Mid_Term Flashcards
List 5 Principle Threats to the secrecy of passwords
- Specific Account Attack
- Popular Password Attack
- Exploiting User Mistakes
- Exploiting Multiple Password Use
- Offline Dictionary Attack
- Workstation Hijacking
- Electronic Monitoring
- Password Guessing against a single user
Specific Account Attack
An attack where the attacker targets a specific account and submits password guesses until the correct pass is found
Popular Password Attack
An attack that uses common passwords against a wide array of user accounts.
Password Guessing Against Single User
The attacker attempts to gain knowledge about the account holder and system password policies to guess the password
Workstation Hijacking
The attacker accesses an active workstation that is unattended
Exploiting user mistakes
This type of attack depends on the carelessness of the user. Viewing their credentials from over the shoulder or attaining a password that they have written down.
Electronic Monitoring
The attackers eavesdrops on network communication and decrypts the data to obtain the password.
What is the cloud computing reference architecture?
The NIST cloud computing reference architecture is a tool for describing and developing a system-specific architecture using a common reference.
Name Two Categories of Passive Attack
Release of message contents and traffic analysis
Name Three Categories of Active Attack
Masquerade, replay, modification of message, denial of service
What is an active attack?
A network exploit in which a hacker attempts to make changes to data on the target
What is a Passive Attack?
A passive attack is a network attack where a system is monitored or scanned to gain information.
Biometric Enrollment
Biometric enrollment is the process off associating the users identification with his password and biometric data.
BIometric Verifcation
Is the process of the user utilizing his credentials biometric and otherwise to access the system.
Biometric Authentication
The user is authenticated if his user id, password and biometric data all match the stored records on the system.