Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT Security > General Definitions > Flashcards

General Definitions Flashcards

1
Q

Authentication

A

Authentication is used by a server when the server needs to know exactly who is accessing their information or site.

Authentication is used by a client when the client needs to know that the server is system it claims to be.

In authentication, the user or computer has to prove its identity to the server or client.

Usually, authentication by a server entails the use of a user name and password. Other ways to authenticate can be through cards, retina scans, voice recognition, and fingerprints.

Authentication by a client usually involves the server giving a certificate to the client in which a trusted third party such as Verisign or Thawte states that the server belongs to the entity (such as a bank) that the client expects it to.

Authentication does not determine what tasks the individual can do or what files the individual can see. Authentication merely identifies and verifies who the person or system is.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Authorization

A

Authorization is a process by which a server determines if the client has permission to use a resource or access a file.

Authorization is usually coupled with authentication so that the server has some concept of who the client is that is requesting access.

The type of authentication required for authorization may vary; passwords may be required in some cases but not in others.

In some cases, there is no authorization; any user may be use a resource or access a file simply by asking for it. Most of the web pages on the Internet require no authentication or authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Encryption

A

Encryption involves the process of transforming data so that it is unreadable by anyone who does not have a decryption key.

The Secure Shell (SSH) and Socket Layer (SSL) protocols are usually used in encryption processes. The SSL drives the secure part of “https://” sites used in e-commerce sites (like E-Bay and Amazon.com.)

All data in SSL transactions is encrypted between the client (browser) and the server (web server) before the data is transferred between the two.

All data in SSH sessions is encrypted between the client and the server when communicating at the shell.
By encrypting the data exchanged between the client and server information like social security numbers, credit card numbers,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Federated Identity Management?

A

Federated Identity Management leverages the fact that an individual may have accounts across multiple systems. Federated systems share some of the account information across systems to reduce the number of identities that a user must have which eases the burden on the user and the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

IT Security (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions