CompTIA Security + Ch 8

  1. Identification
    Something that identifies a person such as a ID card.
  2. Authentication
    When a person's identity is confirmed, to allow access to a computer or file(s).
  3. Authorization
    When a user is granted access to resources after authentication is complete.
  4. Identity Proofing
    An initial validation of an identity.
  5. Security Tokens
    Physical devices given to authorized users to help with aunthentifacation. Either part of a ID card or can be attached to a keychain.
  6. Mutifactor Authentifaction
    Two or more types of authentifacation for user access.
  7. Biometrics
    Authenticating a user by way of physical characteristics, like fingerprint or retinal scan.
  8. Mantrap
    An area between to doorways, meant to hold people until they are identified and authenticated.
  9. 802.1X
    Authentication used to connect devices to a LAN or WLAN. It's an example of port-based NAC.
  10. Extensible Authentication Protocol (EAP)
    Not an authentication mechanism but instead defines message formats.
  11. Single-Sign On (SSO)
    When a user can log in once and gain access to multiple systems without beign asked to log in again.
  12. False Positive
    When a system authenticates a user that should not have access to the system.
  13. False Negative
    When the system denies a user that is authorized to access the system.
  14. False Rejection
    When a biometric system fails to recognize an authorized person and doesn't allow that person access.
  15. Lightweight Directory Access Protocol (LDAP)
    An Application Layer protocol used for accessing and modifying directory services data.
  16. Kerberos
    Authentication protocol used that enables computers to prove their identity to each other in a secure manner.
  17. Mutual Authentication
    When two computers, for example a server and a client, both verify each others identity.
  18. Tickets
    Part of the authentication proccess used by Kerberos.
  19. Challenge-Handshake Authentication Protocol (CHAP)
    An authentication scheme used by Point-to-Point Protocol (PPP) that is the standard for dial-uo connections.
  20. Remote Access Service (RAS)
    A networking service that allows incoming connections from remote dial-in clients. It is used with VPNs.
  21. Virtual Private Network (VPN)
    A connection between two or more computers or devices that are not on the same private network.
  22. Point-to-Point Tunneling Protocol (PPTP)
    A tunneling protocol used to support VPNs. A VPN device or server must have inbound port 1723 open to enable incoming PPTP connections.
  23. Layer 2 Tunneling Protocol (L2TP)
    A tunneling protocol used to connect virtual private networks. It doesn't include confidentiality or encryption on it's own. It uses port 1701.
  24. VPN Concentrator
    A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN.
  25. Remote Authentication Dial-in User Service (RADIUS)
    Used to provide centralized administration of dial-up, VPN, and wireless authentication.
  26. Terminal Access Controller Access-Control System (TACACS)
    A remote authentication protocol similar to RADIUS, used more often in UNIX networks.
Card Set
CompTIA Security + Ch 8
Flash Cards