CHAPTER 02 CYBER REVIEW
NTFS folder Active Directory user Registry key
All use ACL.
certificate chain
Also known as the certification path, is a list of certificates used to authenticate an entity.
Local User Account
A user account that is stored in the Security Account Manager (SAM) database on the local computer.
Asymmetric key
Has one key for encryption and a different key for decryption. Total keys = 2
Domain Controller
Holds a copy of the centralized database used in Active Directory.
Same permissions as the target folder
If you copy a file or folder to a new volume, what permissions will that file or folder have?
Full Control (NTFS Permission)
Needed to change attributes and permissions.
Encryption
Not authentication.
Password reader
Not biometric.
NTFS (New Technology File System)
Offers best security.
Hash Function
One-way encryption using an algorithm and no key.
Key
Password
Nonrepudiation
Prevents one party from denying the actions it has carried out.
Symmetric Encryption
The same key is used to encode and decode, key = 1.
Inherited permissions
They flow from a parent object to a child object.
RADIUS services
Used for centralized authentication, authorization and accounting.
PKI Infrastructure
Used to assign and validate digital certificates.
EFS technology
Used to encrypt an individual file on an NTFS volume.
Ownership
When you cannot access a folder because someone removed the permissions so that no one can access it, you must take ___ of the folder.
SAM
Where local user accounts are found in.
Security Token
A device that may give you a second password to log into a system.
BitLocker To Go
A Windows utility that can encrypt data on a USB flash drive and restrict access by requiring a password.
Group
A collection of list or user/computer accounts.
secure socket layer (SSL) (transport layer security)
A cryptographic system that uses two keys to encrypt data. A public key known to everyone and a private or secret key known only to the recipient of the message.
5 minutes
By default, your computer clock should not be off more than __ or you might have problems with Kerberos authentication.
Authentication
A method for confirming users' identities
digital certificate
A notice that guarantees a user or a website is legitimate
Smart Card
A pocket-sized card with embedded integrated circuits that is used for authentication.
Certificate Revocation List (CRL)
A repository that lists revoked digital certificates.
Personal Identification Number (PIN)
A secret numeric password shared between a user and a system that can be used to authenticate the user to the system.
Member Server
A server that is not running as a domain controller
Access Control List (ACL)
A set of permissions that is attached to an object.
IP Security (IPsec)
A set of protocols developed to support the secure exchange of packets.
Administrative Share
A shared folder typically used for administrative purposes.
syslog
A standard for logging program messages that can be accessed by devices that would not otherwise have a method for communications.
Active Directory
A technology created by Microsoft that provides a variety of network services, including LDAP, Kerberos, DNS-based naming and central location for network administration and delegation authority.
dictionary attack
Attempt to break a password by trying all possible words.
Right
Authorizes a user to perform certain actions on a computer.
Permission
Defines the type of access over an object or the properties of an object such as an NTFS file or printer.
Explicit Permission
Granted directly to a file or folder.
effective permissions
The actual permissions when a user logs in and accesses a file or folder.
Registry
The centralized database that holds most of the Windows configuration.
KERBEROS
The default authentication method used on Microsoft Active Directory.
NTLM (New Technology LAN Manager) hash
The default authentication protocol for Windows NT, that are not a part of a domain, and situations in which you are authenticating to a server using an IP address.
Biometrics
The identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting
PDC Emulator
The master time keeper and master for password changes in an Active Directory Domain.
NTFS (New Technology File System)
The preferred file system for today's operating systems.
Authorization
The process of giving someone permission to do or have something
Accounting/Auditing
The process of keeping track of a user's activity while accessing network resources.
single sign-on (SSO)
allows you to log on once and access multiple related but independent software systems without having to log in again.
user account
enables a user to log on to a computer and domain.
brute force attack
the password cracker tries every possible combination of characters
Public Key Infrastructure (PKI)
the system for issuing pairs of public and private keys and corresponding digital certificates
