Authentication, authorization, and accounting, three factors that are essential for ensuring confidentiality, integrity, and availability.

access control list (ACL)

A list of accounts or devices that are authorized to access a certain resource.

Generating and analyzing log files and other records in order to maintain and enhance cybersecurity.

administrator account

An account that has full permission to access and manage a system or device.

Log files that capture events related to specific apps.

The process of verifying the identity of a user or system that attempts to access IT resources.

The process of enabling authenticated users to access certain resources or services.

Methods of operation for different authorization systems.

biometric authentication

Authentication based on a person’s physical characteristic.

An attempt to guess a password by trying words from a dictionary.

A cryptographic signature that is unique to both the signer and the content being signed.

A service used to manage user authentication and authorization on a business network.

A list of authenticated users who are all authorized for the same resource permissions.

A small device that generates a limited-time code that serves as a second type of identity proof.

identity provider (IdP)

A trusted service that validates a user’s identity for authentication purposes.

multi-factor authentication

Authentication in which the user must supply at least two types of identity proof.

Evidence that proves that a user has taken an action, so they cannot later claim they didn’t do it.

An app or service that helps users generate, store, and manage their passwords securely.

principle of least privilege

A security best practice that states that users should have only the permissions they need.

Log files that provide information about authentication and authorization activities.

A centralized authentication mechanism that grants access to multiple authorized resources by logging in only once.

single-factor authentication

Authentication in which the user supplies only one type of identity proof.

A limited-time code sent to a device such as a smartphone to serve as a second type of identity proof.

A user account that has only limited permissions on the system to which it has access.

A password that is difficult to guess or crack.

Log files that record system events such as startups, shutdowns, installations, and failures.

Recording the exact date and time of a digital event such as a contract signing.

Help

Options

focusNode

Didn't know it?
click below

Knew it?
click below

Don't Know

Remaining cards (0)

Know

retry

shuffle

restart

0:00

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

Normal Size Small Size show me how

T+ Lesson 11

Question	Answer
AAA	Authentication, authorization, and accounting, three factors that are essential for ensuring confidentiality, integrity, and availability.
access control list (ACL)	A list of accounts or devices that are authorized to access a certain resource.
accounting	Generating and analyzing log files and other records in order to maintain and enhance cybersecurity.
administrator account	An account that has full permission to access and manage a system or device.
application logs	Log files that capture events related to specific apps.
authentication	The process of verifying the identity of a user or system that attempts to access IT resources.
authorization	The process of enabling authenticated users to access certain resources or services.
authorization models	Methods of operation for different authorization systems.
biometric authentication	Authentication based on a person’s physical characteristic.
dictionary attack	An attempt to guess a password by trying words from a dictionary.
digital signature	A cryptographic signature that is unique to both the signer and the content being signed.
directory service	A service used to manage user authentication and authorization on a business network.
group	A list of authenticated users who are all authorized for the same resource permissions.
hardware token	A small device that generates a limited-time code that serves as a second type of identity proof.
identity provider (IdP)	A trusted service that validates a user’s identity for authentication purposes.
multi-factor authentication	Authentication in which the user must supply at least two types of identity proof.
non-repudiation	Evidence that proves that a user has taken an action, so they cannot later claim they didn’t do it.
password manager	An app or service that helps users generate, store, and manage their passwords securely.
principle of least privilege	A security best practice that states that users should have only the permissions they need.
security logs	Log files that provide information about authentication and authorization activities.
single sign-on (SSO)	A centralized authentication mechanism that grants access to multiple authorized resources by logging in only once.
single-factor authentication	Authentication in which the user supplies only one type of identity proof.
software token	A limited-time code sent to a device such as a smartphone to serve as a second type of identity proof.
standard account	A user account that has only limited permissions on the system to which it has access.
strong password	A password that is difficult to guess or crack.
system logs	Log files that record system events such as startups, shutdowns, installations, and failures.
timestamping	Recording the exact date and time of a digital event such as a contract signing.

Created by: brvhurt

"Know" box contains:
Time elapsed:
Retries: