Authentication

What proves that a user or system is actually how they say they are?

Username and Password

Name 2 unique identifiers for a logon process.

Password Authentication Protocol (PAP)

One of the simplest forms of authentication, the username and password values are both sent to the server as clear text and checked for a match.

Challenge Handshake Authentication Protocol (CHAP)

What protocol challenges a system to verify identity?

CHAP

Doesn't use a user ID/Password mechanism, instead, the initiator sends a logon request from the client to the server. The server sends a challenge back to the client. The challenge is encrypted and then sent back to the server. The server compares the value from the client and, if the information matches, grants authorization.

Certificates

What can be stored on physical access devices such as  smart cards or stored on the users computer as a digital signature used as part of the logon process.

Certificate Practice Statement(CPS)

What outlines the rules for issuing and managing certificates?

Certificate Revocation List(CRL)

Lists the revocations that must be addressed (often due to expiration) in order to stay current.

Security Tokens

They contain the rights and access privileges of the token bearer as part of the token.

Kerberos

An authentication protocol named after the mythical three-headed dog that stood at the gates of Hades.

Multifactor

When two or more access methods are included as part of the authentication process, you're implementing a _______  system.

Two-factor authentication

A system that uses smart cards and passwords is referred to as a __________  system.

Degaussed

When computer systems are retired, the disk drives should be zeroed out, and all magnetic media should be what?

Disk Wiping

Degaussing involves applying a strong magnetic field to initialize the media.  This is also refered to as what?

Smart Card

A type of card that gives you access to resources including buildings, parking lots, and computers. It contains information about your identity and access privileges.

Biometric

________ devices use physical characteristics to identify the user.

Key Fobs

These are security devices that you carry with you that display a randomly generated code that you can then use for authentication.

Software Exploitation

Refers to attacks launched against applications and higher-level services. They include gaining access to data using weaknesses in the data-access objects of a database or a flaw in a service.

Database Exploitation

Application Exploitation

E-mail Exploitation

3 Types pf exploitations that can be introduced using viruses.

.SCR files (screensavers)

Viruses are often distributed through the use of these files?

Rootkits

________ are software programs that have the ability to hide certain things from the operating system.

Virus

A ______ is a piece of software designed to infect a computer system.

Contaminated floppy, cd, memory card

Email

As part of another program

Viruses get into your computer in one of three ways.  What are they?

Trojan Horses

________ are programs that enter a system or network under the guise of another program. May be included as an attachment or as part of an installation program.

A Worm

What can reproduce itself, is self-contained, and doesn't need a host application to be transported.?

Spam

Any unwanted, and unsolicited e-mail

Grayware

A term used to describe any application that is annoying or negatively affecting the performance of your computer

Firewall

One of the first lines of defense in a network.

Share-level and User-level access privileges

FAT allows only two types of protection, what are they?

NTFS

Can track security in Access Control Lists (ACL)

Access Control List (ACL)

Each entry in the _______  can also specify what type of access is given.

BitLocker

A drive encryption feature that can encrypt an entire volume with 128-bit encryption.

BitLocker

One of the newest security features available only in the Enterprise and Ultimate versions of Windows Vista.

Service-Set Identifiers (SSIDs)

Wireless controllers use ________ that must be configured in the network cards to allow communications with a specific access point.

Wireless Transport Layer Security(WTLS)

The security layer for WAP (Wireless Applications Protocol)

WAP

Provides the functional equivalent of TCP/IP for wireless devices.

Direct-sequence spread spectrum (DSSS)

Accomplishes communication by adding the data that is to be transmitted to a higher-speed transmission.

Frequency-hopping spread spectrum (FHSS)

Accomplishes communication by hopping the transmission over a range of predefined frequencies.

Orthogonal frequency division multiplexing (OFDM)

Accomplishes communication by breaking the data into subsignals and transmitting them simultaneously.

Wireless Markup Language (WML)

WAP uses a smaller version of HTML called _______ , which is used for internet displays.

Site Survey

When used by an attacker, a ______ can determine what types of systems are in use, the protocols used, and other critical information about your network.

 Perimeter Security 

The first layer of access control is always what?

Cryptographic Algorithms

______ are used to encode a message from its unencrypted or clear-text state into an encrypted message.

Hashing, Symmetric, and Asymmetric

The three primary methods of encoding a message are?

Secure Hash Algorithm (SHA)

Message Digest Algorithm (MDA)

The 2 primary standards that use the hashing process for encryption are?

Secure Hash Algorithm

Which algorithm was designed to ensure the integrity of a message and produces a 160-bit hash value?

MD5, MD4, and MD2

The message digest algorithm (MDA) also creates a hash value and uses a one-way hash. There are several versions of MD, what are the most common?

Symmetric Algorithms

_______ require both ends of an encrypted message to have the same key and processing algorithms.

Asymmetric Algorithm

_____ use 2 keys to encrypt and decrypt data. These keys are referred to as the public key and the private key.

Incident

Any attempt to violate a security policy, a successful penetration, a compromise of a system, or any unauthorized access to information.

Incident Response Policies

______ define how an organization will respond to an incident.

Social Engineering

________ is a process in which an attacker attempts to acquire information about your network and system by social means, such as talking to people in the organization.

The supervisor password

______ is only needed when the user attempts to access the setup program.

Trusted Platform Module

____ is the name assigned to a chip that can store cryptographic keys, passwords, or certificates.

Access Control

_______ defines the methods used to ensure that users of your network can access only what they're authorized to access.

Data remnant removal

________ is typically the name given to removing all usable data from media.