Authentication Flashcards

1
Q

What are the 5 types of authentication with examples

A

Something you know - Password, Pin
Something you have - Key Fob, License
Somewhere you are - Context Authentication
Something you are - Biometric, finger print
Something you do - Signature, mouse movemnt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or false, Password and username are considered single factor authentication

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or False, One or more items from the same factor class are still considered single factor

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a TOTOP

A

Time based One time password, it is computed with a shared secret key and current time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the three authentication models

A

Context Aware
SSO
Federated Identity Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe the context aware authentication model

A

Process to check the users or systems attributes or characteristics or attributes prior to allowing a connection

It will commonly restrict authentication based on time of day or location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe the Single Sign on model

A

A default user profile for each user is created and linked with all the resources needed.

Uses single set of authentication factors to access multiple systems.

Compromised creds can cause disasters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Descirbe FiDM (Federated Identify Management)

A

A single identity is created for a user and share with all of the organizations within a federation.

Two authentication methods:
Cross Certificate
Trusted thrid part

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Explain Cross certificate for the FIDM model

A

Utilizes a web of trust between organizations where each one certifies other sin the federation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Explain trusted third party for the FIDM

A

Organizations are able to put their trust in a single third party.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

True or false:
Trusted third party is more efficient than a cross certificate or web of trust model

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is SAML

A

Securitly Assertation markup language:

Attestation model built on XML used to share FIDM info between systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is OpenID

A

OpenID is a decentralized open standed for authenticating users in an FIDM system.
The user will log into an IP ( identity provider) and uses their account at RPs (relaying parties)

Google is an open ID provider that allows user to sign into their google account in order to accces other programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

True or False:
OpenID is easier to implement thatn SAML

A

True, BUT

SAML is more efficient than OpenID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is 802.1x

A

Standardized framework for port based authentication on wired and wireless networks that uses data-link authentication technology to connect devices on wired or wireless LAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

True of False:
802.1x is only a framework

A

True,
802.1x is only a framework, that requires RADIUS or TACACS+ to perform the actual authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

There are three roles required for 802.1x to work, what are they?

A
  1. supplicant - Device or user requesting access to the network
  2. Authenticator - Device through which the supplicant passes through to reach the authentication server. (Switch, WAP)
  3. Authentication Server - Centralized device that performs authentication (RADIUS TACACS+)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

True of False, 802.1 can prevent rouge devices

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is EAP

A

EAP is the extensible Authentication Protocol-

It is a framework of protocols that allow for numerous authentation methods including passwords, digital certificates and PKI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are the forms of EAP authentication methods

A

EAP - MD5
EAP - TLS
EAP - TTLS
EAP - Fast
PEAP

21
Q

Describe the EAP-MD5 authentication method

A

Uses one way authentication via simple passwords for challenge-authentication

22
Q

Describe the EAP - TLS

A

Uses digital certificates for authentication

23
Q

Describe EAP -TTLS

A

Use server side digital certificates and a client side password for mutual authentication.

24
Q

Describe EAP - Fast

A

Provides flexible authentication via secure tunneling using a protected access credential instead of a certificate for mutual authentication.

25
Q

What is LDAP

A

lightweight Directory Access Protocol - A database used centralize information about clients and objects on a network.

26
Q

True or False: LDAP Is cross platform

A

True

27
Q

What is Kerberos

A

Authentication protocol used by windows to provide for two way (mutual) authentication using a system of tickets

28
Q

Describe how kerberos works

A
  1. Client connects to network and pings DC with creds
  2. DC acts as a (KDC) Key Distrobution Center and authenticates client
  3. Once authenticated, the KDC provides a TGT (Ticket Granting Ticket)
29
Q

What is a TGT

A

A ticket Granting Ticket is a component of Kerberos.

TGTs are provided by clients to the KDC when attempting to access resources. The client provides the KDC its TGT when requesting the issuing of a service ticket or session key based on what what was requested.

30
Q

What port on the DC needs to be enabled for Kerberos to work

A

Port 88

31
Q

True of False: RDP provides authentication

A

False, RDP uses encryption, but does not have native authentication.

SSL+TLS should be used to increase securirty

32
Q

What port does RDP use

A

3389

33
Q

What is VNC

A

Virtual Network Computer - Cross platform - Port 5900

Uses VNC server to host
Uses VNC client to connect to VNC Server\ host
The VNC protocol must be enabled

34
Q

True of false: RDP is cross platform

A

False, If cross platform is required, use VNC

35
Q

What is the VNC protocol known as

A

The remote frame buffer

36
Q

What are the remote access service Authentication protocols

A

PAP, CHAP, and EAP

37
Q

Describe PAP

A

Password authentication protocol - Used to provide authentication but is not considered secure since it transmits passwords unencrypted and in clear text

38
Q

Describe Chap

A

Challenge Handshake AP -

A client initiates authentication with the server and is sent a random string of numbers (Challenge String).
The client uses their password to encrypt the string of numbers and sends the encrypted challenge key back to the server
The server un-encrypts the challenge string using the password that it has on file.

39
Q

What is M-CHap

A

Microsoft’s version of CHAP

40
Q

True or False: PAP and CHAP were used for dial up

A

True

41
Q

What are the two common VPN Topologies

A

Client to Site and Site to Site

42
Q

What are the hardware requirements of Client to Site and Site to Site VPNs

A

Client to Site requires a VPN server to be online and listening for inbound requests. Admins can make use of a VPN Concentrator instead of a dedicated server.

Site to Site VPNs use Routers that are configured with mutual encryption keys

43
Q

What is a VPN Concentrator

A

Specialized hardware device that allows for hundreds of simultaneous VPN connections for remote workers.

44
Q

What is VPN split tunneling

A

Occurs when a remote workers machine diverts internal traffic over the VPN, but external traffic over their own internet connection.

45
Q

What are the Pros and Cons of VPN Splitting. How do you prevent it?

A

Good for bandwidth usage over the VPN, but allows for traffic to bypass network defenses.

Prevent it through proper client configuration and network segmentation.

46
Q

Describe RADIUS

A

Remote Authentication Dial-in User Service:

Allows centralized administration of dial up, VPN, and wireless authentication services for 802.1x and EAP

47
Q

What layer of the OSI model does RADIUS run. How is it hosted and what transmission method does it use?

A

Radius is a client server model that runs at the application layer.
It can be run as its own server or be hosted on a Windows server.
It enables AAA and uses UDP.

48
Q

True of False: Radius is cross platform

A

True

49
Q

What is TACACS+

A

Cisco’s propriatary version of RADIUS

It supports the protocols that RADIUS doesn’t such as Remote access protocol, NetBios Frame