SEC+ Flashcards

Sec+

27 cards | Total Attempts: 188 | Created by stevenerceg | Last updated: Sep 22, 2015 | Total Attempts: 188

Pin it

Share on reddit

- +

Confidentiality Refers To

+

Related Flashcards

Sec+ 2008 Study

Sec Plus Ports

English 6 Sec. 2 Nov 2011 Test

Related Topics

Word Flashcards

Word

Phrase Flashcards

Phrase

Meaning Flashcards

Meaning

Vocabulary Flashcards

Vocabulary

Sentence Flashcards

Sentence

Cards In This Set

Front	Back
Confidentiality refers to	The idea that information should only be accessible to its intended recipients
Integrity is	The idea that information should arrive at a destination as it was sent.
Availability refers to	the idea that information should be available to those authorized to use
Which of the following are components of CIA	Confidentiality, Integrity, Availability
A user encrypts an email before sending it. The only person that can decrypt the email is the recipient. By encrypting the email in this way, the user is attempting to preserve the	Confidentiality of the information
Types of Access Control Factors	Type I: What you know (password, pin) Type II: What you have (keycard, key) Type III: What you are (fingerprint, retina scan)
what is multi-factor authentication	using more than one factor (Type) to ensure a user’s identity
Three steps to any access control process	1. Identification: Who is the user? 2. Authentication: Is the user who he says he is? 3. Authorization: What does the user have permission to do?
MAC: Mandatory Access Control is	The system in which a central administrator or administration dictates all of the access to information in a network or system.
DAC: Discretionary Access Control is	The system in which the owners of files actually determine who gets access to the information.
RBAC: Role-Based Access Control is	Related to a system in which the roles of users determine their access to files. For example, if Bob is a member of accounting, he should not be able to access the engineering files.
Kerberos is	an open-source and widely-accepted method of authentication that works on a shared secret key system with a trusted third party
Name a Kerberos vulnerability	One is that Kerberos makes extensive use of that trusted third party. If the third party is compromised, information confidentiality and integrity may be breached. If the third party simply fails, availability is lost.
The most common form of authentication system is	a username and password system.
Kerberos is associated with _______ technology	SSO (single sign on)