Podcast Beta
Questions and Answers
What is the primary purpose of salting in password storage?
What type of firewall monitors and controls incoming and outgoing traffic on a single host?
What is the main difference between Default Deny and Default Allow firewall rules?
What is the primary goal of Access Control Lists (ACLs)?
Signup and view all the answers
What is the main difference between Symmetric and Asymmetric encryption?
Signup and view all the answers
What is the primary purpose of Cryptographic Hash Functions?
Signup and view all the answers
What is the main advantage of using Role-Based Access Control (RBAC)?
Signup and view all the answers
What is the main goal of password expiration policies?
Signup and view all the answers
Study Notes
Password Management
-
Password Policies:
- Length: minimum 8-12 characters
- Complexity: mix of uppercase, lowercase, numbers, and special characters
- Expiration: 60-90 days
- History: prevent reuse of previous passwords
-
Password Storage:
- Hashing: one-way encryption, storing hashed passwords instead of plaintext
- Salting: adding a random value to the password before hashing
-
Password Cracking:
- Types: brute force, dictionary, rainbow table attacks
- Prevention: use strong passwords, implement rate limiting, and account lockout policies
Firewalls
-
Types:
- Network-based: monitors and controls incoming and outgoing network traffic
- Host-based: monitors and controls incoming and outgoing traffic on a single host
-
Firewall Rules:
- Default deny: denies all traffic unless explicitly allowed
- Default allow: allows all traffic unless explicitly denied
-
Firewall Configurations:
- Whitelisting: only allows specific traffic to pass through
- Blacklisting: blocks specific traffic from passing through
Access Control
-
Access Control Models:
- Discretionary Access Control (DAC): access based on user identity
- Mandatory Access Control (MAC): access based on user clearance level
- Role-Based Access Control (RBAC): access based on user role
-
Access Control Lists (ACLs):
- Define permissions for users or groups to access resources
- Can be used to implement DAC, MAC, and RBAC models
-
Authentication, Authorization, and Accounting (AAA):
- Authentication: verifies user identity
- Authorization: determines access to resources
- Accounting: tracks and logs user activity
Cryptography
-
Types of Cryptography:
- Symmetric encryption: uses the same key for encryption and decryption
- Asymmetric encryption: uses a pair of keys for encryption and decryption
-
Cryptography Algorithms:
- AES (Advanced Encryption Standard): symmetric encryption algorithm
- RSA (Rivest-Shamir-Adleman): asymmetric encryption algorithm
-
Cryptographic Hash Functions:
- SHA-256 (Secure Hash Algorithm 256): one-way encryption, used for data integrity
- MD5 (Message-Digest Algorithm 5): one-way encryption, used for data integrity (though considered insecure)
Password Management
- Password policies require a minimum of 8-12 characters in length, with a mix of uppercase, lowercase, numbers, and special characters.
- Passwords should expire every 60-90 days and have a history to prevent reuse of previous passwords.
- Password storage involves hashing, which is a one-way encryption, and salting, which adds a random value to the password before hashing.
- Password cracking can be prevented by using strong passwords, implementing rate limiting, and account lockout policies.
- Types of password cracking attacks include brute force, dictionary, and rainbow table attacks.
Firewalls
- Network-based firewalls monitor and control incoming and outgoing network traffic.
- Host-based firewalls monitor and control incoming and outgoing traffic on a single host.
- Firewall rules can have a default deny policy, which denies all traffic unless explicitly allowed, or a default allow policy, which allows all traffic unless explicitly denied.
- Firewall configurations can use whitelisting, which only allows specific traffic to pass through, or blacklisting, which blocks specific traffic from passing through.
Access Control
- Discretionary Access Control (DAC) grants access based on user identity.
- Mandatory Access Control (MAC) grants access based on user clearance level.
- Role-Based Access Control (RBAC) grants access based on user role.
- Access Control Lists (ACLs) define permissions for users or groups to access resources and can be used to implement DAC, MAC, and RBAC models.
- Authentication verifies user identity, authorization determines access to resources, and accounting tracks and logs user activity.
Cryptography
- Symmetric encryption uses the same key for encryption and decryption.
- Asymmetric encryption uses a pair of keys for encryption and decryption.
- AES (Advanced Encryption Standard) is a symmetric encryption algorithm.
- RSA (Rivest-Shamir-Adleman) is an asymmetric encryption algorithm.
- SHA-256 (Secure Hash Algorithm 256) is a one-way encryption algorithm used for data integrity.
- MD5 (Message-Digest Algorithm 5) is a one-way encryption algorithm used for data integrity, but it is considered insecure.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Assess your knowledge of password policies, storage, and cracking prevention methods. Learn how to create strong passwords and protect them from attacks.