Authentication 101
The difference between athenitication and authorization?
authentication identifies WHO you are: authorization determines WHAT you can access.
What is malware?
Malicious software that operates without user consent and makes unauthorized changes to systems.
What is encryption?
The process of converting information into a secret code to prevent unauthorized access and ensure data confidentiality.
A password manager stores your passwords in plain text.
ANSWER: FALSE
A password manager stores passwords securely encrypted.
Sarah used to struggle to remember 50 different logins, so she started using this specific online application. Now, she only remembers one master password, and the app automatically fills in her complex, unique codes for every other site.
What is a Password Manager?
Name two factors used in Multi-Factor Authentication
Any two of the following: • Something you know (password, PIN) • Something you have (key, badge) • Something you are (fingerprint, facial recognition) • Something you do (walking stride, handwriting)
What's the main difference between a virus and a worm?
• Virus: Spreads through human activity (attaching to programs or files)
• Worm: Replicates and spreads independently through networks
What is decryption?
Converting encrypted information back to its original form using a specific key.
Biometrics can be easily duplicated or stolen.
ANSWER: FALSE
Biometrics are unique and nearly impossible to replicate.
Your phone asks you to scan your fingerprint AND enter a PIN. What type of authentication is this?
Two-Factor Authentication (2FA)
It combines: • Something you are (fingerprint/biometric) • Something you know (PIN)
What is a password manager, and why is it useful?
A password manager is an online app that securely stores passwords, allowing users to access multiple accounts with a single password—enhancing security and convenience.
What is ransomware, and what does it do?
Ransomware is malware that restricts access to a system or data until a ransom is paid.
What is a cipher?
A method of disguising information; types include substitution and transposition ciphers.
2FA is more secure than MFA.
ANSWER: FALSE
MFA (with more factors) is generally more secure than 2FA.
You receive an email asking for your password to "verify your account." What type of attack might this be?
Phishing or a social engineering attack.
Never share passwords via email or link. Legitimate companies never ask for passwords through email.
What is 2FA, and how does it differ from MFA?
2FA (Two-Factor Authentication) uses exactly TWO factors.
MFA (Multi-Factor Authentication) uses TWO OR MORE factors.
2FA is a specific type of MFA.
Explain what bots and botnets are.
• Bot: An infected computer controlled remotely
• Botnet: A collection of bots that can be coordinated to perform tasks, often for malicious purposes
Describe the Vigenère Cipher.
A method using interwoven Caesar Ciphers based on a keyword to encrypt alphabetic text with enhanced complexity
Worms require human interaction to spread.
ANSWER: FALSE
Worms replicate and spread independently through networks without human interaction.
Your computer suddenly locks and demands payment to unlock. What happened?
Your system is infected with ransomware.
Do NOT pay the ransom. Contact IT support or law enforcement immediately.
Why are biometrics considered highly secure for authentication?
Biometrics use unique biological traits (fingerprints, facial recognition) that are nearly impossible to duplicate or steal.
What is a keylogger, and why is it dangerous?
A keylogger is malware that records keystrokes to steal sensitive information like passwords and credit card numbers.
What was the Enigma Machine, and why was it significant?
A complex electro-mechanical device used in WWII for encrypting/decrypting messages; it demonstrated the historical importance of encryption technology.
Encryption makes data completely impossible to access.
ANSWER: FALSE
With the correct key, encrypted data can be decrypted and accessed.
A hacker gains access to your email account but can't access your bank account because you have 2FA enabled. Why?
Even with your password, the hacker needs a second factor (such as a code sent to your phone) to access your account.
This is why 2FA is so effective!