R Flashcards
RA
(2 acronyms)
Recovery Agent
Registration Authority
Recovery Agent
An internal entity (often human) authorized to access stored key information in key backups and archives. Commonly used to help internal users.
Registration Authority
An intermediary authority that verifies user requests for a digital certificate and gives the CA the “ok” to issue certificates.
It does NOT have the power to create or issue a certificate. It merely collects necessary information to:
Receive user/device certificate requests
Validate users/devices
Authenticate users/devices
Revoke credentials if the certificate is no longer valid
–
The main purpose of an RA is to ensure that a user or device is allowed to request a digital certificate from a specific website or application. If the request is allowed, the RA forwards the certificate request to the CA, which completes the digital certificate request process.
A registration authority can be thought of as a gatekeeper to a certificate authority. In order to be issued a certificate, the requesting user or device must first register with the RA and fulfill the necessary requirements, including identity and authentication checks. This comes in the form of a certificate signing request.
RACE
Research and Development in Advanced Communications Technologies in Europe
A program launched in 1980s by the Commission of European Communities to pave the way towards commercial use of Integrated Broadband Communication (IBC) in Europe in late 1990s.
General objectives:
Promote the EU’s telecommunications industry
Enable the European network operators to compete under the best possible conditions
Enable a critical number of the Member States of EU to introduce commercially viable IBC services by 1995
Offer opportunities to service providers to improve cost-performance and introduce new services
Make new services available to final users at a cost and on a timescale at least as favourable as in other major western countries
Support the formation of a single European market for all IBC equipment and services
Contribute to regional development within the European Union, by allowing less-developed regions to benefit fully from telecommunications developments.
RAD
Rapid Application Development
An adaptive software development model based on prototyping and quick feedback with less emphasis on specific planning. Its work cycles are often shorter than agile.
RADIUS
Remote Authentication Dial-In User Service
One of the most common AAA protocols that is supported on a wide variety of platforms and devices
It centralizes authentication for users through routers, switches, firewalls, VPNs, and 802.1X network access.
RAID
Redundant Array of Inexpensive Disks
A technique that combines multiple disk drives to store data redundantly for greater reliability and faster access.
RAS
Remote Access Server
A type of server that provides a suite of services to remotely connected users over a network or the Internet. It acts as a central hub enabling remote users to connect to an internal LAN. It grants authenticated users secure access to resources within an organization’s network from any geographic location.
RAT
Remote Access Trojan
Malware designed to allow an attacker to remotely control an infected computer. It also gives the attacker full administrative privileges.
The attacker may also use a RAT as a keylogger to steal credentials. They can use this malware to install/remove software, steal files, and hijack the webcam.
RBAC
(2 acronyms)
Role-Based Access Control
Rule-Based Access Control
Role-Based Access Control
An access control model that is based on account roles (manager, director, team lead, project manager, etc.)
Administrators provide access based on the role of the user. Rights are gained implicitly instead of explicitly.
Rule-Based Access Control
An access control model that grants rights and permissions according to system-enforced rules. The administrator configures these roles and attaches them to files. These rules are then enforced once a user attempts to access the resource.
Ex.
Lab network access is only available between 9am - 5pm.
Only chrome browsers can complete this web form.
RC4
Rivest Cipher version 4
One of the most popular symmetric key stream cipher. It’s simple to apply and works quickly.
It encrypts one byte at a time via an algorithm.
RDP
Remote Desktop Protocol
A protocol for using a desktop computer remotely.
RFID
Radio Frequency Identifier
A wireless technology that uses radio waves to identify and track objects by placing an RFID tag or transponder on them. The tag contains a microchip and an antenna that transmits a unique identifier to a reader device when prompted by the reader’s radio signal.
This technology allows for non-contact, non-line-of-sight identification and tracking of items, which is beneficial for many businesses, including those involved in supply chain management, retail, logistics, and asset management.
Combining RFID and IoT technologies allows for the automation of gathering and analyzing massive amounts of information to optimize and improve businesses processes and decision-making.
RIPEMD
RACE Integrity Primitives Evaluation Message Digest
Commonly used to create digital watermarks in Bitcoin and other cryptocurrencies.
A group of cryptographic hash functions that acts as a centralized encryption standard for all the different countries in Europe.
ROI
Return on Investment
A performance measure used to evaluate the efficiency of an investment or compare the efficiency of several investments. It is a simple ratio that divides the net profit (or loss) from an investment by its cost.
RPO
Recovery Point Objective
The measurement of how much data - measured in time- that a company MUST have in order to be considered up and running after an incident has occurred.
It defines how much data loss is acceptable.
Ex. The database must have at least the last 12 months of data to be considered fully functional.
RSA
Rivest, Shamir, & Adleman
An asymmetric cryptographic algorithm. It has a variable-length key. It uses block cipher methodology, but it is technically not a block cipher.
In RSA, both the public and private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it.
–
RSA is typically meant to only encrypt very small pieces of data, typically hashes and symmetric key that are then used to encrypt the majority of the data. However, RSA encryption/decryption works on blocks of data, usually 64 or 128 bits at a time. The size of the blocks is determined at run time.
Since the requisite data can often be encrypted/decrypted in a single use, it is often mistakenly assumed that it is not a block cipher because the data is a single block, rather than several. This does not change the fact that it does indeed work in a block cipher manner.
It is not intended to be used as a block cipher.
RTBH
Remotely Triggered Black Hole
A technique that provides the ability to drop undesirable traffic at the edge of a protected network (before it reaches the network). It is used to mitigate DDoS attacks and generally improve network security.
In effect, this means that all traffic towards a specific destination is rerouted to a null IP address – essentially a “black hole” in network terms - and dropped there.
RTO
Recovery Time Objective
The maximum acceptable amount of time for restoring a network or application and regaining access to data after an unplanned disruption.
RTOS
Real-Time Operating System
An OS that may allow one process to take complete control over the device’s resources. It is specially designed to run applications with very precise timing and a high degree of reliability. This can be especially important in measurement and automation systems where downtime is costly or a program delay could cause a safety hazard.
To be considered “real-time”, an operating system must have a known maximum time for each of the critical operations that it performs (or at least be able to guarantee that maximum most of the time). Some of these operations include OS calls and interrupt handling.
RTP
Real-time Transport Protocol
A network protocol for delivering audio and video over IP networks. It is optimized for consistent delivery of live (real-time) data.
Difference between key escrow and recovery agent
A Key Escrow is often a third-party. It is necessary when a third-party needs access to encrypted data, such as when there is a court order to decrypt the encrypted data. It involves the law giving the order to decrypt the encrypted data.
A Recovery Agent is often an internal entity. It is a person/entity/role allowed to decrypt a user’s data in case of emergency, such as when the original key is lost by the user. It is primarily for helping internal users.
A Recovery Agent holds a MASTER KEY. A key escrow holds only the private keys for various user encryptions.
Difference between Agile and RAD
Agile focuses on production time; RAD focuses on rapid, iterative prototyping
