Security Fundamentals 98-367: Lesson 2
effective permission
Actual permissions when logging in and accessing a file or folder. They consist of explicit permissions plus any inherited permissions
auditing
Also known as accounting, is the process of keeping track of a user's activity while accessing network resources, including the amount of time spent in the network, the services accessed while there, and the amount of data transferred during each session.
accounting
Also known as auditing, is the process of keeping track of a user's activity while accessing network resources, including the amount of time spent in the network, the services accessed while there, and the amount of data transferred during each session.
asymmetric encryption
Also known as public key cryptography, uses two mathematically related keys for encryption. One key is used to encrypt the data, while the second is used to decrypt it.
certificate chain
Also known as the certification path, is a list of certificates used to authenticate an entity. It begins with the certificate of the entity and ends with the root CA certificate.
biometrics
An authentication method that identifies and recognizes people based on physical traits, such as fingerprints, face recognition, iris recognition, retinal scans, and voice recognition.
digital certificate
An electronic document that contains an identity, such as a user or organization name, along with a corresponding public key. Because a _____ is used to prove a person's identity, it can also be used for authentication.
owner
An identity that controls an object including what permissions are set on the object and to whom permissions are granted.
domain user
A user account stored on the domain controller and allows you to gain access to resources within the domain, assuming you have been granted permissions to access those objects.
local user account
A user account that is stored in the Security Account Manager (SAM) database on the local computer.
right
A(n) _____ authorizes a user to perform certain actions on a computer.
permission
A(n) _____ defines the type of access over an object or the properties of an object such as an NTFS file or printer.
hash function
Has a one-way encryption, which means that after something has been encrypted with this method, it cannot be decrypted.
The same permissions as the target folder
If you copy a file or folder to a new volume, what permissions will that file or folder have?
SAM
Local user accounts are found in:
explicit permission
Permissions granted directly to a file or folder
inherited permission
Permissions granted to a folder (parent object or container) that flows into child objects (subfolders or files) inside that folder.
NTFS Permission
Permissions that allow you to control which users and groups can gain access to files and folders on an NTFS volume
nonrepudiation
Prevents one party from denying the actions it has carried out.
auditing
To track a user's activities in Windows, you need to enable _____.
symmetric encryption
Uses a single key to encrypt and decrypt data.
Kerberos
What is the primary authentication method used on Microsoft Active Directory?
multifactor authentication
When two or more authentication methods are used to authenticate someone.
ownership
When you cannot access a folder because someone removed the permissions so that no one can access it, you must take _____ of the folder.
Full Control
Which NTFS permission is needed to change attributes and permissions?
PKI
Which infrastructure is used to assign and validate digital certificates?
NTFS
Which of the following file systems offers the best security? -FAT -FAT32 -NTFS -EFS
Password reader
Which of the following is not a biometric device? -Password reader -Retinal scanner -Fingerprint scanner -Face scanner
Encryption
Which of the following is not a method for authentication? -Something the user knows -Something the user owns or possesses -Encryption -Something the user is
RADIUS
Which of the following services is used for centralized authentication, authorization, and accounting? -VPN -PGP -RADIUS -PKI
NTFS folder Active Directory user Registry key
Which of the following uses an ACL? -NTFS folder -Active Directory user -Registry key -Login rights
EFS
Which technology is used to encrypt an individual file on an NTFS volume?
Asymmetric
Which type of key has one key for encryption and a different key for decryption?
Explicit
Which type of permission is granted directly to a file or folder?
domain controller
A Windows server that stores a replica of the account and security information of a domain and defines the domain boundaries.
registry
A central, secure database in which Windows stores all hardware configuration information, software configuration information, and system security policies. Components that use the ____ include the Windows kernel, device drivers, setup programs, hardware profiles, and user profiles.
group
A collection or list of user accounts or computer accounts
organizational units (OU)
A container used in Active Directory to help organize objects within a domain and minimize the number of domains
Secure Sockets Layer (SSL)
A cryptographic system that uses two keys to encrypt data, a public key known to everyone and a private key known only to the recipient of the message. The public key is published in a digital certificate, which also confirms the identity of the web server.
security token
A device that may give you a second password to log in to a system is a(n) _____.
five
By default, your computer clock should not be off more than ____ minutes or you might have problems with Kerberos authentication.
