Domain 2: Access Control Flashcards

Question

What does Access Creep mean in the Access Control context?

Answer 1

When one **subject** maintains old access rights as he moves from one division to another gaining additional access rights.

Answer 2

The IE Browser is a Subject when it is running but is an Object when its executable is stored on the hard drive.

Answer 3

Subjects Objects Keep all access control examples simple by determining which elements are subjects and which elements are objects.

Answer 4

1: Discretionary Access Control (DAC) 2: Mandatory Access Control (MAC) 3: Non-Discretionary Access Control

Answer 5

No one model is better than the other, rather each model is used for a specific information security purpose. ## Footnote

Answer 6

Gives **subjects** full control of **objects** they have been given access to including sharing with other subjects. DAC allows **subjects** the ability to grant other **subjects** access to their files (**objects**), change their attributes, alter them or delete them.

Answer 7

1: Windows 2: Linux

Answer 8

**Confidentiality Protection** because the system depends on user discretion; a user can mistakenly send a file to someone who has no business of seeing the information in that file.

Answer 9

A system enforced access control model based on the **subject’s** clearance and the **object’s** labels.

Answer 10

**labels** like SECRET and TOP SECRET.

Answer 11

A **subject** may access any **object** if the **subject’s** label is equal to or greater than the **object’s** label.

Answer 12

**MAC** uses the system to enforce access control based on the **subject’s** clearance and the **object’s** labels. **DAC** counts on the **Subject** to use discretion in providing other **subjects** access to his **objects**

Answer 13

MAC systems focus on protecting **Confidentiality** in the CIA model.

Answer 14

1: MAC systems are expensive compared to DAC. Clearing users is expensive. 2: MAC systems are difficult to implement especially when attempting to separate different confidentiality levels within the same interconnected IT system.

Answer 15

1: Honeywell’s SCOMP developed in conjunction with the US and the UK 2: Purple Penelope developed in conjunction with the US and the UK 3: LINUX Intrusion Detection System (Standard LINUX is DAC)

Answer 16

A system enforced access control model that cannot be changed at the discretion of ordinary users. Users do not have discretion regarding the groups of objects they are allowed to access and they are unable to transfer objects to other subjects.

Answer 17

Non-Discretionary Access Control

Answer 18

1: Role Assignment: 2: Role Authorization: 3: Transaction Authorization:

Answer 19

The Identification and Authentication process (Login) is **not** considered a transaction.

Answer 20

A subject can execute a transaction only if the subject has been assigned the proper role. Subjects are grouped into roles. Users can take on only roles for which they authorized.

Answer 21

A subject’s role must be authorized. Each role has access permissions based upon the role and not the position.

Answer 22

A subject can execute a transaction only if the transaction is authorized for the role. Users can execute only transactions for which they are authorized.

Answer 23

RBAC is a type of non-discretionary access control becuase **subjects** do not have the discretion regarding groups of **objects** they are allaowed to access,and are unable to transfer **objects** to other **subjects**.

Answer 24

There is a superficial similarity between RBAC roles and traditional groups (MAC). As normally implemented, a MAC group is a collection of users, rather than a collection of permissions The ability to tie permissions directly to users in a group-based mechanism can be regarded as a "loophole" that makes it difficult to control user-permission relationships. RBAC requires all access through roles, and permissions are connected only to roles, not directly to users.

Answer 25

Non-Discretionary Access Control

Answer 26

No Not full-fledged access controls like MAC and DAC but added in, like defense in depth, for extra protection.

Answer 27

No Not full-fledged access controls like MAC and DAC but added in, like defense in depth, for extra protection.

Answer 28

They add additional criteria beyond Identification and Authentication. They consider the actual content. Example: Subjects can view their Timesheet but not the CEOs.

Answer 29

Applies additional context before granting access. Example: Login time.

Answer 30

Centralized Access Control concentrates access control in one logical point for a system or organization like Single Sign On.

Answer 31

Decentralized Access Control (Distributed Access Control) distributes control to local sites and independent systems.

Answer 32

Provides more local power Example: A US Soldier in a battlefield situation cannot call back to the help desk.

Answer 33

One risk is an inconsistent view across the organization even if there is a uniform policy. Example: A US Soldier in a battlefield situation cannot call back to the help desk.

Answer 34

No Decentralized Access Control will always be spelled out in the exam.

Answer 35

1. RADIUS 2. Diameter 3. TACACS 4. TACACS+ 5. PAP 6. CHAP 7. Microsoft Active Directory

Answer 36

**R**emote **A**uthentication **D**ial **I**n **U**ser **S**ervice

Answer 37

RFC 2865 and 2866

Answer 38

Radius **officially** uses the User Datagram Protocol (UDP) on port 1812 (authentication)

Answer 39

Radius **officially** uses the User Datagram Protocol (UDP) on port 1813 (accounting).

Answer 40

Some Radius systems **unofficially** usethe the User Datagram Protocol (UDP) on ports 1645 (authentication) a

Answer 41

Some Radius systems **unofficially** use the User Datagram Protocol (UDP) on port 1646 (accounting).

Answer 42

Does not provide any Identiy function. It does **Authenticate** a subject’s credentials against an authentication database. **Authorize** users by allowing specific user’s access to specific data objects. Provide **Accountability** by creating a log entry for RADIUS connection made.

Answer 43

Attribute Value Pairs (AVP)

Answer 44

Access-Request ## Footnote Access-Accept Access-Reject Accounting-Request Accounting-Response Access-Challenge Status-Server (Experimental) Status-Client (Experimental)

Answer 45

Uses an 8-bit field for Attribute Value Pairs (AVPs) which gives a max of 256 total pairs.

Answer 46

Radius Only encrypts the password; sends other data (ID for example) in the clear.

Answer 47

1: Limited Accountability - just logs login transactions 2: Flexibility – limited functionality with 8 bit AVPs 3: Scalability – Decentralized nature makes it hard to scale 4: Reliability – Uses UDP TCP 5: Security – Does not encrypt everything

Answer 48

1: Accounability Improved – more robust accounting capability 2: Flexibility Improved - 32 bit field provides for billions AVPs 3: Scalability Improved – Centralized server makes it easier to scale 4: Reliability Improved – Uses TCP 5: Security Improved –End to end encryption

Answer 49

Terminal Access Controller Access Control System (TACACS).

Answer 50

An older authentication protocol common to UNIX networks that allows a remote access server to forward a user's logon password to an authentication server, sometimes called a TACACS daemon or simply TACACSD, to determine whether access can be allowed to a given system.

Answer 51

Terminal Access Controller Access Control System ## Footnote

Answer 52

It was orignially designed to be an encryption protocol, not an authentication protcol.

Answer 53

Because it uses TCP instead of UDP.

Answer 54

1: Improves password protection by allowing two-factor authentication;

Answer 55

Encrypts all data below the header (Better security than RADIUS)

Answer 56

SNORT Cain & Abel

Answer 57

Password Authentication Protocol

Answer 58

The client authenticates itself by sending a user name and an (optionally encrypted) password to the server, which the server compares to its shared secrets database.

Answer 59

Defined by RFC 1334.

Answer 60

Password are sent in the clear; Sniffers can pick them up. This technique is vulnerable to eavesdroppers who may try to obtain the password by listening in on the serial line, and to repeated trial and error attacks.

Answer 61

The server sends a randomly generated ``challenge'' string to the client, along with its hostname. The client uses the hostname to look up the appropriate secret, combines it with the challenge, and encrypts the string using a one-way hashing function. The result is returned to the server along with the client's hostname. The server now performs the same computation, and acknowledges the client if it arrives at the same result.

Answer 62

Challenge Handshake Authentication Protocol (CHAP)

Answer 63

Defined by RFC 1994

Answer 64

Authentication is one waybut using the same secret, negotiating CHAP in both directions can be facilitate authentication in both directions.

Answer 65

Depends on a shared secret that is not sent across the wire. Provides protection against Playback Attacks since a Sniffer will not know the shared secret.

Answer 66

Since Windows 2000

Answer 67

!: Users are placed into Groups 2: Each group may be granted access to various domains within the system.

Answer 68

two trust partners.and nobody else.

Answer 69

the two partners and all of their partner domains.

