3.8 Given a Scenario, Implement Authentication and Authorization Solutions

Question 1

Password Keys

Answer 1

A device that is in the area when authentication is happening.

Question 2

Password Vaults

Answer 2

Is a credential manager. Keeps all secrets info inside a encrypted vault.

Question 3

CHAP

Answer 3

Challenge-Handshake Authentication Protocol
Is a challenge then response between sever and client

Question 4

Password Authentication Protocol

Answer 4

a insecure plaintext protocol

Question 5

RADIUS

Answer 5

Remote Authentication Dial-In User Service is a server that allows you use a RAS (remote access server)

Question 6

SSO

Answer 6

Single Sign-On means that you only have to authenticate once.

Question 7

SAML

Answer 7

Security Assertion Markup Language supports the exchange of authentication and authorization between systems.

Question 8

OAuth

Answer 8

Open Authorization is the standard for allowing you to use the same authorization between primary and third party sites.

Question 9

Kerberos

Answer 9

Third party protocol used in a SSO system.

Question 10

MAC in Military

Answer 10

Mandatory access control
Military/GOV assigning clearances

Question 11

MAC in Private

Answer 11

Confidential/proprietary
Private
Sensitive
Public

Question 12

DAC

Answer 12

Discretionary access control
User has control over who has access to resources that the user owns

Question 13

PAM

Answer 13

Privileged access management (PAM) is the control over issuing higher-than-normal user privileges to specific subjects