Password Management and Security
8 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary purpose of salting in password storage?

  • To add a random value to the password before hashing (correct)
  • To store passwords in plaintext
  • To make passwords more complex
  • To enforce password expiration policies
  • What type of firewall monitors and controls incoming and outgoing traffic on a single host?

  • Application-based firewall
  • Host-based firewall (correct)
  • Perimeter firewall
  • Network-based firewall
  • What is the main difference between Default Deny and Default Allow firewall rules?

  • Default Deny is used for network-based firewalls, while Default Allow is used for host-based firewalls
  • Default Deny allows all traffic, while Default Allow denies all traffic
  • Default Deny denies all traffic unless explicitly allowed, while Default Allow allows all traffic unless explicitly denied (correct)
  • Default Deny is used for incoming traffic, while Default Allow is used for outgoing traffic
  • What is the primary goal of Access Control Lists (ACLs)?

    <p>To define permissions for users or groups to access resources</p> Signup and view all the answers

    What is the main difference between Symmetric and Asymmetric encryption?

    <p>Symmetric encryption uses a single key, while Asymmetric encryption uses a pair of keys</p> Signup and view all the answers

    What is the primary purpose of Cryptographic Hash Functions?

    <p>To ensure data integrity</p> Signup and view all the answers

    What is the main advantage of using Role-Based Access Control (RBAC)?

    <p>It simplifies the management of access control by assigning roles to users</p> Signup and view all the answers

    What is the main goal of password expiration policies?

    <p>To force users to change their passwords regularly</p> Signup and view all the answers

    Study Notes

    Password Management

    • Password Policies:
      • Length: minimum 8-12 characters
      • Complexity: mix of uppercase, lowercase, numbers, and special characters
      • Expiration: 60-90 days
      • History: prevent reuse of previous passwords
    • Password Storage:
      • Hashing: one-way encryption, storing hashed passwords instead of plaintext
      • Salting: adding a random value to the password before hashing
    • Password Cracking:
      • Types: brute force, dictionary, rainbow table attacks
      • Prevention: use strong passwords, implement rate limiting, and account lockout policies

    Firewalls

    • Types:
      • Network-based: monitors and controls incoming and outgoing network traffic
      • Host-based: monitors and controls incoming and outgoing traffic on a single host
    • Firewall Rules:
      • Default deny: denies all traffic unless explicitly allowed
      • Default allow: allows all traffic unless explicitly denied
    • Firewall Configurations:
      • Whitelisting: only allows specific traffic to pass through
      • Blacklisting: blocks specific traffic from passing through

    Access Control

    • Access Control Models:
      • Discretionary Access Control (DAC): access based on user identity
      • Mandatory Access Control (MAC): access based on user clearance level
      • Role-Based Access Control (RBAC): access based on user role
    • Access Control Lists (ACLs):
      • Define permissions for users or groups to access resources
      • Can be used to implement DAC, MAC, and RBAC models
    • Authentication, Authorization, and Accounting (AAA):
      • Authentication: verifies user identity
      • Authorization: determines access to resources
      • Accounting: tracks and logs user activity

    Cryptography

    • Types of Cryptography:
      • Symmetric encryption: uses the same key for encryption and decryption
      • Asymmetric encryption: uses a pair of keys for encryption and decryption
    • Cryptography Algorithms:
      • AES (Advanced Encryption Standard): symmetric encryption algorithm
      • RSA (Rivest-Shamir-Adleman): asymmetric encryption algorithm
    • Cryptographic Hash Functions:
      • SHA-256 (Secure Hash Algorithm 256): one-way encryption, used for data integrity
      • MD5 (Message-Digest Algorithm 5): one-way encryption, used for data integrity (though considered insecure)

    Password Management

    • Password policies require a minimum of 8-12 characters in length, with a mix of uppercase, lowercase, numbers, and special characters.
    • Passwords should expire every 60-90 days and have a history to prevent reuse of previous passwords.
    • Password storage involves hashing, which is a one-way encryption, and salting, which adds a random value to the password before hashing.
    • Password cracking can be prevented by using strong passwords, implementing rate limiting, and account lockout policies.
    • Types of password cracking attacks include brute force, dictionary, and rainbow table attacks.

    Firewalls

    • Network-based firewalls monitor and control incoming and outgoing network traffic.
    • Host-based firewalls monitor and control incoming and outgoing traffic on a single host.
    • Firewall rules can have a default deny policy, which denies all traffic unless explicitly allowed, or a default allow policy, which allows all traffic unless explicitly denied.
    • Firewall configurations can use whitelisting, which only allows specific traffic to pass through, or blacklisting, which blocks specific traffic from passing through.

    Access Control

    • Discretionary Access Control (DAC) grants access based on user identity.
    • Mandatory Access Control (MAC) grants access based on user clearance level.
    • Role-Based Access Control (RBAC) grants access based on user role.
    • Access Control Lists (ACLs) define permissions for users or groups to access resources and can be used to implement DAC, MAC, and RBAC models.
    • Authentication verifies user identity, authorization determines access to resources, and accounting tracks and logs user activity.

    Cryptography

    • Symmetric encryption uses the same key for encryption and decryption.
    • Asymmetric encryption uses a pair of keys for encryption and decryption.
    • AES (Advanced Encryption Standard) is a symmetric encryption algorithm.
    • RSA (Rivest-Shamir-Adleman) is an asymmetric encryption algorithm.
    • SHA-256 (Secure Hash Algorithm 256) is a one-way encryption algorithm used for data integrity.
    • MD5 (Message-Digest Algorithm 5) is a one-way encryption algorithm used for data integrity, but it is considered insecure.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Assess your knowledge of password policies, storage, and cracking prevention methods. Learn how to create strong passwords and protect them from attacks.

    More Like This

    Cybersecurity Best Practices
    6 questions
    Password Security Best Practices
    5 questions
    Proactive Cybersecurity Measures
    38 questions
    Cybersecurity Essentials Quiz
    37 questions
    Use Quizgecko on...
    Browser
    Browser