1/40
Vocabulary flashcards based on lecture notes covering authentication factors, types of password attacks, biometric security, and secure authentication protocols such as RADIUS and SAML.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
Access Control
The process of granting or denying approval to use specific resources.
Triple-A (AAA)
A cybersecurity framework that includes authentication, authorization, and accounting.
Authentication
Validates the credentials of an entity (user) to ensure it is genuine (not an imposter).
Authorization
Grants the user access to certain resources based on a set of permissions.
Accountability
Makes the user responsible by recording the actions taken.
Audit
Verifies what a user has done.
Knowledge factor
An authentication factor based on something that only you know, such as a password or PIN.
Possession factor
An authentication factor based on something you have that nobody else has, such as a bank Card, RFID Card, or cell phone.
Biometrics factor
An authentication factor based on something you are, involving biological characteristics like fingerprints, face expressions, or iris scans.
Attributes
Additional forms of authentication including Geographic Location, Behavior/Activity (e.g., signature, keystroke dynamics), and Other Person's Validation.
Credential Stuffing attack
An attack where an attacker accesses multiple accounts upon knowing one password because the user used the same password for multiple accounts.
Password Guessing
An attack where the attacker attempts guessed passwords at the login prompt.
Shoulder Surfing
An attack where the attacker watches an individual entering a security code on a keypad.
Brute Forcing
An attack where the attacker tries all possible combinations of passwords.
Password Spraying
An attack where the attacker selects one or a few common passwords (like password1 or 123456) and tries them across several user accounts.
Password Dumps
An attack where the attacker steals the passwords stored in a system or a database.
Hash function
A function that takes an input string (message) and encrypts it to produce a hash result (output or digest).
Digests
Irreversible hash results that cannot be decrypted.
Offline Brute Force Attack
A digest attack where the password list is generated by trying all possible combinations of characters.
Dictionary Attack
A digest attack where the list is generated from commonly used words in a dictionary.
Password Collection Attack
A digest attack where the list is taken from a previous dump of passwords in clear text.
Rainbow Table Attack
An attack using a compressed list of passwords that are related and organized in a sequence.
Salting
A technique where a random string (salt) is generated and concatenated to the password before hashing it.
Key Stretching
The use of specialized password hashing algorithms like bcrypt, PBKDF2, and Argon2 that are intentionally designed to be slower.
Entropy
A measure of the strength of a password.
Number of possible passwords formula
(h)h
Card Skimming attack
An attack using a small device that fits into a card reader and reads information stored on a card's magnetic strip to clone it.
Windowed Tokens
Also called key fobs, these use an algorithm to generate a one-time password (OTP) usually valid for 30−60seconds.
Security Keys
Small devices inserted into a USB port that have a pair of public/private keys burned into them to authenticate the user.
Retinal Scan
Maps the unique pattern of a retina by directing a beam of low-energy infrared light (IR) into a person's eye.
Fingerprint Scan
Takes a picture of the ridges and valleys in a fingerprint and compares it with the image on file.
Iris Scan
Uses a standard webcam to identify the unique characteristics of the iris.
Facial Recognition
Uses landmarks called nodal points on human faces for authentication.
False negative
A biometric system error where an imposter is accepted as genuine.
False positive
A biometric system error where a legitimate user is rejected.
Cognitive Biometrics
Also called knowledge-based authentication, it acquires bio signals or responses to external stimulus, such as Picture Password.
Single Sign-On (SSO)
A technology that uses one authentication credential to access multiple accounts or applications.
RADIUS (Remote Authentication Dial In User Service)
A service that authenticates users by sending requests from a client (like a wireless AP) to a centralized server.
SAML (Security Assertion Markup Language)
An XML standard that allows secure web domains to exchange user authentication and authorization data.
Directory Service
A database stored on the network that contains information about users and network devices.
Kerberos
A technology that uses encryption and authentication when a user attempts to access a network service.