Comptia Security+ (sy0-101) Short Notes: Exam Passing Tips

By Author: smileyi
Total Articles: 31
Comment this article

?Kerberos is an industry standard authentication protocol used to verify user or host identity.

?Role-based access control (RBAC) is an access control model. In this model, a user can access resources according to his role in the organization.

?Mandatory Access Control (MAC) is a model that uses a predefined set of access privileges for an object of the system.

?Authentication is a process of verifying the identity of a person, network host, or system process. We believe that the free exam papers
will help you pass the certification exam without failure.The authentication process compares the provided credentials with the credentials stored in the database of an authentication server.

?Certificate-based authentication is the most secure method of authentication. It provides stronger key for encryption as compared to Digest authentication and sends encrypted passwords across the network. This prevents unauthorized users from intercepting the passwords.

?Anonymous authentication is generally used for public Internet Web sites. Using this method, a ...
... user can establish a connection with a Web server without providing username and password.

?Authentication is a process of verifying the identity of a person, network host, or system process. The authentication process compares the provided credentials with the credentials stored in the database of an authentication server.

?Password Authentication Protocol (PAP) transmits user credentials as plaintext.

?A CompTIA Security+
is a digital representation of information that identifies authorized users on the Internet and intranets.

?Biometrics is a method of authentication that uses physical characteristics, such as fingerprints, scars, retinal patterns, and other forms of biophysical qualities to identify a user.

?Mutual authentication is a process in which a client process and server are required to prove their identities to each other before performing any application function.

?User accounts can be disabled, rather than being deleted, as a security measure to prevent a particular user from logging on.

?Multi-factor authentication involves a combination of multiple methods of authentication. For example, an authentication method that uses smart cards as well as usernames and passwords can be referred to as multi-factor authentication.

?Anonymous authentication is an authentication method used for Internet communication. It provides limited access to specific public folders and directory information or public areas of a Web site.

?Biometrics is the most secure method of authentication.

?The distributed denial-of-service (DDoS) attack involves multiple compromised systems to attack a single target.

?Eavesdropping is the process of listening in private conversations.

?Spoofing refers to the emulation of the identity of a network computer by an attacking computer.

?SYN attack refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open.

?PING is a utility that sends Internet Control Message Protocol (ICMP) request packets to a specified destination host.

?A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network.

?A denial-of-service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network.

?Brute force attack is the most likely cause of the account lockouts. In this attack, unauthorized users attempt to log on to a network or a computer by using multiple possible user names and passwords.

?A strong encryption provides the best protection against a man-in-the-middle attack.
?Back door is a program or account that allows access to a system by skipping the security checks.

?Brute force attack and Dictionary attack are the types of password guessing attacks.

?War driving is the most common method used by attackers to identify wireless networks.
?Smurf is an ICMP attack that involves spoofing and flooding.

?Replay attack used by attackers to obtain an authenticated connection on a network.
?Teardrop is an attack with IP fragments that cannot be reassembled.

?Snooping is an activity of observing the content that appears on a IT certification or watching what a user is typing.

?Phishing is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number.