Authentication, Authorization, Accounting

Authentication, Authorization and Accounting. AAA protocols are used in remote access systems.

Authenication verifies a user’s identification. Authhorization determines if a user should have access. Accounting tracks a user’s access with logs.

Common Access Card
A specialized type of smart card used by Unites States Department of Defense. It includes photo identification and provides confidentitality, integrity, authenticationand non-repudiation for the users. It is similar to a PIV
Challenge Handshake Authenication Protocol
Authentication mechanism where a server
challenges a client. MS-CHAP is an improvement over CHAP and uses manual authentication
Distributed Denical of Service
An attack on a system launched from multiple sources intended to make a computer’s resources or services unavailable to users. DDos attacks are often launched from zombies in botnets. DDoS attacks typically include sustained, abnormally high network traffic. A performance baseline helps administrators detect a DDoS.
Denial of Service
An attack from a single source that attemps to disrupt the servies provided by anihter system. Examples include SYN flood, smurf, and some buffer overflow attacks.
Lightweight Directory Assistance Protocol
Language used to communicate with directories such as Microsoft Active Directory. It provides a central location to manage user accounts and other directory objects. LDAP uses port 389 when unencrypted and port 636 when encrypted.
Mandatory Access Control
Access control model that uses sensitivity labels assigned to objects (files & folders) and subjects (users).

Leave a Reply

Your email address will not be published. Required fields are marked *