to prevent broadcast loops.
What is

Network Bridging
When a device has more than one NIC and the opportunity presents itself for a user on one of the networks to jump to the other network.