terms
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
---|---|---|---|---|---|
authentication | process of ensuring that the person desiring resources is who they say they are
🗑
|
||||
authentication can be based on what a user knows | password
🗑
|
||||
what a user has | token or a card
🗑
|
||||
what a user is | biometrics
🗑
|
||||
what you know | passwords
🗑
|
||||
passwords | most common type of authentication
🗑
|
||||
attacks on passwords | social engineering
🗑
|
||||
attacks on passwords | capturing
🗑
|
||||
attacks on passwords | resetting
🗑
|
||||
attacks on passwords | online guessing
🗑
|
||||
brute force attack | password attack in which every possible combinations of letters,numbers,and characters used to create a password
🗑
|
||||
hybrid attack | variation of the dictionary attack by adding numbers to the end of the password,spelling words backward,slight misspelling words or including special characters
🗑
|
||||
rainbow tables | make password attacks easier by creating a large pregenerated data set of encrypted passwords
🗑
|
||||
attacks on passwords | offline cracking
🗑
|
||||
dictionary attack | begins with the attacker creating encrypted versions of common dictionary words and then comparing them against those in a stolen password file
🗑
|
||||
using a ainbow table to crack a password also requires | two steps
🗑
|
||||
three types of authentication credentials | what he has
🗑
|
||||
three types of authentication credentials | what he is
🗑
|
||||
three types of authentication credentials | what he knows
🗑
|
||||
the weakness of passwords is | human memory
🗑
|
||||
examples of password policy settings | enforce password istory
🗑
|
||||
examples of password policy settings | maximum password age
🗑
|
||||
examples of password policy settings | minimum password age
🗑
|
||||
examples of password policy settings | minimum password length
🗑
|
||||
examples of password policy settings | complexity requirements
🗑
|
||||
examples of password policy settings | store using reversible encryption
🗑
|
||||
examples of account lockout policy settings | lockout duration
🗑
|
||||
examples of account lockout policy settings | lockout threshold
🗑
|
||||
examples of account lockout policy settings | reset lockout counter
🗑
|
||||
behavioral biometrics | authenticating a user by the notmal actions that a user performs
🗑
|
||||
cognitive biometrics | authenticating a user thru the perception,thought process,and understanding of the user
🗑
|
||||
multifactor authentication | using more then one type of authentication credential
🗑
|
||||
rainbow tables | large pregenerated data sets of encrypted passwords used in password attacks
🗑
|
||||
trusted os | a hardened operating system that can keep attackers from accessing and controlling critical parts of a computer system
🗑
|
||||
standard biometrics | using fingerprints or other unique characteristics of a persons face,hands, or eyes for authentication
🗑
|
||||
piv | personal identify verification
🗑
|
||||
piv | a government standard for smart cards that covers all government employees
🗑
|
||||
common access card | a department of defense smart card
🗑
|
||||
common access card | for active duty and reserve military personnel along with civilian employees and special contractors
🗑
|
||||
rainbow table | compressed representation of plaintext passwords that are related and organized in a sequence caled a chain
🗑
|
||||
steps involved in password defenses | create strong passwords
🗑
|
||||
steps involved in password defenses | properly manage passwords
🗑
|
||||
good password management techniques | change passwords frequently
🗑
|
||||
good password management techniques | do not reuse passwords
🗑
|
||||
good password management techniques | never write passwords down
🗑
|
||||
good password management techniques | have a unique password for each account
🗑
|
||||
good password management techniques | never enter a password while connected over an unencrypted network
🗑
|
||||
good password management techniques | do not enter passwords on public computers
🗑
|
||||
password management application | equivalent to a digital post it note
🗑
|
||||
token | generates a code from the algorithim once every thirty to sixty seconds
🗑
|
||||
token | generates a code that is valid for a bried period of time,displayed on the device
🗑
|
||||
reason to use a token | regular passwords are static in nature, which makes it easier for an attacker to get
🗑
|
||||
advantage to using a token | passwords are dynamic,which make it harder for attackers to get
🗑
|
||||
one time passwords | passwords that change frequently
🗑
|
||||
multifactor authentication | using more then one type of authentication
🗑
|
||||
biometrics | what you are
🗑
|
||||
standard biometrics | uses a persons unique physical characteristics for authentication
🗑
|
||||
fingerprints | most common type of standard biometric device
🗑
|
||||
types of fingerprint scanners | static and dynamic
🗑
|
||||
behavioral biometrics | authenticates by normal actions that the user performs
🗑
|
||||
types of behavioral biometrics | keystroke dynamics
🗑
|
||||
types of behavioral biometrics | voice recognition
🗑
|
||||
types of behavioral biometrics | computer footprinting
🗑
|
||||
keystroke dynamics | attempts to recognize a users unique typing rhythm
🗑
|
||||
dwell time | the time it takes for a key to be pressed and then released
🗑
|
||||
flight time | the time between keystrokes
🗑
|
||||
phonetic cadence | speaking two words together in a way that one word bleeds into the next word ,becomes part of the users speech pattern
🗑
|
||||
identity management | using a single authentication credential that is shared across multiple networks
🗑
|
||||
single sign on | using one authentication credential to access multiple accounts or applications
🗑
|
||||
examples of single sign on applications | windows live id
🗑
|
||||
examples of single sign on applications | openID
🗑
|
||||
examples of single sign on applications | OAuth
🗑
|
||||
OAuth | permits users to share resources stored on one site with a second site with out forwarding their authentication credentials to the other site
🗑
|
||||
OAuth | relies on token credentials
🗑
|
||||
openID | provides a means to prove that the user owns that specific url.
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
cgeaski
Popular Computers sets