Access Control ch 5

Question 1

OTP

Answer 1

One time password

Question 2

SAML

Answer 2

Security Assessment Markup Language

Question 3

Oath

Answer 3

Your word to work within ethics

Question 4

Tacacs/tacacs+/xtacacs

Answer 4

This is a client server oriented environment, and it operates in a manner

Question 5

5 primary methods of control

Answer 5

MAC-mandatory access control-all access predefined
DAC-discretionary access control- incorporates some flexibility
RBAC-role based all the users role to dictate access capabilities
RBAC-rule based-limits user to preconfigured policies-Dental but those on this list/ or spec appear
ABAC-Attribute-based-considers all of the various attributes associated w the subject and object in making the access control decision. Nist 800-162

Question 6

Smart cards-Difficult to counterfeit

Piv-personal identification verification card

Answer 6

End of chapter

Question 7

Wireless threat terms

Answer 7

A

Question 8

802.1x

Answer 8

Ieee standard that defines port-based security for wireless network access

Question 9

AP

Answer 9

Access point-point at which access to a network is accomplished.often in relation to a wireless access point

Question 10

Bluejacking

Answer 10

The sending of unsolicited messages over a Bluetooth connection

Question 11

Bluesnarfing

Answer 11

Gaining of unauthorized access through a Bluetooth connection

Question 12

Disassociation

Answer 12

And attack in which the intruder sends a frame to the AP with a spoofed address to make it look like it came from the victim and disconnects them from the network

Dos attack de authentication attack

Question 13

Evil twin

Answer 13

And attack in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit.

Question 14

Interference

Answer 14

The byproduct of electrical processes. One common form of interference is radio frequency interference (RFI), which is usually projected across a radio spectrum.

Question 15

IV attack

Answer 15

And attack that involves looking at repeated results in order to crack the WEP secret key.
Initialization vector in wired equivalent privacy RC4 encryption 24 bit
TKIP temporal key integrity protocol was employed to strengthen wep. 128 bit based on MAC address of destination device and sn of the packet. Backward compatible

Question 16

Jamming

Answer 16

Purposely obstructing or interfering w a signal

Question 17

RFID

Answer 17

Radio frequency identification a technology that incorporates the use of electromagnetic coupling in the radio frequency portion of the spectrum to identify items uniquely(object, animal, person, credit cards)

Question 18

NFC

Answer 18

Technology that enables communications between devices when they’re “touched” together. Often used to verify that the device is present.

Question 19

Replay attack

Answer 19

And attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection

Question 20

Rogue access point

Answer 20

Unauthorized

Question 21

SSID

Answer 21

Service set identifier is used by the access point of a wireless LAN to identify itself and is intended to be unique for a particular area/entity on a network

Question 22

Wi-FI

Answer 22

A wireless network operating 2.4 ghz or 5ghz range

Question 23

WPS

Answer 23

authenticition

Question 24

WEP

Answer 24

802.11b wireless

Question 25

Wap

Answer 25

Rf clients