Access Control 101
The three categories of access control
Authentication, Authorization, Accounting
Permission
A device that directs traffic between networks
Router
Non-traditional devices connected to the internet to provide enhanced features
IoT Devices
The process of verifying that someone is who they say they are
Authentication
Making sure that every action taken on a system or network generates a record
Accounting
Two most common types of networks
LAN - local area network that connects devices in the same physical area
WAN - wide area networks that connect devices across a wide geo-graphical area
One of the most fundamental controls for a network
Firewall
True or False: An ID Card or Driver's license is a form of authentication
False - identification is a related concept of authentication
Events that point to malicious activity taking place on a network, device, or account
Indicators of Attack (IoAs)
_____ work within a network by directing traffic between devices connected to it
Switches
Designed to detect attacks happening on the network and provide alerts to security personnel
Intrusion Detection Systems (IDS)
Some physical or behavioral attribute of a person
Biometric
Catchall term for capturing events that happen on a system during its operation
Logging
When an adversary intercepts traffic as it moves through the network
Sniffing
IDS is typically considered a _____ system because they do not stop the malicious traffic
Passive
5 types of authentication methods
Something You Know
Something You Have
Something You Are
Something You Do
Somewhere You Are
The standard ranking method for security event severity
Syslogs
Adversary technique in which the IP address of a legitime device on the network is copied to imitate that device
IP Spoofing
The two different methods used by Intrusion Detection Systems (IDS) to detect attacks
Signatures and heuristics