Test Questions Flashcards
Uses a challenge message during authentication?
-CHAP - Challenge Handshake Authentication Protocol
Which hashing algorithms are NOT secure?
Which hashing algorithms are NOT secure?
- MD5 - collisions
- RIPEMD - collisions
Which hashing algorithms are NOT secure?
* list not complete
Which hashing algorithms are NOT secure?
- MD5 - collisions
- SHA-0, SHA-1
-RIPEMD-160 is secure, but other version maybe not good. SHA-2 is better
EV Certificate
EV Certificate
Extended Validation
-Additional checks have been made to validate site owner
tracerout
tracerout
- Maps each hop by incrementing TTL (Time To Live) for each request
- When TTL reaches 0, receiving router drops packet and sends ICMP TTL Exceeded message back to original station.
AAA Framework
-Four phases, and what they need
AAA Framework
- Identification - username - who you claim to be
- Authentication - password - prove you are who you say you are
- Authorization - based on identification and authentication, what do you have access to?
- Accounting - Resources use - login time, data send/received, logout time
Data Steward/Custodian
-What are this role’s responsibilities
Data Steward/Custodian Handles routine tasks to protect data -ensure data backed up -ensure backups properly labeled and stored -Data owners delegate task to custodian
Data Owner
-What are this role’s responsibilities
Data Owner
- A higher-level executive
- Identifying classification of data
- Ensure data labeled to match classification
- Ensure security controls implemented to protect data
ICS
ICS
Industrial Control System
-Dedicated network to manage and control manufacturing equipment, power generation equipment, etc
802.1X supports what types of authentication?
- 1X supports what types of authentication?
- Authentication server receives request for access via EAP
- RADIUS
- LDAP
- TACAS+
- Kerberos
Which authentication mechanism does 802.1x usually rely upon?
Which authentication mechanism does 802.1x usually rely upon?
- EAP - Extensible Authentication Protocol
- Request for access from supplicant on computer and authentication server (RADIUS, etc)
PKCS
PKCS
Public Key Cryptography Standard
-Asymmetric
-A digital signature algorithm
Data Wiping
- Another name?
- What does it do?
- Is media reusable?
Data Wiping
- aka clearing
- software tool to overwrite data on hard drive to destroy all electronic data.
- May be performed with a 1x, 7x, or 35x overwriting, with a higher number of times being more secure.
- Allows the hard drive to remain functional and reused.
Degaussing
- What does it do?
- Is media reusable?
Degaussing
- demagnetizing a hard drive to erase its stored data.
- cannot reuse a hard drive once it has been degaussed.
Data Purging
- What does it do?
- Is media reusable?
Data Purging
- aka sanitizing
- Removing sensitive data from a hard drive using the device’s own electronics or an outside source (like a degausser).
- Not reusable.
- Three methods: physical destruction, cryptographic erasure and data erasure