Protocols Flashcards
1
Q
HOTP
A
HOTP
-Open standard for creating one-time passwords. Digits expire after being used (but never expire if not used)
2
Q
TOTP
A
TOTP
-Standard for creating on-time passwords. Expire every 30 seconds.
3
Q
SAML
- based on what
- an implementation
A
SAML
- Standard for authentication and authorization
- Provides SSO for web-based apps
- SSO alone does not provide authorization; SAML does authorization
- Authenticate through third party
- XML-based
- Shibboleth implements SAML to provide federated SSO
4
Q
RBAC
A
RBAC
Role-Based Access Control
-groups
5
Q
ABAC
A
Attribute-Based Access Control
- Many parameters: resource info, IP address, time of day, desired action, relationship to data
- aware of context
- next-generation model
- Software-Defined Networks
- Can enforce DAC and MAC
6
Q
DAC
A
DAC Discretionary Access Control -Most OS's -Owner establishes access -Very weak security -susceptible trojan horses
7
Q
MAC
A
MAC Mandatory Access Control -Security clearance levels -Security or sensitivity labels -Users cannot change -Used when need to know
8
Q
TCP
A
TCP
Transmission Control Protocol
-Connection oriented (guaranteed delivery)
-Three-way handshake (SYN, SYN/ACK, ACK)
9
Q
UDP
- What uses?
- What attacks exploit?
A
UDP User Datagram Protocol -connectionless session -No three-way handshake -Best effort to deliver (no guaranteed deliver) -ICMP (ping) and audio streaming use UDP -Many DoS attacks use UDP
10
Q
NDP
A
NDP Neighbor Discovery Protocol -IPv6 -Similar to ARP -Auto-config of device IPv6 address; discover other IPv6 devices on NW
11
Q
RTP
A
RTP
Real-Time Transport Protocol
-VoIP, streaming video, telecon
-SRTP (Secure RTP) - encryption (AES), authentication, integrity (HMAC-SHA1) - protects against replay attacks (capture comms, modify, impersonate)
12
Q
SRTP
A
SRTP Secure Real-Time Transport Protocol -Voip, streaming -Encryption with AES -Authentication, Integrity, replay protection with HMAC-SHA1