Search for notes by fellow students, in your own course and all over the country.
Browse our notes for titles which look like what you need, you can preview any of the notes via a sample of the contents. After you're happy these are the notes you're after simply pop them into your shopping cart.
Document Preview
Extracts from the notes are below, to see the PDF you'll receive please use the links above
Delwin Thermitus
Cyber Security
Security 2
AAA Framework
- Authentication
o Proves who you are
o Happens when you log-in
o Many ways to authenticate
- Authorization
o What you are allowed to do
o Permission
- Accounting
o What you have done
o Event logging
o Record Keeping
Authentication Types
- Something you have
o Hardware Token
o Mobile Device
o Smartcards/Keys
- Something you know
o Username – Pins – Patterns
- Something you are
o Fingerprints – eye scan – Face Recognition
o Biometrics
- Things to note
o Multifactor authentication requires two or more different methods combined
o Location can also be used as an additional factor in authentication
o Public methods of authentication are less secure than private ones
Federated log ins
- Use another company’s log ins
o Log in with google etc…
o The external company handles authentication on behalf of the user requested
resource
- Requires trust
o A federated network
o If google trust you, then so do I
o Usernames/password are not typically shared between the organization
Access Control Models
- Mandatory Access Control
o MAC
o Based on clearance levels
▪ Confidential
▪ Secret
▪ Top secret
o Every file gets a label
o Used in Government Agency
▪ Military
▪ Intelligence Community
▪ Contracters
- Discretionary Access Control
o DAC
o Used in most OS
o Owners of the file determine the permissions for the file
o Super – users or Administrators have more rights
Access Control Devices
- Access cards
o Proximity cards
▪ Contactless
▪ Keycards
▪ Payment systems
o Smart cards
▪ Contract based
▪ Integrated chip
▪ Credit/ATM Cards
▪ Typically need a PIN
o Hardware Tokens
▪ Key Fobs
• Like a proximity card
• Commonly on a keychain
▪ USB Devices
• Many generate hashes
• Can also have biometric
o Software Tokens
▪ Onetime Passwords
• Sent by text/email
• Hash generators
Biometric
- Fingerprints
o No two fingerprints are identical
- Eye scanner
o Retina/back of the eye
o Eye color
- Facial/voice recognition
o Typically, only measurements from these personal traits are what gets stored
o Law enforcement stores the real thing