Term
| Basic Authentication Credentials Include.. |
|
Definition
Where you are
What you have
What you are
What you know
What you do |
|
|
Term
| What is the most common form of authentication? |
|
Definition
|
|
Term
| Are passwords a strong form of authentication? |
|
Definition
|
|
Term
| What are some weaknesses of passwords? |
|
Definition
| Humans have trouble memorizing good passwords, especially when you need multiple passwords and your passwords are temporary. |
|
|
Term
| Common Attacks Passwords include the following..... |
|
Definition
| Social Engineering, Capturing, Resetting, Offline Attacks |
|
|
Term
|
Definition
| Attacker steals files of password digests and compare with their own digests they have created. |
|
|
Term
|
Definition
Brute Force
Mask
Rule
Dictionary
Rainbow table
Password Collections |
|
|
Term
|
Definition
| Offline Attack methodology that applies rules to the password being brute forced, in order to more effectively discover passwords. |
|
|
Term
| NTLM (New Technology LAN Manager) Hash Attack |
|
Definition
| An attacker can steal the digest of an NTLM password and simply pretend to be the user and send that hash to the remote system to be authenticated. |
|
|
Term
|
Definition
| Attacker creates digests of common dictionary words and compares against stolen digest file. |
|
|
Term
|
Definition
| Dictionary attack that uses a set of dictionary words and compares it to stolen digest. |
|
|
Term
|
Definition
| the search for any two digests that are the same |
|
|
Term
|
Definition
| Conducts a statistical analysis on the stolen passwords that is used to create a mask to break the largest number of passwords |
|
|
Term
|
Definition
| Creates a large pregenerated data set of candidate digests. |
|
|
Term
|
Definition
Can be used repeatedly
Faster than dictionary attacks
Less memory needed on an attacking machine |
|
|
Term
|
Definition
| A collection of real passwords that can be used to work on other attacks. |
|
|
Term
|
Definition
| Properly manage them as a user and protect the digest as the enterprise. |
|
|
Term
|
Definition
| Password generators, online vaults and password management applications. |
|
|
Term
| Methods to protect password digests |
|
Definition
| Use Salts, Key Stretching |
|
|
Term
|
Definition
| Adds a random string that is used in hash algorithms in order to protect password digests |
|
|
Term
|
Definition
| Using a hashing algorithm that is designed to be slow in order to protect password digests. |
|
|
Term
| Examples of Key Stretching Algorithms |
|
Definition
|
|
Term
| Multifactor Authentication |
|
Definition
| When a user is required to provide multiple forms of authentication. |
|
|
Term
|
Definition
| Used to create one time passwords, which is an authentication code that can be used only once for a limited period of time. |
|
|
Term
|
Definition
| Token stored on a small device with a window display. |
|
|
Term
|
Definition
| Token stored on a general-purpose device like a laptop computer or smartphone |
|
|
Term
|
Definition
HOTP
User only gets one chance at one time to enter their password. |
|
|
Term
|
Definition
| Contains integrated circuit chip that holds information can can either be a contact or contactless card. |
|
|
Term
|
Definition
| Issued by the DOD, Bar code, magnetic strip, and bearer’s picture. |
|
|
Term
| What common mobile device is starting to replace Smart Cards? |
|
Definition
|
|
Term
|
Definition
| A person's unique physical characteristics. |
|
|
Term
| Dynamic Fingerprint Scanner |
|
Definition
| Uses a small slit or opening in which you slide your finger in |
|
|
Term
| Static Fingerprint Scanner |
|
Definition
| Takes a picture of your fingerprint and compares it to an image of your fingerprint. |
|
|
Term
|
Definition
| Cost of hardware, amount of error, etc. |
|
|
Term
|
Definition
| Relates to perception, thought process, and understanding of the user. |
|
|
Term
| Example of Cognitive Biometrics |
|
Definition
-Picture Password (Select 10 points of interest on a picture)
-Requires user to identify specific faces
-Requires user to select one of many memorable events |
|
|
Term
|
Definition
| Authenticates by normal actions the user performs. |
|
|
Term
|
Definition
| Promise to reduce the burden of usernames and passwords by using one single account. |
|
|
Term
|
Definition
|
|
Term
| Microsoft User Account Management |
|
Definition
Password Policy Settings
Account Lockout Policy |
|
|
Term
|
Definition
When a new domain is created, it shares resources with its parent domain by default.
Can enable an authenticated user to access resources in both the child and the parent. |
|
|
