C178 Access Control 1

its4forscience's version from 2018-01-14 23:07


Question Answer
finding out who someone isIdentification
a mechanism of verifying someone's identificationAuthentication
when the system you are authenticating gets information from public recordsout-of-band authentication
Is using a password and a PIN at the same time 2 factor authentication?No, because they are both what you know. 2 of the same type counts as 1
focuses on how an organization achieves its goalsOperational security
similar to certificates in that they are used to identify and authenticate usersSecurity tokens
collection of computer networks that agree on standards of operationfederation
single identity that users can use across different business unitsfederated identity
Party "a" trusts party "b", If "b" trusts "c" then "a" may also trust third party "c"transitive access
problems w/ ______ are solved by creating transitive truststransitive access (exploited in older OSes)
problems with transitive access are solved by creatingtransitive trusts
system that is no longer used, sends username and password in plain textPAP (Password Authentication Protocol)
encrypts the username and password, replaced PAPSPAP (Shiva Password Authentication Protocol)
designed to stop man-in the-middle attacksCHAP (Challenge Handshake Authentication Protocol)
algorithm uses a time-based factor to create unique passwordsTOTP (Time-Based One-Time Password)
algorithm is based on using a HMAC algorithmHOTP (HMAC-Based One-Time Password)