Ch.12 Flashcards
proving that a user is genuine, and not an imposter
authentication
five elements that can prove the genuineness of a user: what you know, what you have, what you are, what you do, and where you are
authentication factors
authenticating a user by the unique actions that the user performs
behavioral biometrics
an attack that searches for any two digests that are the same
birthday attack
a password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched against those in a stolen password file
brute force attack
authenticating a user through the perception, thought process, and understanding of the user
cognitive biometrics
a U.S. Department of Defense (DoD) smart card used for identification of active-duty and reserve military personnel along with civilian employees and special contractors
common access card (CAC)
a password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file
dictionary attack
single sign-on for networks owned by different organizations
federated identity management (FIM)(or FEDERATION)
the identification of the location of a person or object using technology
geolocation
a one-time password that changes when a specific event occurs
HMAC-based one-time password (HOTP)
a password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backwords, slightly misspelling words, or including special characters
hybrid attack
a password hashing algorithm that requires significantly more time than standard hashing algorithms to create the digest
key stretching
a cryptographic function found in older Microsoft Windows operating systems used to fingerprint data
LM (LAN MANAGER) HASH
using more than one type of authentication credential
multifactor authentication
a hash used by modern Microsoft Windows operating systems for creating password digests
NTLM (New Technology LAN Manager) hash
the current version of the New Technology LAN Manager hash
NTLMv2
an authentication code that can be used only once for a limited period of time
one-time password (OTP)
a secret combination of letters, numbers, and/or characters that only the user should have knowledge of
password
a popular key stretching password hash algorithm
PBKDF2
a U.S. government standard for smart cards that covers all government employees
personal identity verification (PIV)
an attack in which one known digest is compared to an unknown digest
pre-image attack
large pregenerated data sets of encrypted passwords used in password attacks
rainbow tables
a random string that is used in hash algorithms
salt