P Flashcards
P12
Public Key Cryptography Standards #12
A keystore installed on a system that is the standardized and language-neutral way of storing encrypted private keys and certificates. it is the default language for Java 9 and above.
P2P
Peer-to-Peer
A decentralized platform whereby two devices interact directly with each other, without intermediation by a server computer or server software.
PaaS
Platform as a Service
A complete cloud environment that includes everything developers need to build, run, and manage applications—from servers and operating systems to all the networking, storage, middleware, tools, and more.
PAC
Proxy Auto Configuration
A file that contains a set of rules in JavaScript for instructing the browser to redirect traffic as per the code. It determines whether web browser requests (HTTP, HTTPS, and FTP) go direct to the destination or are forwarded to a web proxy server.
PAM
(2 acronyms)
Privileged Access Management
Pluggable Authentication Modules
Privileged Access Management
A subset of IAM that deals with specific groups of users with the same profile type. This can refer to profiles of employees in HR teams, legal teams, or IT teams, where users need an elevated level of access to do their jobs effectively. PAM allows businesses to limit and control user’s actions and access to sensitive information.
It allows companies to go beyond passwords when securing sensitive data. It manages individual sessions and provides dynamic authentication for each session. There is a dynamic AP that is difficult for attackers to pinpoint even if they’re successfully authenticated via IAM.
It allows companies to dynamically provide and revoke privileged access in emergency situations based on user risk scores as a trust factor.
–
While IAM serves every user in a company, PAM is more focused on users who require greater levels of access to privileged information.
Pluggable Authentication Modules
A framework that provides system administrators with the ability to incorporate multiple authentication mechanisms into an existing system through the use of pluggable modules.
Applications enabled to make use of PAM can be plugged-in to new technologies without modifying the existing applications. This flexibility allows administrators to do the following:
Select any authentication service on the system for an application
Use multiple authentication mechanisms for a given service
Add new authentication service modules without modifying existing applications
Use a previously entered password for authentication with multiple modules
PAP
Password Authentication Protocol
An unencrypted and deprecated PPP authentication method that uses passwords to validate users. It uses a two-way handshake for the peers to identify each other.
After the link is established, an ID and password pair is repeatedly sent by the peer to the authenticator until authentication is acknowledged or the connection is terminated.
(Note: ID/password pair is NOT sent throughout the entire connection; only during the authentication phase. After this phase, authentication is no longer sent.)
This protocol is susceptible to replay attacks.
PAT
Port Address Translation
A subset of NAT. Similar to NAT, each internal device shares a single public IP address.
However, it differentiates from NAT in that PAT has each device communicate with the internet via a unique port number.
When the internal client sends a request to the internet, PAT assigns it a unique port number and translates the private IP address into the network’s public IP address. The destination server on the internet receives the request and responds to the unique port number, allowing the computer to receive the response.
PBKDF2
Password-Based Key Derivation Function 2
A key derivation function that uses a password hash to store passwords, but also deliberately slows down the computer during processing/authentication in order to slow down or prevent brute force attacks.
This process is slowed by adding a “work factor” or iteration count to the password hashing process. This refers to the number of times the hashing function is applied to the password, making cracking the password much more computationally costly.
When hashed, the password is concatenated with a salt and the iteration count, and then hashed using a cryptographic hash function such as SHA-256. The salt, the number of iterations, and the resulting hash value are then stored in a database.
PBX
Private Branch Exchange
An internal telephone network allowing users to talk to each other.
PCAP
Packet Capture
A network practice involving the interception of data packets travelling over a network. This process is known as packet sniffing.
PCI DSS
Payment Card Industry Data Security Standard
An information security standard designed to reduce payment card fraud by increasing security controls around cardholder data.
Security requirements to protect environments where payment account data is stored, processed, or transmitted.
PDU
Power Distribution Unit
A device for controlling electrical power in a data center.
It has multiple power outlets that provides electrical protection and distributes power to IT equipment within a rack.
(Basically a huuuuuge surge-protector-looking thing.)
PEAP
Protected Extensible Authentication Protocol
A TLS wrapper around EAP.