4.0 Identity and Access Management

Question 1

An authentication factor using biometrics, such as fingerprint scanner.

Answer 1

Something You Are

Question 2

An authentication factor using something physical, such as smart card or token.

Answer 2

Something You Have

Question 3

An authentication factor indicating knowledge, such as password or pin.

Answer 3

Something You Know

Question 4

An authentication factor indicating location, often using geolocation technologies.

Answer 4

Somewhere You Are

Question 5

An authentication factor indicating an action, such as gestures or on a touch screen.

Answer 5

Something You Do

Question 6

A collection of computer networks that agree on standards of operation, such as security standards.

Answer 6

Federation

Question 7

Authentication method where users can access multiple resources on a network using a single account.

Answer 7

SSO (Single Sign On)

Question 8

An indirect trust relationship created by two or more direct trust relationships.

Answer 8

Transitive Trust

Question 9

The process that occurs when a user proves an identity, such as with a password.

Answer 9

Authentication

Question 10

The process of granting access to resources for user who prove their identity, such as a username and password based on their proven identity.

Answer 10

Authorization

Question 11

The process of tracking the activity of users and recording this activity in logs. One method is auditing logs that create an audit trail.

Answer 11

Accounting

Question 12

An authentication protocol developed at MIT that uses tickets for authentication.

Answer 12

Kerberos

Question 13

An authentication service that provides central authentication for remote access clients. It can be used as an alternative for RADIUS.

Answer 13

TACACS+

Question 14

An older authentication protocol where passwords or pins are sent across a network in clear text.

Answer 14

PAP (Password Authentication Protocol)

Question 15

Microsoft Implementation of CHAP

Answer 15

MSCHAP

Question 16

A protocol that is used in distributed directory service networks, such as active directory, to assist hosts in locating network resources. This replaced the older x.500 Directory service protocol and uses TCP port 389.

Answer 16

LDAP

Question 17

AAA Standard created to support ISPs with hundreds if not thousands of modems in hundreds of computers to connects to a single central database.

Answer 17

RADIUS

Question 18

A format for a client and server to exchange authentication and authorization data securely. It defines three roles for making this happen: Principle, identity provider, and service provider.

Answer 18

SAML

Question 19

An open source standard used for identification on the internet. It is typically used with OAuth and it allows clients to verify the identity of end users without managing their credentials.

Answer 19

OpenID Connect

Question 20

An open source standard used for authorization with internet-based single sign-on solutions.

Answer 20

OAUTH

Question 21

an open source federated identity solution.

Answer 21

Shibboleth

Question 22

A suite of protocols that provide confidentiality, integrity, and authentication within Windows systems.

Versions: NTLM, NTLM v2, NTLM2

Answer 22

NTLM (New Technology LAN Manager)

Question 23

Access control that uses sensitivity label assigned to objects (files and folders) and subjects (users)

Answer 23

MAC (Mandatory Access Control)

Question 24

Access control model where all objects have owners and owners can modify permissions for the objects (files and folders)

Microsoft NTFS uses this model.

Answer 24

DAC (Discretionary Access Control)

Question 25

Access control model that grants access to resources based on attributes assigned to subjects and objects.

Answer 25

ABAC (attribute-based access control)

Question 26

Access control model that uses roles based on jobs and functions to define access. It is often implemented with groups (providing group-based privileges.)

Answer 26

Role-Based AC

Question 27

Access control model that uses rules to define access. This is based on a set of approved instruction , such as an ACL, or rules that trigger in response to an event, such as modifying ACLs after detecting an attack.

Answer 27

Rule-Based AC

Question 28

Small credit card sized cards that activate when they are in close proximity of the card reader. They are often authorized personnel to open doors.

Answer 28

Proximity Card

Question 29

A credit card sized card that has an embedded microchip and certificate. It is used for authentication in something you have factor of authentication.

Answer 29

Smart Card

Question 30

A rate that identifies the percentage of times biometric authentication system incorrectly indicates a match.

Answer 30

FAR (False Acceptance Rate)

Question 31

A rate that identifies the percentage of times biometric authentication system incorrectly rejects a valid match.

Answer 31

FRR (False Rejection Rate)

Question 32

The point where the FRR and the FAR cross over. The lower CER the more accurate the biometric system.

Answer 32

CER (Crossover Error Rate)

Question 33

An open standard used for creating one-time passwords. It combines a secret key and a counter, then uses HMAC to create a hash of the result.

Answer 33

HOTP (HMAC based One Time Password)

Question 34

AN open source standard similar to HOTP. It uses timestamps instead of a counter. One-time passwords created with this expire after 30 Seconds.

Answer 34

TOTP (Time-Based One-Time Password)

Question 35

An authentication protocol used in VPNs and wires and wireless networks. VPNs often implement it as a RADIUS server. Wired networks use it for port-based authentication. Wireless networks use it in Enterprise Mode. It can be used with certificate-based authentication.

Answer 35

IEEE 802.1x

Question 36

A logically created system identifier that binds to a particular individual and is used to tie to a particular action or allowed actions.

Answer 36

User Account

Question 37

A pre-created account in Windows system. It is disabled by default.

Answer 37

Guest Account

Question 38

An account with elevated privileges, such as an administrator account.

Answer 38

Privileged Account

Question 39

A security principle that specifies that individuals and processes are granted only the rights and permissions needs to perform the assigned attacks or functions, and no more.

Answer 39

Least Privilege

Question 40

The process of granting individuals access to organization’s computing resources after being hired. It typically includes giving the employee a user account with appropriate permissions.

Answer 40

Onboarding

Question 41

The process of orderly separating an employee from the organization, including termination letter, exit interview, return of all company equipment, and transfer of knowledge for subsequent hires.

Answer 41

Offboarding

Question 42

An audit that analyzes user privilege’s. It identifies the privilege’s (rights and permissions) granted to users, and compares them against what the users need.

Answer 42

Permission Audit Review

Question 43

The practice of recording events and analyzing them to detect negative events and determine patterns or trends. It is usually performed through examination of manual and automatic logs.

Answer 43

Audit

Question 44

An account restriction that prevents users from logging on at certain times.

Answer 44

Time-of-Day Restriction

Question 45

A role based access control method that uses groups as roles.

Answer 45

Group-based AC

Question 46

Policies that prevent users from logging on from certain locations, or require that they log on only from specific locations.

Answer 46

Location Based Policy

Question 47

A feature of Windows Active Directory that allows an administrator to apply policy settings to entire groups of computers and users within the domain. Generically, in a non-windows context, it refers to a policy of managing users in a defined logical group, by functional, geographical, or security requirements.

Answer 47

Group Policy

Question 48

A policy that identifies when administrators should disable user accounts.

Answer 48

Disablement Policy