Answer 70

1: Least Privilege: 2: Separation of Duties: 3: Rotation of Duties

Answer 71

Limiting the access of authorized users to data they require to perform their duties only.

Answer 72

1: Allows an organization to maintain checks and balances among employees for privileged access. 2: Mandating that more than one person is required for a sensitive transaction.

Answer 73

Nuke Control ## Footnote

Answer 74

When leadership rotates the staff through the same duties.

Answer 75

Confidential Secret Top Secret

Answer 76

Confidential

Answer 77

Top Secret

Answer 78

Executive Order 12356 – National Security Information ## Footnote

Answer 79

Unclassified

Answer 80

Sensitive But Unclassified (SBU)

Answer 81

Controlled Unclassified Information (CUI):

Answer 82

For Official Use Only (FOUO):

Answer 83

Least Privelege

Answer 84

Kneed to Know

Answer 85

Sensitive Compartmented Information (SCI)

Answer 86

Internal Use Only ## Footnote Proprietary

Answer 87

Clearances

Answer 88

1: A determination about whether or not a person can be **trusted** with a specific level of information. 2: Assesses current and potential **trustworthiness**.

Answer 89

True ## Footnote

Answer 90

A myriad of different investigations and the collection of personal data. ## Footnote

Answer 91

1: Credit Score 2: Arrest Record 3: Neighbor and friend Interviews

Answer 92

administrative judge ## Footnote

Answer 93

Drug Use ## Footnote Foreign Influence

Answer 94

Documented approval from the **Data Owner** for a **subject** to access certain **objects**. ## Footnote

Answer 95

1: Requires the **subject** to understand the rules for **accessing** data. 2: Requires the **subject** to understand the **consequences** should the data become Lost Destroyed Compromised

Answer 96

1: Rule Based Access Controls 2: Access Control Lists

Answer 97

Use a series of defined rules, restrictions and filters for accessing objects. Uses If-Then statements. Example: If the subject is authorized to surf the web, and the site is on the authorized list, then allow access.

Answer 98

A list of objects that specific subjects can access. These technologies use a form of Access Control Lists

Answer 99

1: Firewalls 2: Routers 3: Border Access Devices

Answer 100

Must plan for and implement a routine update procedure.

Answer 101

A **Credential Se**t is the combination of the **Identification** and the **Authentication** of a **subject**.

Answer 102

1: Administrative or Directive 2: Technical Controls 3: Physical Controls

Answer 103

1: Policy 2: Procedure 3: Regulating 4: Training 5: Awareness

Answer 104

automated controls that provide logical restrictions Routers Firewalls Encryption etc

Answer 105

Uses physical devices to provide barriers Locks Fences Gates Security Guards Etc

Answer 106

Prevents actions from occurring. Applies restrictions to what a potential subject can do. Potential subjects can be authorized or not

Answer 107

Pre-employment drug screening designed to prevent an organization from hiring a drug user.

Answer 108

Establishing privileges on a system for specific subjects.

Answer 109

A fence to protect a facility.

Answer 110

Controls that alert during or after a successful attack.

Answer 111

1: Intrusion Detection Systems (IDS) 2: Closed Circuit TV (CCTV)

Answer 112

Corrects damaged system or process. Typically works hand-in-hand with Detective Controls

Answer 113

Actions taken to recover from a security incident like Rebuild the laptop Restore from tapes

Answer 114

Intrusion Detection System alerts to a possible attack on port 446 and blocks the port (Corrective). Anti-Virus discovers that the target is still infected. You have to rebuild the machine (Recovery).

Answer 115

Deter subjects from performing actions on a system.

Answer 116

Beware of Dog Sign

Answer 117

1: Large fines for speeding 2: Sanction Policy that says employees will be fired of surfing porn sites.

Answer 118

Additional controls put in place to compensate for other control weaknesses.

Answer 119

Type 1: Something You Know Type 2: Something You Have Type 3: Something You Are Extra: Some Place You Are

Answer 120

By using two of the three types of authentication together Type 1: Something You Know Type 2: Something You Have Type 3: Something You Are Extra: Some Place You Are

Answer 121

Requires testing the subject with some sort of Challenge and Response.

