2.4 Summarize authentication and authorization design concepts. Flashcards

1
Q

Authentication is the act of proving a claimed identity using one or more authentication factors.

A

Authentication Methods

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A managed list of network resources. It is effectively a network index or network telephone book of the systems and their shared resources.

A

Directory Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Used to allow clients to interact with directory service resources. LDAP is based on x.500 and uses TCP ports 389 and 636. It uses a tree structure with a district root.

A

Lightweight Directory Access Protocol (LDAP) (Directory Services)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Federation or federated identity is a means of linking a subject’s accounts from several sites, services, or entities in a single account.

A

Federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Attestation is proof or evidence of something. In some circumstances, attestation is when something is signed by a witness to prove its origin or veracity.

A

Attestation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Tokens or synchronous dynamic password tokens that are devices or applications that generate passwords at fixed time intervals.

A

Time based-one on one - time password (T0TP) (Technologies)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Tokens or asynchronous dynamic password tokens that are devices or applications that generate passwords based on a nonrepeating one-way function, such as a hash or HMAC operation.

A

HMAC - based one-time passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Short message service (SMS) or texting can be used as a mechanism of two-step authentication.

A

Short message service (SMS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A form of authentication factor that is something you have. It’s usually a hardware device, but it can be implemented in software as a logical token.

A

Token (key)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A static code is a value that does not change. It is the same value each time it is used, even when used by multiple subjects.

A

Static Code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Authentication applications are software products that assist with logons. These can include credential managers as well as TOTP/ HOTP apps.

A

Authentication applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Occurs when a website or online service sends the customer/user a message through an installed mobile app that is then automatically displayed to the user.

A

Push Notifications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An alternate authentication option that involves calling the user/customer either to provide them a code or passphrase or to answer questions.

A

Phone Call authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Credit card–sized IDs, badges, or security passes with embedded integrated circuit chips. They can contain information about the authorized bearer that can be used for identification and/or authentication purposes.

A

Smart card(s) (authentication)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The collection of physical attributes of the human body that can be used as authentication factors (something you are).

A

Biometrics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

These factors include fingerprints, palm scans, hand geometry, retinal scans, iris scans, facial recognition, voice recognition, vein recognition, gait analysis, signature dynamics, and keyboard dynamics.

A

Biometric Factors

17
Q

A scanner used to analyze the visible patterns of skin ridges on the fingers and thumbs of people. This scanner is thought to be unique to an individual and have been used for decades in physical security for identification, and they are now often used as an electronic authentication factor as well.

A

Fingerprints

18
Q

These scans focus on the pattern of blood vessels at the back of the eye. They are the most accurate form of biometric authentication and are able to differentiate between identical twins. However, they are the least acceptable biometric scanning method for employees because they can reveal medical conditions, such as high blood pressure and pregnancy. The patterns analyzed in these scans can also change as people age and retinas deteriorate.

A

Retina

19
Q

These scanners focus on the colored area around the pupil. They are the second most accurate form of biometric authentication. These scans are often recognized as having a longer useful authentication life span than other biometric factors because the iris remains relatively unchanged throughout a person’s life (barring eye damage or illness). These scans are considered more acceptable by general users than retina scans because they don’t reveal personal medical information.

A

Iris

20
Q

These scans are based on the geometric patterns of faces for detecting authorized individuals. These scans are used to identify and authenticate people before accessing secure spaces, such as a secure vault.

A

Facial

21
Q

This recognition software is a type of biometric authentication that relies on the characteristics of a person’s speaking voice, known as a voiceprint.

A

Voice

22
Q

Vein recognition or vascular biometrics measures the unique vein pattern through the use of near-infrared light to “see” through the skin. Vein recognition can be used on any part of the body, but common focuses are fingertips, back of hand, and cheek.

(Page 176).

A

Vein

23
Q

….

A

Gait analysis

24
Q

….

A

Efficacy rates

25
Q

….

A

False acceptance

26
Q

….

A

False rejectionn

27
Q

…..

A

Crossover error rate