3.8 Flashcards

1
Q

What are password keys

A

Hardware-based authentication

Helps prevent unauthorized logins and account takeovers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Password vaults

A

Password managers create unique passwords and store them. All the credentials are encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A specification for cryptographic functions. Has a cryptographic processor and comes with unique keys burned in during production of the product.

A

TPM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a hardware security module (HSM)

A

High end cryptographic hardware that can be a plug in card or separate hardware device
Key backup
Has Cryptographic accelerators
Used in large environments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What uses personal knowledge as an authentication factor

A

Knowledge-based authentication (KBA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Differences between Static KBA and Dynamic KBA

A

Static KBA
-PRe-configured shared secrets
Dynamic KBA
- Questions are based on an identity verification service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A basic authentication method that is used in legacy systems.

A

Password Authentication Protocol (PAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Is an encrypted challenge sent over the network

A

Challenge-Handshake Authentication Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe the three way handshake that takes place in CHAP

A
  • After link is established, server sends a challenge
  • Client responds with a password hash calculated from the challenge and the password
  • Server compares received hash with stored hash
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is MS-Chap

A

Microsoft’s implementation of CHAP

Used commonly on Microsoft’s Point-to-Point Tunneling Protocol (PPTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is one of the most common AAA protocols that is centralized authentication for users

A

RADIUS

Remote Authentication Dial-in User Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What provides a remote authentication protocol and is created to control access to dial-uplines to ARPANET

A

TACACS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the difference between XTACACS and TACACS+

A

XTACS
- is a Cisco created version of TACACS (proprietary)
TACACS+
- has more authentication requests and response codes (open source)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

This network authentication protocol only needs to be authenticated one time. Also includes mutual authentication between the server and the client

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

This is a port based Network Access Control (NAC). Prevents access tot the network until the authentication succeeds.

A

IEEE 802.1X

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

True or False does EAP integrate with 802.1X

A

True

17
Q

What are some examples of databases 802.1X is used in conjunction with

A

RADIUS, LDAP, TACACS+

18
Q

What does federation do

A

Provides network access by the use of a third party to authenticate and authorize between two organizations

19
Q

Secuirty Assertion Markup (SAML)

A

Open standard for authentication and authorization. Not originally designed for mobile apps

20
Q

This is an Authorization framework that will determine what resources a user will be able to access but is not an authentication protocol

A

OAuth

21
Q

Name the two aspects of Access control and what do they do

A
Authorization
- The process of ensuring authorized rights are exercised 
User received rights 
- based on access control models 
- The correct business needs
22
Q

What is Mandatory Access Control

A

Operating system limits the operation on an object

23
Q

True or False Discretionary Access Control is an access control that grants or restricts access via an access policy determined by an object’s owner group

A

True

24
Q

This Access control is based on the role you have in your corporation

A

Role-based access control (RBAC)

25
Q

Attribute-based access control (ABAC)

A

Access control that considers many parameters such as: Resource information, IP address, Roll in the company, and etc.

26
Q

True or False Rule based access control is determined by users. Also is the rule associated with the object? Lastly is there any conditions associated besides who you know?

A

False Rule-based control is determined by system administrators. Yes and Yes

27
Q

Name some attributes for the File system security

A

File system handles encryption and decryption. Can access information via: Access control list, Group/user rights and permissions, can be centrally administered and/ or users can manage files they own