4.2 Security Architecture and Tool Sets Flashcards by paulo guiao

what is the top-most level of the LDAP hierarchy?

root

How well did you know this?

Not at all

Perfectly

what is the primary function of LDAP?

lightweight directory access protocol (LDAP) controls client access to directories

How well did you know this?

Not at all

Perfectly

what are flood guards?

devices that protect denial of service (DoS) attacks

How well did you know this?

Not at all

Perfectly

what does the acronym RADIUS denote?

remote authentication dial-in user service

How well did you know this?

Not at all

Perfectly

what are the two types of eye scans?

iris scans and retinal scans

How well did you know this?

Not at all

Perfectly

which type of authentication is accomplished by authenticating both the client and server sides of a concentration through the encrypted exchange of credentials?

mutual authentication

How well did you know this?

Not at all

Perfectly

what does the acronym TACACS denote?

terminal access controller access control system

How well did you know this?

Not at all

Perfectly

which function does a single sign-on (SSO) system provide?

it allows a user to present authentication credentials once and gain access to all computers within the SSO system

How well did you know this?

Not at all

Perfectly

what is the purpose of federated identity management?

it allows single sign-on (SSO) between companies

How well did you know this?

Not at all

Perfectly

what does the acronym KDC denote?

key distribution center

How well did you know this?

Not at all

Perfectly

which authentication protocol uses UDP: TACACS+ or RADIUS?

RADIUS

How well did you know this?

Not at all

Perfectly

which security-server application and protocol implements authentication and authorization of users from a central server over TCP?

terminal access controller access control system plus (TACACS+)

How well did you know this?

Not at all

Perfectly

which authentication protocol is an open standard: TACACS+ or RADIUS?

RADIUS

How well did you know this?

Not at all

Perfectly

which authentication system includes clients, servers, and a key distribution center (KDC)?

kerberos

How well did you know this?

Not at all

Perfectly

which authentication protocol separates authentication and authorization: TACACS+ or RADIUS?

TACACS+

How well did you know this?

Not at all

Perfectly

which Cisco implementation is similar to a RADIUS implementation?

TACACS

How well did you know this?

Not at all

Perfectly

what are the two components of the kerberos key distribution center?

authentication server (AS) and ticket-granting server (TGS)

How well did you know this?

Not at all

Perfectly

which access control model is based on the data’s owner implementing and administering access control?

discretionary access control (DAC)

How well did you know this?

Not at all

Perfectly

which eye scan measures the pattern of blood vessels at the back of the eye?

retinal scan

scanning fingerprints is an example of which authentication technique

biometrics

using role-based access control (RBAC), which entities are assigned roles?

users or subjects

which kerberos component holds all users’ and services’ cryptographic keys and generates tickets?

key distribution center (KDC)

who has the responsibility for configuring access rights in discretionary access control (DAC)?

the data owner or data custodian

what is the most important biometric system characteristic?

accuracy

which type of attack can turn a switch into a hub?

MAC flooding

what does the acronym MAC denote?

mandatory access control

which type of eye scan is considered more intrusive than other eye scans?

retinal scan

which fingerprint scan will analyze fingerprint ridge direction?

minutiae matching

why is password disclosure a significant security issue in a single sign-on network?

it could compromise the entire system because authentication grants access to any systems on the network to which the actual user may have permission

which access control model has the lowest cost?

role-based access control (RBAC)

what does the acronym SSO denote?

single sign-on

which authentication protocol encrypts the entire packet (not just the password): TACACS+ or RADIUS?

TACACS+

which authentication protocol uses tickets to authenticate users?

Kerberos

which function does RADIUS provide?

centralized authentication, authorization, and accounting for remote dial-in users

which security-server application and protocol implement authentication of users from a central server over UDP?

remote authentication dial-in user service (RADIUS)

which directory protocol does directory-enabled networking (DEN) use?

lightweight directory access protocol (LDAP)

which access control model uses security labels for each resource?

mandatory access control (MAC)

what are the two advantages of single sign-on (SSO)?

convenience and centralized administration

which access control model requires assigning security clearance levels to users, such as secret, top-secret, and confidential?

mandatory access control (MAC)

which internet protocol based on X.500 is used to access the data stored in a network directory?

lightweight directory access protocol (LDAP)

what is the purpose of RADIUS?

remote access dial-in user service (RADIUS) enables remote access users to log on to a network through a shared authentication database

which ethernet standard uses a wireless access point with a remote authentication dial-in user service (RADIUS) server to authenticate wireless users?

802.1x

which type of authentication combines two or more authentication methods, like something that a person knows (such as password), something that a person owns (such as a smart card), and a characteristic about the person (such as a fingerprint)?

multi-factor authentication

which technique is used to prevent network bridging?

network separation

on which standard is lightweight directory access protocol (LDAP) based?

X.500