3.8 implement authentication and authorization solutions Flashcards
CHAP
challenge handshake authentication protocol
a method for verifying a user’s identity during an online session. CHAP is used by Point-to-Point Protocol (PPP) servers to authenticate remote users.
three way handshake
RADIUS
a client-server protocol that authenticates and authorizes users to access a network.
RADIUS is a widely used networking protocol that offers centralized authentication, authorization, and accounting (AAA) for users.
Used in federations.
TACACS
remote authentication protocol
an external authentication method that verifies user identity when accessing network devices.
cisco based
Kerberos
the default authorization technology in Microsoft Windows.
a computer network security protocol that authenticates service requests between trusted hosts over an untrusted network.
SSO microsoft
EAP
extensible authentication protocol
is an authentication framework frequently used in network and internet connections.
PTPP
point to point protocol
a TCP/IP protocol that connects two computer systems. It’s a data link layer protocol that transmits multiprotocol data between two directly connected computers.
802.1x
a protocol that authenticates users to a central authority. It’s used to secure wired and wireless networks. 802.1X is considered the gold standard for securing networks.
SAML
Security Assertion Markup Language
XML standard that allows secure web domains to exchange user authentication and authorization data. Using SAML, an online service provider can contact a separate online identity provider to authenticate users who are trying to access secure content.
PAP
password authentication protocol
OAuth
open authentication initiative
OATH defines algorithms and protocols for creating and verifying one-time passwords (OTPs).
OpenID
OpenID is built upon OAuth and uses SSO.
ABAC
Attribute-based access control
policies based on characteristics, such as department, location, manager, and time of day.
DAC
discretionary access control
a type of security access control that restricts or grants access to objects.
MAC
Mandatory Access Control
a cybersecurity system that controls access to sensitive information in an organization