Flashcards in Security Fundamentals Q/A's Deck (32)
What does TACACS+ stand for?
Terminal Access Controller Access Control System
What is does RADIUS stand for?
Remote Authentication Dial-In User Service
RADIUS encrypt what packet type from client to server?
TACACS+ encrypts the entire or partial body of each packet?
Does TACACS+ encrypt the header?
Encrypts the full content of each packet.
No, it does not include the header
802.1x is used for what?
What types of messages are allowed to a 802.1x port and which packets will be blocked?
Port Based Network Access Control
Only 802.1x messages are allowed to go thru the port all other packets will be blocked.
What does AAA server stand for?
Authorization, Authenticated and Accounting
What two protocols are commonly used in AAA server?
RADIUS and TACACS+
What protocol and port does TACACS+ use to communicate between the TACACS+ server?
TCP port 49
What's is created between two endpoints using a Virtual Private Network VPN?
What is a site-to-site VPN over a public network?
multiple fixed locations
What is a remote access VPN over a remote network?
secure VPN connection
What does Multi-Factor Authentication (2FA) use to identify users?
two or more authentication factors
What does a security certificate authenticate and identify?
reliability of a website or web application
What does biometric security use to identify uses?
physical biorecognition technology
What is malware software intentionally designed to do upon infection?
cause damage to server, network or computer
How does a DOS attack work?
floods the target with traffic until it crashes
What does an exploit use to take advantage of one's own system?
bugs or vulnerabilities.
What is ransomware?
malware that requires victims to make payment using cryptography to regain access their files or resources.
What is sphere-phishing?
targeted malware attack sent via email to a specific person or organization
What is a Phishing attack?
random malware attack via email links
What is a Trojan horse?
legitimate looking code designed to take control of your computer.
What is an SQL Injection?
malicious SQL entries injected to attack data-driven applications
What is a man in the middle attack?
something in the middle intercepting communication between two end-points
What are 802.1x authenticators?
L2 switches or Wireless Access Point (WAP).
What is a 802.1x authentication server used to validate?
What is an example of a 802.1x supplicant or Client, which tries to access the network?
user machine (PC)
What is TACACS+ / RADIUS used for?
Centralize user access management
What requests do RADIUS servers receive and why?
user connection requests to authenticate users and return configuration information
What does RADIUS encrypt?
username and encrypted password