Identity and Access Management Terms (Ch. 4)

Question 1

An authentication protocol that

periodically re-authenticates.

Answer 1

Challenge Handshake Authentication Protocol (CHAP)

Question 2

The point at which the FRR and FAR are equal. Sometimes called the equal error rate (ERR).

Answer 2

crossover error rate (CER)

Question 3

Any technique that prevents a program from running

without the user’s approval.

Answer 3

data execution prevention (DEP)

Question 4

Software or techniques designed to detect attempts to exfiltrate data.

Answer 4

data loss prevention (DLP)

Question 5

The rate at which a biometric solution allows in individuals it should have rejected.

Answer 5

false acceptance rate (FAR)

Question 6

The rate at which a biometric solution rejects individuals it should have allowed.

Answer 6

false rejection rate (FRR)

Question 7

A collection of computer networks that agree on standards of operation, such as security standards.

Answer 7

federation

Question 8

HIDS

Answer 8

A host-based intrusion detection system. An HIPS is a host-based intrusion prevention system.

Question 9

An authentication protocol developed at MIT that uses tickets for authentication.

Answer 9

Kerberos

Question 10

The principle that any user or service will be given only enough access privileges to do its job and no more.

Answer 10

principle of least privilege

Question 11

NIDS

Answer 11

A network-based intrusion detection system.

Question 12

A tool that enumerates your network and provides a map of the network.

Answer 12

network scanner

Question 13

OAUTH

Answer 13

Open Authorization standard
It is a common method for authorizing websites
or applications to access information.