CIS
UVC2 STUDY MATERIAL.docx

A user tokens in computer systems an access token

Info icon This preview shows pages 19–21. Sign up to view the full content.

A. User tokens - In computer systems, an access token contains the security credentials for a login session and identifies the user, the user's groups, the user's privileges, and, in some cases, a particular application. B. Out of band exchange - Out-of-band authentication is often used in financial institutions and other organizations with high security requirements. The practice makes hacking an account more difficult because two separate and unconnected authentication channels would have to be compromised for an attacker to gain access. C. Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext
Image of page 19

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

and decryption of ciphertext. The keys may be identical or there may be a simple transformation to go between the two keys. D. PKI - A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. 62. A secure stock trading system specifies that each server has a master key known to itself and each of its peers. Messages are encrypted between systems using session keys derived from the master keys. Which key management system does this scenario exemplify? A. Key distribution Center (KDC) - In cryptography, a key distribution center (KDC) is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. KDCs often operate in systems within which some users may have permission to use certain services at some times and not at others. B. Split knowledge. Split Knowledge - Split knowledge prevents any one person from knowing the complete value of an encryption key or passcode. ... Next, it is important to understand the security best practices concepts of Dual Control. C. Decentralized distribution - The concept of decentralized system was developed after centralized systems. This system gave rise to the birth of hierarchical civil and military systems and, therefore, the birth of empires. In this system, political power is decentralized in a hierarchical order such that there are middle tier powers between the central and local nodes. For example, Panchayat regime in Nepal had decentralized the system by creating Centre, regions, zones, districts and local bodies for the hierarchical control. In such decentralized system, one authority controls others directly below it and becomes controlled by the one directly above it. In doing so, the central authority can control the entire system. The working arrangement of a decentralized system is shown in Figure 1.B. Here too, the local governments are forbidden to coordinate and work-together among themselves. A decentralized system is also known as layered system or hierarchical system. D. Out of band - In computer networks, out-of-band management involves the use of a dedicated channel for managing network devices. This allows the network operator to establish trust boundaries in accessing the management function to apply it to n
Image of page 20
Network resources
Image of page 21
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern