Access control lists
Using a VPN
Access controls that restrict usage
An intrusion prevention system (IPS)
Recording to write-once media.
Firewall that creates an enclave
Consume less bandwidth
Are not visible to an IDS
Provide root level access
Decrease the surface area for the attack
Are not typically configured correctly or secured
Sustain attacks that go unnoticed
Log off the user
Overwrite the oldest audit records
Stop generating audit records
Send an alert to the appropriate personnel
Reviewing event logs regularly
Enabling auditing on the system
Auditing every system event
Deciding what events to audit
Looking over a co-workersshould'er to retrieve information
C. Looking through a co-worker's trash to retrieve information
Verifies the validity of an email address
Corrupts the mail file
Wastes company bandwidth
Installs Trojan horse viruses
PAP is insecure because usernames and passwords are sent over the network in clear text.
CHAP is more secure than PAP because it encrypts usernames and passwords before they are sent over the network
RADIUS is a client/server-based system that provides authentication, authorization, and accounting services for remote dial-up access
MS-CHAP version 1 is capable of mutual authentication of both the client and the server.
Self service password reset management systems
Locally saved passwords management systems
Multiple access methods management systems
Synchronized passwords management systems
A challenge-response session is a workstation or system that produces a random challenge string that the user provides, when prompted, in conjunction with the proper PIN (Personal Identification Number).
A challenge-response session is a workstation or system that produces a random login ID that the user provides, when prompted, in conjunction with the proper PIN (Personal Identification Number)
A challenge-response session is a special hardware device used to produce random text in a cryptography system.
A challenge-response session is the authentication mechanism in the workstation or system that does not determine whether the owner should be authenticated.
Clocks are used to ensure proper connections.
Clocks are used to ensure that tickets expire correctly.
Clocks are used to generate the seed value for the encryptions keys.
Clocks are used to both benchmark and specify the optimal encryption algorithm.
Use packet sniffing software on all inbound communications
Apply the most recent manufacturer updates and patches to the server.
Enable auditing on the web server and periodically review the audit logs
Block all Domain Name Service (DNS) requests coming into the server.
Communications are a drain on bandwidth
Communications are open and unprotected
Has no common protocol
Uses weak encryption
A network interface card
Demilitarized zone (DMZ)
Demilitarized zone (DMZ)