chapter 23 Flashcards
CAC
Common Access Cards
EXIF
Exchangeable Image File
GPO
Group Policy Objects
IdP
Identity Provider
PIV
Personal Identity Verification
SAML
Security Assertion Markup Language
XMP
Extensible Metadata Platform
What is the purpose of an SSH key?
To be used for automated processes and services.
The process of transforming a description of a location, with coordinates, address, or name of place, into a location on the Earth’s surface.
Geocoding
Location-based marketing that uses GPS, RFID, WiFi or cell data to define a virtual geographical boundary around a certain or specific area.
Geolocation
The process of appending geographic coordinates to media based on the location of a mobile device.
Geotagging
The primary advantage of using time-of-day restrictions for access.
Prevents users from logging onto an enterprise network outside of regular business hours, limiting the risk of outside cyber-attacks.
The primary disadvantage of using time-of-day restrictions for access.
Someone that needs to log into their account will have no access outside of business hours.
What is the purpose of a token?
To identify specific access rights and authentication.
What is the purpose of a digital certificate?
To verify the identity of the sender/receiver of an electronic message and provide the means to encrypt/decrypt messages between sender and receiver.
How might service accounts be used in batch operations?
To be restricted by the admin to only run at night to prevent them from being used by unauthorized personnel.
Identification used by DoD military personnel.
CAC
A smart card used for federal employees and contractors.
PIV
Used to denote a system or service that creates, maintain, and manages identity information.
IdP
What are the advantages and disadvantage of using token-based systems?
Advantage: Every token is unique so if one is removed from a system, the others won’t be affected.
Disadvantage: Since only the token is authenticated, the theft of the token can be used by anyone regardless of who holds it.
How can MFA be used to offset the disadvantage of a token-based system
By adding an extra layer of authentication security to mitigate the risk of unauthorized access.
What is the primary problem with shared/generic accounts?
The ability to easily track the activity of a user.
When might an account be automatically be locked out?
After an employee is terminated, time frame of inactivity and/or multiple attempts of failed log-ins.
Who should configure time-of-day, history and complexity account requirements?
Network administrators.
