3.8 implement authentication and authorization solutions Flashcards

1
Q

CHAP

A

challenge handshake authentication protocol

a method for verifying a user’s identity during an online session. CHAP is used by Point-to-Point Protocol (PPP) servers to authenticate remote users.

three way handshake

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

RADIUS

A

a client-server protocol that authenticates and authorizes users to access a network.

RADIUS is a widely used networking protocol that offers centralized authentication, authorization, and accounting (AAA) for users.

Used in federations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

TACACS

A

remote authentication protocol

an external authentication method that verifies user identity when accessing network devices.

cisco based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Kerberos

A

the default authorization technology in Microsoft Windows.

a computer network security protocol that authenticates service requests between trusted hosts over an untrusted network.

SSO microsoft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

EAP

A

extensible authentication protocol

is an authentication framework frequently used in network and internet connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PTPP

A

point to point protocol

a TCP/IP protocol that connects two computer systems. It’s a data link layer protocol that transmits multiprotocol data between two directly connected computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

802.1x

A

a protocol that authenticates users to a central authority. It’s used to secure wired and wireless networks. 802.1X is considered the gold standard for securing networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SAML

A

Security Assertion Markup Language

XML standard that allows secure web domains to exchange user authentication and authorization data. Using SAML, an online service provider can contact a separate online identity provider to authenticate users who are trying to access secure content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

PAP

A

password authentication protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

OAuth

A

open authentication initiative

OATH defines algorithms and protocols for creating and verifying one-time passwords (OTPs).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

OpenID

A

OpenID is built upon OAuth and uses SSO.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

ABAC

A

Attribute-based access control

policies based on characteristics, such as department, location, manager, and time of day.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

DAC

A

discretionary access control

a type of security access control that restricts or grants access to objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

MAC

A

Mandatory Access Control

a cybersecurity system that controls access to sensitive information in an organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly