Theory

**Theory**
two factor - atm card w/pin code multi-factor - tokens, dongles, biometrics ||
 * data || raw facts and figures ||
 * PC || Personal Computer, generally running a version of Windows ||
 * CISO || Chief Information Security Officer ||
 * SS# || Sosial Security number ||
 * CC# || Credit Card number ||
 * privledges || access a user has to Read, Write, or Delete files on a system ||
 * SOP || Standard Operating Procedure ||
 * Systems Analysis || Solving a problem for a business with IT ||
 * IT || Information Technology ||
 * CIA || Confidentiality, Integrity, Availability ||
 * access control || physical limitations to access (doors, locks) ||
 * IBAC || Identity Based Access Control ||
 * RBAC || Role Based Access Control (group privileges) ||
 * Authentication examples || single factor - username & password
 * personal identifiers || things you're keep confidential ||
 * Integrity || info is correct (entered correctly, processed correctly, stored correctly, not modified without authorization. ||
 * Availability || Redundant systems, failsafe, can get info when and where it's needed ||
 * DOLLS || Diversity, Obscurity, Limiting, Layering, Simplicity ||
 * Diversity || Different password types, different authentication methods ||
 * Obscurity || Hide information: operating system, applications, internal addresses (NAT, PAT) ||
 * Limiting || Access (physical), RBAC/IBAC, privileges (root, read, write, modify, delete, places) ||
 * Layering || Multiple Obstacles ||
 * Simplicity || Usability, biometrics, management tools ||
 * Red Zone || Public Facing ||
 * Yellow Zone || Low Risk Business Tasks ||
 * Green Zone || High Risk Business Tasks ||
 * SMS || Short Message Service ||