Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CYB1UofI_FISCH2.2
Identification
| Question | Answer |
|---|---|
| what is identification | simply an assertion of who we are |
| what is included in identification | who we claim to be as people, who a system claims to be over the network or who the originating party of an email claims to be |
| when determining identification what should be considered | the methods for determining identity and the trustworthiness of those methods |
| at best who we claim to be is what type of concept | a tenuous concept |
| tenuous definition | something very weak, flimsy, insubstantial, or uncertain |
| how can we identify ourselves | full names, shortened versions of our names, nicknames, account numbers, usernames, ID cards, fingerprints, or DNA samples |
| what types of methods of identification are not unique (not considering a few exceptions) | full names, shortened versions of our names, nicknames, account numbers, usernames, ID cards, fingerprints, or DNA samples |
| what is the problem with some of the supposably unique methods of identification | some can be duplicated Example: Fingerprints |
| who we claim to be can | be subject to change |
| what is an example of a situation in which who we claim to be is subject to change | women often change their last names upon getting married |
| what logical forms of identification can be changed easily | account number or usernames |
| what physical identifiers can change | height weight, skin color, eye color |
| what alone is not enough | a claim of identity |
| what are the categories of aspects that are subject to change that we use to claim who we are (identity) | names, logical forms of identification (account numbers, usernames), physical identifiers (height,weight, skincolor, eyecolor) |
| what is a step beyond identification but is still a step short of authentication | identity verification |
| what is generally a form of identity verification not authentication | asked to show drivers license, social security card, birth certificate, or other similar form of identification |
| explain what identity verification is via example | rough equivalent of someone claiming the identity of smith. your asking if the person is indeed smith and being satisfied with the answer of sure from the person with a little paper work |
| after someone claims an identity what can happen next | validate the form of identification |
| in the example where someone claimed to be smith and provided paperwork (say a passport) how can we validate that form of identification | validate against a database holding an additional copy of the information it contains, matching the photograph and physical specifications with the person standing in front of us |
| what is the outcome of validating the form of identification | may get us a bit closer to ensuring we've correctly identified the person but it still doesn't qualify as authentication |
| why doesn't validating the form of identification qualify as authentication | we may have validated the status of the ID itself and we know that the person meets the general specifications of the person it was originally issued to but we've taken no steps to prove that the person is really the right one |
| what happens the more we tend toward verification and away from authentication | the weaker our controls are |
| what uses identity verification | compuer systems |
| what is an example of a computer system using identity verification | when you send an email, the identity you provide is taken to be true; the system rarely takes any additional steps to authenticate you |
| what contributes to an enormous amount of spam traffic | gaps in security (email identity) |
| what did cisco's talos intelligence group estimate | approximately 85 percent of all emails sent from mid 2017 to mid 2018 were spam due to gaps in security from email identity verification |
| what are methods of identification subject to | change and falsification |
| what is an example of a falsification of identification | minors use fake IDs to get into bars or nightclubs criminals/terrorists might use IDs for a variety of more nefarious tasks |
| what methods of identification can be used to gain additional forms of identification | birth certificates |
| what does gaining additional forms identification do | strengthens a false identity |
| what do criminals and terrorist use falsification of identification for | nefarious tasks |
| what are additional forms of identification that can be falsified using other false identification (birth certificates) | social security cards or drivers licenses |
| what is a major concern today | identity theft based on falsified information |
| identity thieves stole how much in 2017 | an estimated $16.8 billion from US consumers |
| what type of attack is unfortunately common and easy to execute | identity theft |
| why is identity theft a common and easy to execute attack | given a minimal amount of information (name, address, social security number) it is possible to impersonate someone just enough to be able to conduct a variety of transactions in their name (opening a line of credit) |
| why do identity theft attacks occur | many activities lack authentication requirements |
| what do most people think is sufficient even though it is not | identity verification |
| what is easy to circumvent by using falsified forms of identitication | identity verification |
| what exists in computer systems and enviorments | difficulties with falsification of identification and identity verification |
| what is an example of how computer systems and environments have difficulties with falsification of identification and identity verification | entirely possible to send an email from a falsified email address spammers use this tactic on a regular basis |
Created by:
user-1830624
Popular Computers sets