Factor Authentication Information Security Flashcards

System includes a number of components, depending on the system's needs for authentication and authorization. Strong authentication requires at least 2 forms of authentication (*What a user knows. *What a user has. *What a user is. *What a user produces.)

Is a scanner that initates traffic on the network in order to determine security holes.

An indication that a system has just been attacked and/or continues to be under attack.

Produces unified descriptions of attacks from alarms produced by multiple IDS. In order to be effective, the proposed system takes into account two characteristics of IDS: (I) for a given attack, different sensors may produce a number of alarms reporting different attack descriptions; and (II) a certain attack description may be produced by the IDS in response to different types of attack.

The process of classifying the attack alerts that an intrusion detection system produces in order to distinguish/sort false positives from actual attacks more efficiently.

The process of classifying the attack alerts that an IDS produces in order to distinguish and sort false positives from actual attacks more efficiently.

An indication that a system has just been attacked and/or continues to be under attack.

The higher-order protocols are examined for unexpected packet behavior, or improper use.

Examines an application for abnormal events by looking at the files created by the application and looking for occurrences that would indicate that there is a problem in the normal interaction between the users, the application, and the data.

Use a challenge-response system, in which the server challenges the user during login with a numerical sequence.

Is a series of steps of processes used by an attacker, in a logical sequence, to launch an attack against a target system or network.

The reverse process of finding out who is hacking into a system.

Collects statistical summaries by observing traffic that is known to be normal. This IDS can detect new types of attacks, because it is looking for abnormal activity of any type.

Is a control strategy that implements and manages all IDS control functions in a central location.

is when the measured activity is outside the baseline parameters. (Once the baseline is established, the stat IDS will periodically sample network activity, and, using statistical methods, compare the sampled network activity to this baseline.)