AAA Cybersecurity Flashcards

1
Q

What is AAA in cybersecurity?

A

Authentication
Authorization
Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is authentication?

A

A process of verifying the identity of a user, machine, or system by validating the credentials provided by the entity against the stored data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are 5 methods of authentication?

A

Knowledge
Possession
Inherence
Location
Behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the difference between single, two, and multi factor authentication?

A

Authentication that uses one, two or multiple categories of authentication factors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Single Sign-On (SSO)?

A

An authentication method that allows users to log in with a single ID to any of several related, yet independent, software systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the 4 types of authorization models in a system?

A

Discretionary Access Control (DAC)
Role-based Access Control (RBAC)
Mandatory Access Control (MAC)
Rule-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is authorization?

A

Process that comes after authentication and involves granting or denying
permissions to authenticated users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is accounting?

A

Also known as auditing, a critical process that involves the systematic tracking and recording of user activities on a system or network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are 3 methods of accounting?

A

Logs
Tracking
Web Browsing History

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is non-repudiation?

A

Used to provide assurance of the integrity and origin of data by preventing an entity from denying the authenticity of their actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are 4 methods of non-repudiation?

A

Video-based mechanisms
Biometric data
Digital signatures
Receipts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is encryption?

A

Process of converting readable data, known as plain text, into an unreadable format, known as cipher text, using an algorithm (known as a cipher) and an encryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is symmetric encryption?

A

Also known as private-key encryption, uses the same key for both the encryption and decryption processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is asymmetric encryption?

A

Also known as public-key Cryptography, uses two different keys: a public key for encryption and a private key for decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the public key infastructure?

A

Framework for managing digital certificates
and public-key encryption and provides a
way to create, distribute, store, and revoke
digital certificates and manage public-key
encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a digital signature?

A

Created by using the sender’s public key to
encrypt a digital hash of the message being
sent and can be verified by anyone with the
sender’s private key

A method of confirming the data is absolutely going to the right place, and been received by the right person

17
Q

What is a cryptographic hash?

A

Takes an input and returns a fixed-size string of bytes, typically a hash value

A fingerprint of the data that you are sending

18
Q

What is data at rest?

A

Data at Rest refers to data that is stored on physical or digital media and is not
actively being moved or processed e.g. on SSD’s

19
Q

What are 4 methods of protecting data at rest?

A

Regular Audits
Encryption
Access Controls
Physical Security

20
Q

What is data in transit?

A

Also known as data in motion, refers to data that is being transferred over a network