Studied by 7 people
Firewall
Protect a network with a strong firewall to prevent external intruders from gaining access to the network.
Network Intrusion Detection System NIDS
Implement an NIDS, or better yet, an NIPS to detect intrusion attempts. A NIPS is preferable because it can also block intrusion attempts.
Email Security Appliance
Implement an email security appliance to automatically scan and then quarantine any suspect messages before they reach end-users within the organization.
Network Access Control (NAC)
A collection of components that allow administrators to regulate network access and communication based on a computer's compliance with health requirement policies.
Something you know
This type of authentication requires users to provide a password or some other data that they know. This is the weakest type of authentication.
Something you have
This type of authentication uses something users have in their possession.
Something you are
This type of authentication uses a biometric system. A biometric system attempts to identify a person based on metrics or a mathematical representation of the subject's biological attributes. This is the most expensive and least accepted authentication method, but it is generally considered the most secure form of authentication.
Somewhere you are
This type of authentication uses where you are accessing the information from, such as an IP address, Coordinates, or a house address.
Something you do
This type of authentication uses the unique way you do something, such as writing your signature, or writing a word.
False Negative
Also called a Type I error, occurs when a person who should be allowed access is denied access.
False Positive
Occurs when person who should be denied access is allowed access.
Crossover Error Rate
Also called the equal error rate, is the point where the number of false positives matches the number of false negatives in a biometric system. I
Processing Rate
Also known as system throughput, identifies the number of subjects or authentication attempts that can be validated. An acceptable rate is at least ten subjects per minute.
One-Factor Authentication
Uses only one type of credential, but may require multiple methods within the same type.
Two, Three, or Multiple Factor Authentication
Requires two or more authentication types.
Strong Authentication Method
Requires two or more methods, but they can be of the same type.
Mutual Authentication Method
Requires that both parties authenticate with each other before beginning communications.
Kerberos (Auth Service)
A free protocol that provides strong authentication for client/server applications using a secret-key cryptography that allows the client to prove identity across an unsecure network connection.
IEEE 802.1X (Auth Service)
A port-based authentication service where the client, called supplicant, initiates the authentication. A network device, called authenticator, negotiates the authentication. An authentication server, called host, is accessed after the supplicant is authenticated.
Captive Portal (Auth Service)
A web page that pops up when you access a public Wi-Fi.
Challenge Handshake Authentication Protocol \n (CHAP)
A three-way handshake (challenge/response) authentication protocol used for remote access connections. Both connection devices are configured with a password called a shared secret. For unique user authentication, this value is associated with a user account.
Microsoft Challenge Handshake Authentication Protocol \n (MS-CHAP)
Microsoft's proprietary challenge-response authentication method used for remote access connections
Extensible Authentication Protocol \n (EAP)
Allows the client and server to negotiate the characteristics of authentication.
/etc/passwd
A file that contains the user account information.
/etc/shadow
A file that contains the user passwords in an encrypted format. This file is linked to the /etc/passwd file.
/etc/group
As with Active Directory, you can use groups to simplify user access to network resources. This file contains information about each group.
/etc/default/useradd
This file contains default values used by the useradd utility when creating a user account, such as Group ID, home directory, or account expiration.
/etc/login.defs
A file that contains Values used for the group and user ID numbers, parameters for passwords encryption in the shadow file and password expiration values for user accounts.
/etc/skel
This directory contains a set of configuration file templates that are copied into a new user's home directory when it is created, including the following files: .bashrc, .bash_logout, .bash_profile, .kshrc
useradd
Creates a user account.
passwd
Used to change a users current password.
usermod
esModify an existing user account.
userdel
Removes the user from the system.
Quality updates
Are deployed monthly (usually the second Tuesday of the month). Include security fixes and software updates. Include any missed updates.
Feature updates
Are also called builds, Created to provide new features and functions, Released as a new version of the Windows operating system.
Servicing stack updates
the code that installs Windows updates.
Driver updates
.To keep systems running smoothly, it is important to keep all of these updated. Windows update usually updates all of these that have been registered with Microsoft
Microsoft Product Updates
Provides updates for products such as Office.
Note 
Flashcard (21)