Page 4 - Security+ (635 notes by Nikkhah)
P. 4
and expires as soon as the user logs off.
20- Kerberos helps prevent replay and spoofing attacks.
Challenge Handshake Authentication Protocol (CHAP)
21- CHAP is used to verify the authenticity of the client periodically.
22- It uses a three-way handshake even after the session has been set up.
23- CHAP cannot work with encrypted password databases.
24- MS-CHAP, used in Microsoft Windows networks, is considered secure.
Digital certificates
25- Digital certificates use digital signatures to bind the identity of a person to acertificate.
26- A Public Key Infrastructure (PKI) is used to issue and manage certificates.
27- A Certification Authority (CA) issues digital certificates.
28- Certificates can be used for authentication of a user, a server, or an organization.
29- Information on certificates includes the name of the certificate holder, the issuing authority,
the validity dates, and the encryption method used.
30- Web servers must use certificates in order to use the Secure Socket Layer (SSL) for
secure transactions.
Username/Password
31- The combination of username and password is used for supplying the credentials of the
user.
32- This method is most commonly used by all major operating systems.
33- Password policies should enforce the use of secure passwords.
34- Password policies require users to use long passwords with a mix of characters, to change
passwords regularly, and to not reuse old passwords.
Security tokens
35- A security tokens is a hardware device that contains the credentials of a person for
authentication.
36- It is considered to be the most trusted method of verifying the identity of a user.
37- The hardware device is coded to generate token values at predetermined intervals.
38- The software component of the token tracks and verifies that these codes are valid.
www.hrnikkhah.com by : Hamid Reza Nikkhah Page 2
