Network Security (Chapter 4) Flashcards

1
Q

Types of Encryption

A

Symmetric Encryption
- Encryption and Decryption uses the same key
Asymmetric Encryption
- Uses a Public key to Encrypt and a Private key to Decrypt
Hashing
- a one way encryption, that is used to accompany the data to ensure its integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Digital Certificate

A

Is a document that contains a Public Key and some metadata.
Digital Certificate are issued by trusted certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Public key Infrastructure

A

A trusted hierarchy system for generating and distributing certificate
- Root CA highest authority that assigns itself a certified as well as signs Subordinate CAs certificate
- Subordinate CA will create certificates for clients

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Self Signed Certificate

A

A certificate generated by a user to be used on their private network, it is not signed by a certification authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Digital Signatures

A

Is used to prove Identity and Integrity of data by using the signers private key and a hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Identity and Access Management (IAM)

A

A framework of policies that ensures that the right individuals access the right resources at the right time and for the right reasons
-2 main principles: Authentication & Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

LDAP Authentication

A

Is a protocol used to access and manage directory services over a network. It’s a vender neutral authentication that validate users identities against a single source of truth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Single Sign-On Types of Services

A

OpenID Connect (OIDC)
- used for smart phone apps by logging on to Google rather than all separate apps
Security Assertion Markup Language (SAML)
- Older version of OIDC but has more features and is mainly used by corporates
Open Authorization (OAuth)
- used for authorization and allows third party to access protected resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

802.1x

A

Is a framework that requires devices/users to authenticate before connecting to a VLAN or LAN.
- Only Authentication traffic is allowed to pass through the network until the device/user is authorised

How well did you know this?
1
Not at all
2
3
4
5
Perfectly