Security Flashcards

1
Q

Authentication

A

verifying the identity of something(user, system)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Authorization

A

checking what permissions to give that entity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Encryption

A

Transforming data so it is unreadable to people without the key. Turn plain text into cypher text.(Hash function)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SSL and TLS do what

A

allow clients to create secured sessions. Encryption happens automatically

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

describe the difference between the public and the private key

A

the public key is kept somewhere accessible by clients and used to encrypt data. the private key is kept secret and used to decrypt messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Digital certificate

A

data files used to establish the identity of users and electronic assests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

how does a digital certificate establish the secure connection

A

DS copied to CA. when client accesses the web app, CA sends DS. Client uses CA public key to decode the DS. once the client verifies the identity it can use the companies public key to encrypt/decrypt messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

reasons to use OAuth2.0

A

don’t need to handle users and roles. good UI. and rely on well established services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

resource owner

A

the user giving access to some portion of their account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

resource server

A

the API server used to access the users info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Authorisation server

A

the server that presents the interface where the user approves or denies the request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

client

A

the application attempting to access the users account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what are the 3 grant types

A

authorization code, client credentials and password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly