security terminology :: essays research papers

Security   Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Terminology Define the following terms: 1.  Ã‚  Ã‚  Ã‚  Ã‚  Authentication – ability to identify who it is a.  Ã‚  Ã‚  Ã‚  Ã‚   ACL – (access control list) is associated w/ a given resource. Describes groups, users, machines and their permissions associated with that particular resource. i.  Ã‚  Ã‚  Ã‚  Ã‚  Token- one time only password key b.  Ã‚  Ã‚  Ã‚  Ã‚  CA- certificate of authority- creates certificates -system or entity trusted to generate and distribute digital certificates. Can be privately used or from a 3rd party e-commerce site. Verifies identity of user. Authentication method. c.  Ã‚  Ã‚  Ã‚  Ã‚  RA- Registration Authority-issues certificates-RA verifies credentials supplied by an agent and then sends the CA an okay to issue a certificate. d.  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  PKI- Public Key Infrastructure- Policies and behaviors that surround the deployment and management of key pairs. How you issue two keys at one time. e.  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚  Ã‚   Kerberos- Authentication method used by Microsoft. Uses 3 different protocols, listed below   Ã‚  Ã‚  Ã‚  Ã‚  i.  Ã‚  Ã‚  Ã‚  Ã‚  TGT- Ticket granting ticket. Allows you to request resources on the network from servers.   Ã‚  Ã‚  Ã‚  Ã‚  ii.  Ã‚  Ã‚  Ã‚  Ã‚  TGS- Ticket granting server. Accesses a particular network server for tickets.   Ã‚  Ã‚  Ã‚  Ã‚  iii. AS- Authentication Server. Equivalent to a morning check-in at security desk of a hotel. Checks the identity of a server. f.  Ã‚  Ã‚  Ã‚  Ã‚  CHAP- Challenge handshake authentication protocol. Was designed to replace the PAP. Communication between server and client proving identity. i.  Ã‚  Ã‚  Ã‚  Ã‚  MS-CHAP- Microsoft CHAP g.  Ã‚  Ã‚  Ã‚  Ã‚  PAP- Password authentication protocol h.  Ã‚  Ã‚  Ã‚  Ã‚  X.509- digital certificate that uniquely identifies a party. Standard structure of a certificate. i.  Ã‚  Ã‚  Ã‚  Ã‚  KDC- Key distribution center j.  Ã‚  Ã‚  Ã‚  Ã‚  Biometrics- Authentications based on human anatomy. k.  Ã‚  Ã‚  Ã‚  Ã‚  Multifactor- Authentication based on 2 valid authentication methods. l.  Ã‚  Ã‚  Ã‚  Ã‚  Mutual Authentication- Client establishes identity to server. Server provides authentication information to client to ensure that illicit servers cannot masquerade as genuine servers. Both parties have to authenticate. 2.  Ã‚  Ã‚  Ã‚  Ã‚  Encryption- hiding data using algorithms. protection, method of code, algorithms, formulas a.  Ã‚  Ã‚  Ã‚  Ã‚  Asymmetric keys- pair of key values one public and one private. b.  Ã‚  Ã‚  Ã‚  Ã‚  Symmetric keys- single encryption key generated. c.  Ã‚  Ã‚  Ã‚  Ã‚  DES- Data Encryption standard developed by government. d.  Ã‚  Ã‚  Ã‚  Ã‚  Diffie-hellman- encryption algorithm named after its two creators. e.  Ã‚  Ã‚  Ã‚  Ã‚  IPSec- used for encryption of TCP/IP traffic. Method of encrypting any IP transmissions. f.  Ã‚  Ã‚  Ã‚  Ã‚  PGP- Pretty good privacy- mainly used in email less secure than the PKI. g.  Ã‚  Ã‚  Ã‚  Ã‚  RSA- Rivest-Shamir-Adleman- encryption algorithm named after its 3 creators. Using two pair keys. h.  Ã‚  Ã‚  Ã‚  Ã‚  SSL- Secure Socket Loader- used mainly on web servers to transmit securely via HTTPS:// 3.  Ã‚  Ã‚  Ã‚  Ã‚  Network protocols and organization a.  Ã‚  Ã‚  Ã‚  Ã‚  DMZ- Demilitarized zone- Zone used for public access. Used with FTP, web servers and DNS servers. b.  Ã‚  Ã‚  Ã‚  Ã‚  IDS- Intrusion Detection System- 2 types: Active and Passive c.  Ã‚  Ã‚  Ã‚  Ã‚  NAT- Network Address Translation- Appends to your logical port. Protects internal hosts. Used with proxy servers. Translates internal IP to Real IP. Uses unique port table. There is 65,000 ports d.  Ã‚  Ã‚  Ã‚  Ã‚  Tunneling- ability to go to 1 point to another as though you are a single proprietary line.