Answer 122

1: Static Password 2: Passphrase 3: One Time Password 4: Dynamic Passwords .

Answer 123

Reusable and may not expire. User generated

Answer 124

1: Good ones are hard to remember; Subjects may be tempted to write them down in order to remember them. 2: Inherently limited, regardless of the complexity, because it can be stolen.

Answer 125

Static Passwords ## Footnote

Answer 126

multi-factor authentication ## Footnote

Answer 127

Typically – clear text passwords are not store on IT systems; their hashes are. Hashing is a one-way encryption using an algorithm and no key and cannot be reversed.

Answer 128

converts all passwords to uppercase before hashing

Answer 129

When the attacker guesses at the password and runs them through the hash algorithm.

Answer 130

1: Dictionary Attacks: 2: Brute Force Attacks 3: Hybrid Attacks

Answer 131

The attacker uses a predefined list of words and runs them through the hash algorithm.

Answer 132

Subjects can thwart dictionary attacks by adding special characters to their password.

Answer 133

The attacker calculates the hash of every possible word and stores them in **Rainbow Tables**.

Answer 134

For **Brute Force Attacks**, the attacker calculates the hash of every possible word and stores them in **Rainbow Tables**.

Answer 135

1: Take time 2: Rainbow Tables may not be complete.

Answer 136

Brute Force Attacks ## Footnote

Answer 137

Taking a dictionary list and appending hashes for word combinations like replacing the letter “o” with the number “0.” ## Footnote

Answer 138

Typically stores password hashes in /etc/shadow only accessible by root. ## Footnote

Answer 139

Stores password hashes locally and on the Domain Controller in a file called the Security Account Management (SAM) file. ## Footnote If a subject cannot reach the Domain Controller, then the local system may use the local hash.

Answer 140

Access to the SAM file and the Shadow file should be limited. ## Footnote

Answer 141

The Security Account Management (SAM) file ## Footnote

Answer 142

Typically stores password hashes ## Footnote

Answer 143

fgdump “Cain and Abel”

Answer 144

UNIX / LINUX systems combine passwords with SALTS so that two subjects using the same password will generate completely different hashes

Answer 145

SALTS the attacker now has to hash the same password many times with each salt used.

Answer 146

24 ## Footnote

Answer 147

90 ## Footnote

Answer 148

2 ## Footnote

Answer 149

8 ## Footnote

Answer 150

True ## Footnote

Answer 151

Requires something that a user possesses. ## Footnote

Answer 152

Type 1: Something You Know

Answer 153

Type 2: Something You Have

Answer 154

Type 3: Something You Are

Answer 155

Extra: Some Place You Are

Answer 156

An object that helps prove an identity claim. ## Footnote

Answer 157

Car Keys Credit Cards Paper Documents ## Footnote

Answer 158

Uses time or counters to synchronize a displayed token code with the same code on an authentication server.

Answer 159

Codes change frequently ## Footnote The authentication server knows the serial number of each authorized token, the subject associated to it and the time. With these three parameters, it can predict the valid dynamic code for each token.

Answer 160

The Authentication Server expects Token 1 first, then Token 2, then Token 3, etc. ## Footnote

Answer 161

1: Authentication pair (username and password/pin) (Something they know) 2: The dynamic token code (Something they have).

Answer 162

Not synchronized with a authentication server

Answer 163

A challenge-response Token

Answer 164

1: Subject enters username (Identity Claim) 2: System sends challenge 3: Subject enters challenge-answer and pin (Something you know [Type 1] and something you Have[Type 2]) 4: Token generates response and sends to system

Answer 165

Biometrics

Answer 166

Uses physical characteristics as a means of Identification or Authentication. From the Greek words bios (life) and metric (measurement).

Answer 167

The subject has to remember a password. ## Footnote

Answer 168

Eliminates the need for the subject to remember a password. ## Footnote

Answer 169

True ## Footnote

Answer 170

1: Must be reliable and resistant to counterfeiting. 2: The data storage requirement (template or file size) should be small (1000 bytes or less). 3: Should not cause undue psychological stress (Retina scans are rairly used for this reason) 4: Must be useable by all staff or compensating controls must exist. 5: Any biometric that facilitates the exchange of body fluids is a serious negative (Retina Scans, Fingerprint scans).

Answer 171

A one-time process to register with a biometric system that should take less than two minutes Creating the account with Identity-Authentication pair associated with the biometric information.

Answer 172

Describes the process of authenticating with a biometric system.

Answer 173

The biometric response time should be no more than 6-10 seconds.

Answer 174

1: False Reject Rate (FRR) (Type I Errors) 2: False Accept Rate (FAR) (Type II Errors) 3: Crossover Error Rate (CER)

Answer 175

False Reject Rate (FRR) (Type I Errors)

Answer 176

False Reject Rate (FRR) (Type I Errors)

Answer 177

False Accept Rate (FAR) (Type II Errors)

Answer 178

False Accept Rate (FAR) (Type II Errors)

Answer 179

The rate at which an authorized subject is rejected by the biometric system.

Answer 180

1: Authorized subject frustration 2: Reduction in work dueto poor access conditions 3: Expenditure of resources to revalidate authorized users

Answer 181

Unauthorized subjects gain access to the system.

Answer 182

A False Accept Rate (FAR – Type 2 Error) is worse than a False Reject Rate (FRR – Type 1 Error) because it is better to reject a legitimate subject then it is to accept an imposter.

Answer 183

The point where the False Reject Rate (FRR – Type I Error) and False Accept Rate (FAR – Type 2 Error) are equal.

Answer 184

Equal Error Rate (ERR)

Answer 185

Crossover Error Rate (CER) is a comparison metric for different biometric devices and technologies.

Answer 186

As an identification device becomes more sensitive or accurate, its FAR decreases while its FRR increases. The CER is the point at which these two rates are equal, or cross over. Using the CER as an impartial judgment of a biometric system helps create standards by which products from different vendors can be fairly judged and evaluated.

Answer 187

1: Fingerprints 2: Retina Scan 3: Iris Scan 4: Hand Geometry 5: Keyboard Dynamics 6: Dynamic Signature 7: Voice Prints 8: Facial Scans

Answer 188

1: Fingerprints ## Footnote

Answer 189

The data stored is a mathematical representation of fingerprint minutiae (Friction Ridges) like ## Footnote Whorls Ridges Bifurcation

Answer 190

A laser scan of the capillaries which feed the retina of the back of the eye; Maps the blood vessels of the eye. ## Footnote

Answer 191

Retina scans are rarely used because of the health risks and invasion-of-privacy issues.

Answer 192

A passive biometric control where a camera takes a picture of the iris (the colored portion of the eye). The system compares the picture to the stored info in the database.

Answer 193

1: It works through contact lenses and glasses. 2: High accuracy 3: Passive (May be done without the subject knowing) 4: No exchange of body fluids.

Answer 194

A passive biometric control that takes measurements from specific points in the hand. Length Width Thickness Surface Area

Answer 195

Simple devices where the stored information (template or file size) is very small.

Answer 196

Measures how hard a subject presses each key and the rhythm that each key is pressed.

Answer 197

1: Cheap to implement 2: Reliable but not perfect.

Answer 198

Measures the process by which a subject signs his name. It is similar to Keyboard Dynamics. It measures Time Pressure Loops Beginning and end points

Answer 199

1: Cheap to implement 2: Reliable but not perfect. Similar to Keyboard Dynamics systems

Answer 200

Measures the subject’s tone of voice while saying a specific sentence or phrase

Answer 201

1: Vulnerable to replay attacks 2: Vulnerable to changes in the subject’s voice due to illness.

Answer 202

Subjects insert random words.

Answer 203

Passively takes a picture of the subject’s face and compares it to other pictures in a stored database. Uses facial geometry to distinguish between faces. Measures unique distances between facial features compared to the size of the face.

Answer 204

Disguises do not fool it.

Answer 205

Not typically used for Biometric authentication control because of the high cost but is a good solution for very important systems.

Answer 206

Authentication: Somewhere You Are

Answer 207

Global Positioning System (GPS) IP-Based Geo-location Physical location of Point of Sale Devices To deny access if the subject is in the wrong location.

