Preventing and Detecting Unauthorized Access Flashcards
What are logical access controls?
Proof of knowledge
- Passwords
- Security token/credit cards (possession
- Biometric controls
- Mannerism/context (touch, time, user authentication)
- Passwords are not a good authentication (they need to be strong, use a password manager, 8 more characters, upper and lowercase, special character, have a lockout after three attempts)
- Security tokens- one time password (device displays, user inputs device password, user ID, and account password)
- Smart cards and ID badges (embedded identification)
- Biometrics (physical characteristic, finger print, eye, DNA)
- Multi-factor authentication
What is a firewall?
Kinds of firewalls- hardware of software to review and filter network traffic. Block noncompliant data packets based on set parameters.
1) Network Firewall (server)- filter packets based on header information (source and destination IP address and communication port). Vert fast (examine headers only). Forward approved packets to application firewall
2) Application firewall- inspect data packets, contents, can perform deep packet inspection (detailed packet exam)
3) Personal firewall- software enabling end-user to block unwanted network traffic. usually on home network or computer.
What are IDS?
Intrusion Detection and prevention systems
- Monitors network for anomalies
- What is unusual- three identification methods
1) Signature based (stored patterns)
2) Statistical based (unusual activity)
3) Neural networks
What are IPS?
Intrusion Detection Prevention system
- EG honeypot/honeynet- allow hackers access to decoy systems