click below
click below
Normal Size Small Size show me how
Chapter 12
Chapter 12 Terms
Term | Definition |
---|---|
authentication | Proving that a user is genuine, and not an imposter. |
authentication factors | Five elements that can prove the genuineness of a user: whatt you know, what you have, what you are, what you do, and where you are. |
bcrypt | A popular key stretching password hash algorithm. |
behavioral biometrics | Authenticating a user by the unique actions that the user performs. |
birthday attack | An attack that searches for any two digests that are the same. |
brute force attack | A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched against those in a stolen password file. |
cognitive biometrics | Authentication a user through the perception, thought process, and understanding of the user. |
common access card (CAC) | A U.S. Department of Defense (DoD) smart card used for identification of active-duty and reserve military personnel along with civilian employees and special contractors. |
dictionary attack | A password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file. |
federated identity management (FIM) | Single sign-on for networks owned by different organizations |
geolocation | The identification of the location of a person or object using technology. |
HMAC-based one-time password (HOTP) | A one-time password that changes when a specific event occurs. |
hybrid attack | A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters. |
key stretching | A password hashing algorithm that requires significantly more time than standard hashing algorithms to create the digest. |
LM (LAN Manger) hash | A cryptographic function found in older Microsoft Windows operating systems used to fingerprint data. |
multifactor authentication | Using more than one type of authentication credential. |
NTLM (New Technology LAN Manager) hash | A hash used by modern Microsoft Windows operating systems for creating password digests. |
NTLMv2 | The current version of the New Technology LAN Manager hash. |
one-time password (OTP) | An authentication code that can be used only once or for a limited period of time. |
password | A secret combination of letters, number, and/or characters that only the user should have knowledge of. |
PBKDF2 | A popular key stretching password hash algorithm. |
Personal Identity Verification (PIV) | A U.S. government standard for smart cards that covers all government employees. |
pre-image attack | An attack in which one known digest is compared to an unknown digest. |
rainbow tables | Large pregenerated data sets of encrypted passwords used in password attacks. |
salt | A random string that is used in hash algorithms. |
single-factor authentication | Using one type of authentication credential. |
single sign-on (SSO) | Using one authentication credential to access multiple accounts or as part of the authentication process. |
smart card | A card that contains an integrated circuit chip that can hold information used as part of the authentication process. |
standard biometrics | Using fingerprints or other unique physical characteristics of a person's face, hands, or eyes for authentication. |
time-based one-time password (TOTP) | A one-time password that changes after a set period of time. |
token | A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication. |
transitive trust | A two-way relationship that is automatically created between parent and child domains in a Microsoft Active Directory Forest. |
username | An identifier of a user logging into a system. |