Answer 208

Allows multiple subjects to use a central authentication server (AS) to access and maintain multiple systems.

Answer 209

1: Improved **User Productivity** because subjects do not have to remember Identity – Authentication pairs for multiple systems. 2: Improved **Developer Productivity** because by providing a common authentication framework. 3: **Simplified Administration** because system admins only have to maintain one system.

Answer 210

1: **Difficult to retrofit**; especially legacy systems. 2: **Unattended Computer**: With SSO, if a subject walks away from his computer, then anybody could have access to all of his resources. With a Multiple Sign On system, the damage is limited to only the one device. 3: **Single point of Attack**: A hacker only has to compromise one system to have the keys to the city.

Answer 211

1: **Difficult to retrofit**; especially legacy systems. 2: **Unattended Computer**: With SSO, if a subject walks away from his computer, then anybody could have access to all of his resources. With a Multiple Sign On system, the damage is limited to only the one device. 3: **Single point of Attack**: A hacker only has to compromise one system to have the keys to the city.

Answer 212

It is a network authentication system for use on physically insecure networks, based on the key distribution model presented by Needham and Schoreder.

Answer 213

The name (also called Cerebrus) of the Three Headed Dog in Greek Mythology that guards the entrance to Hades.

Answer 214

Authentication Authorization Accountability but the original Kerberos only provided authentication. or The Client the KDC (Key Distribution Center) and the server

Answer 215

1: ProvidesAAA while **preventing eavesdropping attacks.** 2: Provides for **data stream integrity** (**Detection** and **Modification**) 3: Prevents unauthorized Reading

Answer 216

Client or Service ## Footnote

Answer 217

A logical Kerberos network; ## Footnote

Answer 218

All entities have a common shared secret in order to communicate with trust. All messages are encrypted using Symmetric Key Encryption (Not PKI).

Answer 219

: Data that authenticates a principal’s identity.

Answer 220

A **Ticket** and a **Service Key** ## Footnote

Answer 221

Key Distribution Center ## Footnote

Answer 222

Authenticates principals by storing a cryptographic key known only to the security principal and the KDC. This key is used in exchanges between the security principal and the KDC and is known as a long term key.

Answer 223

from a user's logon password.

Answer 224

Ticket Granting Ticket

Answer 225

Allows the client to request service tickets and is analogous to a passport - i.e. it is valid for a certain period after which it expires; however once the TGT has been issued, there is no further use of passwords or other logon factors.

Answer 226

1: "Denial of service" attacks 2: "Password guessing" attacks

Answer 227

1: Principals must keep their secret keys secret. 2: Each host on the network must have a clock which is "loosely synchronized" to the time of the other hosts 3: Principal identifiers are not recycled on a short-term basis.

Answer 228

1: Passwords do not appear as plaintext 2: Does not rely on authentication by the host operating system 3: Does not base trust on IP addresses 4: Does not require physical security of the network hosts

Answer 229

1: Provides mutual authentication 2: Defends against Rogue KDCs because passwords are never passed across the network 3: Mitigates replay attacks because of the use of timestamps. . 4: Stateless: credentials issued by the TGS or the KDC are good for the lifetime even if those systems are down.

Answer 230

1: The KDC stores the plain text keys of all principlas. (Single Point of Failure) 2: Replay attacks are still possible for the lifetime of the authenticator. 3: In version 4, any user may request a session key. Eve may want to authenticate with Alice. The KDC sends a session key to Eve encrypted with Alice’s secret key. Eve can then try to brute force the key. In version 5, Kerberos added one additional step. Alice encrypts the current time with her key, thus If the authenticator’s timestamp is off by more than the clock skew (usually set to 5 minutes), the request is rejected. 4: Does not mitigate a malicious local host'; Plaintext keys may exist in memory. A malicious local user ot prpocess may be able to steal locally cached credentials.