Active Directory
A directory service technology created by Microsoft that provides a variety of network services, including Lightweight Directory Access Protocol (LDAP), Kerberos-based and single sign-on (SSO) authentication, DNS-based naming and other network information and a central location for network administration and delegation of authority.
dictionary attack
A form of attack which attempts all words in one or more dictionaries. Lists of common passwords are also typically tested.
access control list (ACL)
A list of all users and groups that have access to an object.
certificate revocation list (CRL)
A list of certificates (or more specifically, a list of serial number for certificates) that have been revoked or are no longer valid and therefore should not be relied on.
Security Account Manager (SAM)
A local security database found on most Windows computers.
user account
A logical object that enables a user to log on to a computer and domain.
computer account
A logical object that provides a means for authentication and auditing a computer's access to a Windows network, as well as its access to domain resources.
digital signature
A mathematical scheme that is used to demonstrate the authenticity of a digital message or document. It is also used to prove that the message or document has not been modified.
BitLocker To Go
A new feature in Windows 7 that enables users to encrypt removable USB devices, such as flash drives and external hard disks.
security token
A physical device that an authorized computer services user is given to ease authentication.
smart card
A pocket-sized card with embedded integrated circuits consisting of nonvolatile memory storage components and perhaps dedicated security logic.
personal identification number (PIN)
A secret numeric password shared between a user and a system that can be used to authenticate the user to the system.
password
A secret series of characters that enables a user to access a particular file, computer, or program
member server
A server that is not running as a domain controller
administrative share
A shared folder typically used for administrative purposes.
Syslog
A standard for logging program messages that can be accessed by devices that would not otherwise have a method for communications.
IP Security (IPsec)
A suite of protocols that provides a mechanism for data integrity, authentication, and privacy for the Internet Protocol. It is used to protect data that is sent between hosts on a network by creating secure electronic tunnels between two machines or devices. ____ can be used for remote access, VPN, server connections, LAN connections, or WAN connections.
public key infrastructure (PKI)
A system consisting of hardware, software, policies, and procedures that create, manage, distribute, use, store, and revoke digital certificates. Within the ____, the certificate authority (CA) binds a public key with respective user identities and issues digital certificates containing the public key.
brute force attack
A type of attack that tries as many possible combinations of characters as time and money permits.
right
Authorizes a user to perform certain actions on a computer, such as logging on to a system interactively or backing up files and directories on a system. User _____ are assigned through local policies or Active Directory group policies.
Key
Can be thought of as a password, is applied mathematically to plain text to provide cipher or encrypted text. Different _____ produce different encrypted output.
permission
Defines the type of access that is granted to an object (an object can be identified with a security identifier) or object attribute
shared folder
Technology that allows access of data files over the network.
single sign-on (SSO)
Technology that allows you to log on once and access multiple related but independent software systems without having to log in again.
virtual private network (VPN)
Technology that links two computers through a wide-area network such as the Internet. To keep the connection secure, the data sent between the two computers is encapsulated and encrypted.
domain controller
The _____ holds a copy of the centralized database used in Active Directory
registry
The centralized database that holds most of the Windows configuration is known as the _____.
NTLM
The default authentication protocol for Windows NT, stand-alone computers that are not part of a domain, and situations in which you are authenticating to a server using an IP address.
Kerberos
The default domain computer network authentication protocol, which allows hosts to prove their identity over a non-secure network in a secure manner.
built-in groups
The default groups that are included within Windows or Active Directory
PDC Emulator
The master time keeper and master for password changes in an Active Directory domain is:
NTFS
The preferred file system for today's Windows operating system
decryption
The process of converting data from encrypted format back to its original form.
encryption
The process of converting data into a format that cannot be read by another user. Once a user has ______ a file, that file automatically remains _____ when it is stored on disk.
authorization
The process of giving individuals access to system objects based on their identity.
authentication
The process of identifying an individual, usually based on a username and a password.
Inherited
_____ permissions flow from a parent object to a child object.
share permissions
permissions assigned to shared folders or drives