Security Terminology Define the following terms: 1. Authentication – ability to identify who it isa. ACL – (access control list) is associated w/ a given resource. Describes groups, users, machines and their permissions associated with that particular resource. i. Token- one time only password key.
CA- certificate of authority- creates certificates -system or entity trusted to generate and distribute digital certificates. Can be privately used or from a 3 rd party e-commerce site. Verifies identity of user. Authentication method. c. RA- Registration Authority-issues certificates-RA verifies credentials supplied by an agent and then sends the CA an okay to issue a certificate.
d. PKI- Public Key Infrastructure- Policies and behaviors that surround the deployment and management of key pairs. How you issue two keys at one time. e.
Kerberos- Authentication method used by Microsoft. Uses 3 different protocols, listed below i. TGT- Ticket granting ticket. Allows you to request resources on the network from servers. ii. TGS- Ticket granting server.
Accesses a particular network server for tickets. iii. AS- Authentication Server. Equivalent to a morning check-in at security desk of a hotel.
Checks the identity of a server. f. CHAP- Challenge handshake authentication protocol. Was designed to replace the PAP. Communication between server and client proving identity. i.
The Essay on Cemex Key Issue
Business to Business: This means that the transaction are between two companies. Bibliografia: Negocios en Ambient es Computacionales, Antonio Donandio Medagalia, MC Grow Hill. 2004 Key Issue 1: Cemex is advancing thanks to the good administration they have. The way they have meeting with the top leaders is good. As these leaders have been able to take advantage of the opportunities they have ...
MS-CHAP- Microsoft Chap. PAP- Password authentication protocol h. X. 509- digital certificate that uniquely identifies a party.
Standard structure of a certificate. i. KDC- Key distribution center. Biometrics- Authentications based on human anatomy. k. Multi factor- Authentication based on 2 valid authentication methods.
l. Mutual Authentication- Client establishes identity to server. Server provides authentication information to client to ensure that illicit servers cannot masquerade as genuine servers. Both parties have to authenticate. 2. Encryption- hiding data using algorithms.
protection, method of code, algorithms, formulas a. Asymmetric keys- pair of key values one public and one private. b. Symmetric keys- single encryption key generated. c.
DES- Data Encryption standard developed by government. d. Diffie-hellman- encryption algorithm named after its two creators. e.
IPSec- used for encryption of TCP/IP traffic. Method of encrypting any IP transmissions. f. PGP- Pretty good privacy- mainly used in email less secure than the PKI.
g. RSA- Rivest-Shamir-Ad leman- encryption algorithm named after its 3 creators. Using two pair keys. h. SSL- Secure Socket Loader- used mainly on web servers to transmit securely via HTTPS: //3.
Network protocols and organization a. DMZ- Demilitarized zone- Zone used for public access. Used with FTP, web servers and DNS servers. b. IDS- Intrusion Detection System- 2 types: Active and Passive c. NAT- Network Address Translation- Appends to your logical port.
Protects internal hosts. Used with proxy servers. Translates internal IP to Real IP. Uses unique port table. There is 65, 000 ports d. Tunneling- ability to go to 1 point to another as though you are a single proprietary line.
1 logical circuit. Used with Virtual Private Networks. e. PPP- Point to point protocol.
f. PPTP- Microsoft product. Enhancement to point to point protocol. Called point to point tunneling protocol. Allows Point to point to be used in a tunnel. i.
The Term Paper on Sygate Server Computer Network
SYGATE 3. 11 BUILD 556 README Thank you for trying SyGate 3. 11. This document contains important information that you may find useful for installing and using SyGate 3. 11. For additional instructions on installing and using SyGate 3. 11, please see the SyGate 3. 11 online users guide-you can quickly get to it from the help menu within the SyGate Manager application. (Note: a shortcut to the ...
MPPE- MS point to point encryption. Encrypts within a tunnel. g. L 2 TP- Layer 2 tunneling protocol Sisco’s version of MPPE. Works with IPSEC. Works to encrypt with Ipsec.
h. RADIUS- Remote access dial in user service- usually used with Unix or LENI X systems. An authentication system. i.
RAS- Remote Access Server- provides users to dial in from anywhere. Allows you to connect with different location computers with dial up. j. RPC- Remote procedure calls. Links to another remote program. Ability to access remoter computer and access a program and execute it on your own computer.
Loads program onto your computer from another computer. 4. Attacks and detection a. Sniffing – Looking at network traffic and deciphering it for propaganda uses. b. Stateful Inspection- firewall protection.
Inspects entire packet. Looks at words in the packet. Used with proxy servers. c. Spoofing- Impersonating a computer or network. d.
Trojan horse- program that appears to be working fine and replicates good programs. Performs malicious acts to your PC. e. Zombie (bot) – a logic bomb.
A virus waiting for certain variables to be met before activating. Program does same thing. f. DOS- Denial of Service- example- flood of pings. 1 person denied internet access. g.
DDOS- Distributed denial of service- Across the board denial of service. When an entire network goes down. h. Backdoor- allows you to enter a certain area with different credentials. Easy way out. Creating another way to enter a system if your system gets hacked.
i. Man in the middle- MIT- used to gather information between hosts. j. Brute Force attack- Guessing passwords. Trial and error. k.
Hijacking- take over someone’s computer. Aka-replay l. Social engineering- Used by individual. Examples: looking over persons shoulder for password, dumpster diving, impersonating on phone, phishing through fake emails.
To hack without use of technology. ping of death = ping -t -l 650000 easter. com.
