Authentication

Question 1

What are the 5 types of authentication with examples

Answer 1

Something you know - Password, Pin
Something you have - Key Fob, License
Somewhere you are - Context Authentication
Something you are - Biometric, finger print
Something you do - Signature, mouse movemnt

Question 2

True or false, Password and username are considered single factor authentication

Answer 2

True

Question 3

True or False, One or more items from the same factor class are still considered single factor

Answer 3

True

Question 4

What is a TOTOP

Answer 4

Time based One time password, it is computed with a shared secret key and current time.

Question 5

What are the three authentication models

Answer 5

Context Aware
SSO
Federated Identity Management

Question 6

Describe the context aware authentication model

Answer 6

Process to check the users or systems attributes or characteristics or attributes prior to allowing a connection

It will commonly restrict authentication based on time of day or location

Question 7

Describe the Single Sign on model

Answer 7

A default user profile for each user is created and linked with all the resources needed.

Uses single set of authentication factors to access multiple systems.

Compromised creds can cause disasters

Question 8

Descirbe FiDM (Federated Identify Management)

Answer 8

A single identity is created for a user and share with all of the organizations within a federation.

Two authentication methods:
Cross Certificate
Trusted thrid part

Question 9

Explain Cross certificate for the FIDM model

Answer 9

Utilizes a web of trust between organizations where each one certifies other sin the federation

Question 10

Explain trusted third party for the FIDM

Answer 10

Organizations are able to put their trust in a single third party.

Question 11

True or false:
Trusted third party is more efficient than a cross certificate or web of trust model

Answer 11

True

Question 12

What is SAML

Answer 12

Securitly Assertation markup language:

Attestation model built on XML used to share FIDM info between systems

Question 13

What is OpenID

Answer 13

OpenID is a decentralized open standed for authenticating users in an FIDM system.
The user will log into an IP ( identity provider) and uses their account at RPs (relaying parties)

Google is an open ID provider that allows user to sign into their google account in order to accces other programs

Question 14

True or False:
OpenID is easier to implement thatn SAML

Answer 14

True, BUT

SAML is more efficient than OpenID

Question 15

What is 802.1x

Answer 15

Standardized framework for port based authentication on wired and wireless networks that uses data-link authentication technology to connect devices on wired or wireless LAN

Question 16

True of False:
802.1x is only a framework

Answer 16

True,
802.1x is only a framework, that requires RADIUS or TACACS+ to perform the actual authentication.

Question 17

There are three roles required for 802.1x to work, what are they?

Answer 17

1. supplicant - Device or user requesting access to the network
2. Authenticator - Device through which the supplicant passes through to reach the authentication server. (Switch, WAP)
3. Authentication Server - Centralized device that performs authentication (RADIUS TACACS+)

Question 18

True of False, 802.1 can prevent rouge devices

Answer 18

True

Question 19

What is EAP

Answer 19

EAP is the extensible Authentication Protocol-

It is a framework of protocols that allow for numerous authentation methods including passwords, digital certificates and PKI.

Question 20

What are the forms of EAP authentication methods

Answer 20

EAP - MD5
EAP - TLS
EAP - TTLS
EAP - Fast
PEAP

Question 21

Describe the EAP-MD5 authentication method

Answer 21

Uses one way authentication via simple passwords for challenge-authentication

Question 22

Describe the EAP - TLS

Answer 22

Uses digital certificates for authentication

Question 23

Describe EAP -TTLS

Answer 23

Use server side digital certificates and a client side password for mutual authentication.

Question 24

Describe EAP - Fast

Answer 24

Provides flexible authentication via secure tunneling using a protected access credential instead of a certificate for mutual authentication.

Question 25

What is LDAP

Answer 25

lightweight Directory Access Protocol - A database used centralize information about clients and objects on a network.

Question 26

True or False: LDAP Is cross platform

Answer 26

True

Question 27

What is Kerberos

Answer 27

Authentication protocol used by windows to provide for two way (mutual) authentication using a system of tickets

Question 28

Describe how kerberos works

Answer 28

1. Client connects to network and pings DC with creds
2. DC acts as a (KDC) Key Distrobution Center and authenticates client
3. Once authenticated, the KDC provides a TGT (Ticket Granting Ticket)

Question 29

What is a TGT

Answer 29

A ticket Granting Ticket is a component of Kerberos.

TGTs are provided by clients to the KDC when attempting to access resources. The client provides the KDC its TGT when requesting the issuing of a service ticket or session key based on what what was requested.

Question 30

What port on the DC needs to be enabled for Kerberos to work

Answer 30

Port 88

Question 31

True of False: RDP provides authentication

Answer 31

False, RDP uses encryption, but does not have native authentication.

SSL+TLS should be used to increase securirty

Question 32

What port does RDP use

Answer 32

3389

Question 33

What is VNC

Answer 33

Virtual Network Computer - Cross platform - Port 5900

Uses VNC server to host
Uses VNC client to connect to VNC Server\ host
The VNC protocol must be enabled

Question 34

True of false: RDP is cross platform

Answer 34

False, If cross platform is required, use VNC

Question 35

What is the VNC protocol known as

Answer 35

The remote frame buffer

Question 36

What are the remote access service Authentication protocols

Answer 36

PAP, CHAP, and EAP

Question 37

Describe PAP

Answer 37

Password authentication protocol - Used to provide authentication but is not considered secure since it transmits passwords unencrypted and in clear text

Question 38

Describe Chap

Answer 38

Challenge Handshake AP -

A client initiates authentication with the server and is sent a random string of numbers (Challenge String).
The client uses their password to encrypt the string of numbers and sends the encrypted challenge key back to the server
The server un-encrypts the challenge string using the password that it has on file.

Question 39

What is M-CHap

Answer 39

Microsoft’s version of CHAP

Question 40

True or False: PAP and CHAP were used for dial up

Answer 40

True

Question 41

What are the two common VPN Topologies

Answer 41

Client to Site and Site to Site

Question 42

What are the hardware requirements of Client to Site and Site to Site VPNs

Answer 42

Client to Site requires a VPN server to be online and listening for inbound requests. Admins can make use of a VPN Concentrator instead of a dedicated server.

Site to Site VPNs use Routers that are configured with mutual encryption keys

Question 43

What is a VPN Concentrator

Answer 43

Specialized hardware device that allows for hundreds of simultaneous VPN connections for remote workers.

Question 44

What is VPN split tunneling

Answer 44

Occurs when a remote workers machine diverts internal traffic over the VPN, but external traffic over their own internet connection.

Question 45

What are the Pros and Cons of VPN Splitting. How do you prevent it?

Answer 45

Good for bandwidth usage over the VPN, but allows for traffic to bypass network defenses.

Prevent it through proper client configuration and network segmentation.

Question 46

Describe RADIUS

Answer 46

Remote Authentication Dial-in User Service:

Allows centralized administration of dial up, VPN, and wireless authentication services for 802.1x and EAP

Question 47

What layer of the OSI model does RADIUS run. How is it hosted and what transmission method does it use?

Answer 47

Radius is a client server model that runs at the application layer.
It can be run as its own server or be hosted on a Windows server.
It enables AAA and uses UDP.

Question 48

True of False: Radius is cross platform

Answer 48

True

Question 49

What is TACACS+

Answer 49

Cisco’s propriatary version of RADIUS

It supports the protocols that RADIUS doesn’t such as Remote access protocol, NetBios Frame