Term
| ___ refers to the mechanisms used to verify the identity of the computer or user attempting to access a particular resource. |
|
Definition
|
|
Term
| ___ is usually done with a set of credentials — most commonly a username and password. |
|
Definition
|
|
Term
| ___ determines if the authenticated user is allowed access to a particular resource. |
|
Definition
|
|
Term
| ___ refers to the tracking mechanisms used to keep a record of events on a system. |
|
Definition
|
|
Term
| ___ is a standard for providing authentication with only a single sign-on. |
|
Definition
|
|
Term
| A nonproprietary protocol used for cross-platform authentication, ___ is the main authentication protocol used with Windows servers. |
|
Definition
|
|
Term
| ___ enables secure authentication over an insecure network such as the Internet. |
|
Definition
|
|
Term
| Kerberos uses ___ ___ cryptography, in which both client and server use the same encryption key to cipher and decipher data. |
|
Definition
|
|
Term
| In ___ ___ cryptography (aka public key cryptography), a device has both a public and private key. The public key is used to encrypt the communication, and the private key is used for decrypting. The private key is never shared. |
|
Definition
|
|
Term
| Kerberos authentication works by assigning a unique key called a ___ to each client that successfully authenticates to a server. |
|
Definition
|
|
Term
| A ___ ___ ___ is a collection of software, standards, and policies combined to enable users from the Internet or other unsecured public networks to securely exchange data. |
|
Definition
| Public Key Infrastructure (PKI) |
|
|
Term
| ___ ___ ___ uses a public and private cryptographic key pair obtained and shared through a trusted authority. |
|
Definition
| Public Key Infrastructure (PKI) |
|
|
Term
| A ___ is a digitally signed statement that associates the credentials of a public key to the identity of the person, device, or service that holds the corresponding private key. |
|
Definition
|
|
Term
| ___ ___ issue and manage certificates. |
|
Definition
| Certificate authorities (CAs) |
|
|
Term
| A ___ ___ ___ is a list of certificates that were revoked before they reached the certificate expiration date. |
|
Definition
| Certificate Revocation List (CRL) |
|
|
Term
| When keys are used to secure data transmissions, the computer generates two different types of keys: ___ and ___. |
|
Definition
|
|
Term
| ___ (asymmetric) key encryption uses both a private and public key to encrypt and decrypt messages. The public key is used to encrypt a message or verify a signature, and the private key is used to decrypt the message or to sign a document. |
|
Definition
|
|
Term
| ___ (symmetric) key encryption uses a single key for both encryption and decryption. |
|
Definition
|
|
Term
| ___s are the cornerstones of the Public Key Infrastructure (PKI). |
|
Definition
|
|
Term
| ___ is a protocol that enables a single server to become responsible for all remote-access authentication, authorization, and auditing (or accounting) services. |
|
Definition
|
|
Term
| __ __ __ __ __ __ __ is a security protocol for centralized validation of access to a router or Network Access Server (NAS). |
|
Definition
| Terminal Access Controller Access Control System+ (TACACS+) |
|
|
Term
| TACACS+ uses ___ for data delivery while RADIUS uses ___. |
|
Definition
|
|
Term
RADIUS combines ___ and ___, whereas
TACACS+ can separate their functions. |
|
Definition
authentication
authorization |
|
|
Term
| __ ___ __ __ protocol authenticates remote Windows workstations, providing the functionality to which LAN-based users are accustomed while integrating the hashing algorithms used on Windows networks. |
|
Definition
| Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) |
|
|
Term
| ___ uses a challenge/response mechanism to keep the password from being sent during the authentication process. |
|
Definition
|
|
Term
| MS-CHAP uses the Message Digest 5 (MD5) hashing algorithm and the Data Encryption Standard (DES) encryption algorithm to generate the ___ and ___. |
|
Definition
|
|
Term
| MS-CHAP provides mechanisms for reporting ___ errors and for changing the user's ___. |
|
Definition
|
|
Term
| A more secure authentication method than MS-CHAP, ___ adds support for two-way authentication and improves cryptographic key analysis. |
|
Definition
|
|
Term
| ___ ___ Protocol is an extension of PPP that supports more sophisticated authentication than simple username and password (token cards, smart cards, and digital certificates). |
|
Definition
| Extensible Authentication Protocol (EAP) |
|
|
Term
| __ __ __ Protocol enables authentication without actually having the user send his password over the network. |
|
Definition
| Challenge Handshake Authentication Protocol (CHAP) |
|
|
Term
| ___ ___ Protocol is a simple authentication protocol in which the username and password are sent to the remote-access server in clear text, making it possible to steal both. |
|
Definition
| Password Authentication Protocol (PAP) |
|
|
Term
| With ___ access, users are allowed to log on without authentication. |
|
Definition
|
|
Term
| When two or more access methods are included as part of the authentication process, it is called a ___ authentication system. |
|
Definition
|
|
Term
| An authentication system that uses two items such as smart cards and passwords is called a ___-___ system. |
|
Definition
|
|