Answer 231

Client → KRB\_AS\_REQ (Authenticator ^{Alice Secret Key}, Alice’s SID) → KDC KDC → Uses Alice’s SID to lookup Alice’s Secret Key KDC → Decrypts (Authenticator ^{Alice Secret Key}) with Alice Secret Key. If successful, KDC → KRB\_AS\_REP (TGT)^{TGS Secret Key} → Client KDC → KRB\_AS\_REP (Session Key)^{Alice Secret Key} → Client If Alice cannot decrypt (Session Key)^{Alice Secret Key}, then the session key in invalid (Rogue KDC) If Alice can decrypt, Alice now has a valid Session Key.

Answer 232

Client → KRB\_TGS\_REQ (TGT)^{TGS Secret Key}, Resource Request → TGS TGS → Decrypts (TGT)^{TGS Secret Key} , with its own TGS Secret Key. If successful, TGS → KRB\_TGS\_REP (TGT)^{Resource Secret Key} → Client

Answer 233

Client → KRB\_AP\_REQ (TGT)^{Resource Secret Key} → Resource Resource → Decrypts (TGT)^{Resource Secret Key}with its own Resource Secret Key If Successful, the Resource knows the request is authenticated Resource → Checks if Alice is authorized to use the resource.

Answer 234

No Note: The TGS cannot determine if the user will be able to get access to the target server. It simply returns a valid ticket. Authentication does not imply authorization.

Answer 235

**S**ecure **E**uropean **S**ystem for **A**pplications in a **M**ulti-vendor **E**nvironment

Answer 236

A sequel to Kerberos that adds asymmetric public key encryption. Mitigates Kerbero’s weakness of storing symmetric plain text keys on the KDC.

Answer 237

Uses **Privilege Attribute Certificates** (PACs) in place of the Kerberos Tickets.

Answer 238

Audit security logs

Answer 239

1: AV 2: IDS/IPS 3: Remote Access Software 4: Web Proxy 5: Vulnerability Management 6: Authentication Servers 7: Routers and Firewalls

Answer 240

1: System Events 2: Audit Records 3: Applications 4: Client Requests and Server Responses 5: Usage Information 6: Significant Operational Actions

Answer 241

1: Logs are not reviewed on a timely or regular basis 2: Logs re not stored for long enough periods 3: Logs are not standardized or viewable by correlation toolsets 4: Log entries and alerts are not prioritized. 5: Logs are only reviewed for the bad stuff.

Answer 242

1: White Hat 2: Black Hat 3: Grey Hat

Answer 243

1: Penetration Tests 2: Vulnerability Assessments 3: Security Audits

Answer 244

A white hat hacker who receives permission to attempt to break into the system. Internet DMZ Wardialing Wireless Physical

Answer 245

The White hat hacker has no knowledge of the system he is trying to break into.

Answer 246

Crystal Box

Answer 247

Full-Knowledge (Crystal Box) Pen Tests mean that the White Hat Hacker has inside knowledge

Answer 248

Partial knowledge means that the white hat hacker has some knowledge.

Answer 249

1: Metasploit 2: CoreImpact 3: Immunity Canvas

Answer 250

1: Planning 2: Recon 3: Scanning (enumeration) 4: Exploitation 5: Reporting

Answer 251

stop and escalate to the customers. A Pen Tester Must protecting the confidentiality and Integrity of the systems they are testing.

Answer 252

1: Nessus 2: OpenVAS

Answer 253

A test against a published standard

Answer 254

1: Policies 2: Procedures 3: Admin Controls 4: Change Management 5: Architectural Review 1: Pen Tests 2: Vuln Assessments 3: Security Audits

Answer 255

A: Brute Force

Answer 256

B: Password guessing attempts to log into the system. Password cracking attempts to determine a password used to create a hash.

Answer 257

A: Each Phishing and Spear Phishing attack is socially engineered to trick the user to provide information to the attacker.

Answer 258

D: Botnets

Answer 259

D: Retina scans change depending on the person’s health, iris scans are stable.

Answer 260

B: The roles users have on the system need to be clearly defined.

Answer 261

B: Context-dependent access control

Answer 262

C: Physical / Deterrent

Answer 263

C: False Accept Rate (FAR)

Answer 264

C: The Key Distribution Center

Answer 265

C: Full Knowledge

Answer 266

B: Immediately end the pen test and call the CIO

Answer 267

B: Kneed to know

Answer 268

A: Decrease the amount of minutiae that is verified.