Security TerminologyDefine the following terms:1. Authentication: ability to identify who it is. ACL – (access control list) is associated with a certain resource. Describes groups, users, machines and their permissions associated with that particular resource.i. Token: One-time password key. CA- certificate authority- create certificates: trusted system or entity to generate and distribute digital certificates. It can be used privately or by a third-party e-commerce site. Verify the user's identity. Authentication method.c. RA-Registration Authority-issues certificates-RA checks the credentials provided by an agent and then sends the CA a permission to issue a certificate.d. PKI - Public Key Infrastructure: Policies and behaviors surrounding the implementation and management of key pairs. How do you issue two keys at the same time.e. Kerberos: authentication method used by Microsoft. It uses 3 different protocols, listed below. TGT- Ticket granting ticket. Allows you to request resources on the network from servers. ii. TGS- Ticket Granting Server. Accesses a particular network server for tickets. iii. AS-Authentication Server. Equivalent to morning check-in at a hotel security desk. Check the identity of a server.f. CHAP: Challenge handshake authentication protocol. It was designed to replace the PAP. Communication between server and client that proves identity.i. MS-CHAP-Microsoft CHAPg. PAP - Password Authentication Protocolh. X.509- digital certificate that uniquely identifies a party. Standard structure of a certificate.i. KDC- Key Distribution Center. Biometrics - Authentications based on human anatomy.k. Multifactor: Authentication based on 2 valid authentication methods.l. Mutual Authentication: The client establishes identity on the server. The server provides authentication information to the client to ensure that rogue servers cannot masquerade as genuine servers. Both parties must authenticate.2. Encryption: Hiding data using algorithms. protection, coding method, algorithms, formulas. Asymmetric keys: pair of key values, one public and one private.b. Symmetric keys: Generated single encryption key.c. DES: Government-developed data encryption standard.d. Diffie-Hellman encryption algorithm named after its two creators.e. IPSec: Used for encryption of TCP/IP traffic. Method of encryption of any IP transmission.f. PGP- Fairly good privacy- mostly used in less secure emails than PKI.g. RSA-Rivest-Shamir-Adleman encryption algorithm named after its 3 creators. Using two pairs of keys.h. SSL- Secure Socket Loader- primarily used on web servers to transmit securely via HTTPS://3. Network protocols and organization. DMZ- Demilitarized Zone- Area used for public access. Used with FTP, Web servers, and DNS servers.b. IDS- Intrusion Detection System - 2 types: Active and Passivec. NAT- Network Address Translation: Adds to the logical port. Protects internal hosts. Used with proxy servers. Translate internal IP to real IP. Use a unique port table. There are 65,000 ports. Tunneling: ability to pass from one point to another as if it were a single proprietary line.