3.7

Question 1

What is the Identity provider?

IdP

Answer 1

Authentican as as Service (Aaas)
A list of entities
Commonly used by SSO applications

Question 2

What are some attributes of (IdP)

Answer 2

An identifier
- provides identification
personal attributes
- Name or email address

Question 3

What do certificates do? What so digital certificates do?

Answer 3

Certificates bind the identity of the certificate owner to a public and private key
Encrypts data, create digital signatures
Digital certificate
- Assigned to a person or a device

Question 4

What is the difference between a smart card and a USB token

Answer 4

Smart card integrates with devices and may require a PIN. USB token has the certificate on the USB device

Question 5

SSH keys

Answer 5

Use a key instead of username and password.

Public and private keys are critical for automation

Question 6

SSH key-based authentication

Answer 6

Create a public/private key pair
- ssh-keygen
Copy the public key to the SSH
- ssh-copy-id user@host

Question 7

What type of account is associated with a specific person. The computer associates the user with a specific identification number

Answer 7

User account

Question 8

Is it difficult to manage an audit trail with a shared or generic account?

Answer 8

Yes, it is hard to track who was working

Question 9

What are some privileges listed with a guest account

Answer 9

No access to change settings, modify applications, view other user’s files . Not the default removed from Windows 10

Question 10

What are service accounts

Answer 10

Used exclusively by services running on a computer. For example web server or database server

Question 11

Do privileged accounts have one of the following or all of the following?
- Elevated access to one or more systems
Complete access to the system

Answer 11

All of the listed elements are associated with privileged accounts

Question 12

Should privilege accounts be highly secured

Answer 12

Yes

Question 13

What are account policies

Answer 13

Control access to an account. Confirm authentication policies are in place and in line with password policies, authentication factor policies, and other considerations

Question 14

What is permission auditing

Answer 14

Make sure everyone has the correct permissions.

Question 15

Name some location based policies

Answer 15

Network location
Geolocation
Geofencing
Geotagging 
Location-based access rules

Question 16

What is the difference between geofencing and geotagging

Answer 16

Geofencing
- automatically allow or restrict access when the user is in a particular location
Geotagging
-Add location metadata to a document or file
-Latitude and longitude, distance, time stamps

Question 17

Location-based and time-based access rules

Answer 17

Location-based
- User IP address needs to be associated with the right location to access app or other account abilities
Time-based
- allowed to access lab or other work related account abilities in a certain time frame