Preventing and Detecting Unauthorized Access Flashcards

1
Q

What are logical access controls?

A

Proof of knowledge

  • Passwords
  • Security token/credit cards (possession
  • Biometric controls
  • Mannerism/context (touch, time, user authentication)
  • Passwords are not a good authentication (they need to be strong, use a password manager, 8 more characters, upper and lowercase, special character, have a lockout after three attempts)
  • Security tokens- one time password (device displays, user inputs device password, user ID, and account password)
  • Smart cards and ID badges (embedded identification)
  • Biometrics (physical characteristic, finger print, eye, DNA)
  • Multi-factor authentication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a firewall?

A

Kinds of firewalls- hardware of software to review and filter network traffic. Block noncompliant data packets based on set parameters.

1) Network Firewall (server)- filter packets based on header information (source and destination IP address and communication port). Vert fast (examine headers only). Forward approved packets to application firewall
2) Application firewall- inspect data packets, contents, can perform deep packet inspection (detailed packet exam)
3) Personal firewall- software enabling end-user to block unwanted network traffic. usually on home network or computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are IDS?

A

Intrusion Detection and prevention systems

  • Monitors network for anomalies
  • What is unusual- three identification methods

1) Signature based (stored patterns)
2) Statistical based (unusual activity)
3) Neural networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are IPS?

A

Intrusion Detection Prevention system

  • EG honeypot/honeynet- allow hackers access to decoy systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly