Authentication Flashcards
What are the 5 types of authentication with examples
Something you know - Password, Pin
Something you have - Key Fob, License
Somewhere you are - Context Authentication
Something you are - Biometric, finger print
Something you do - Signature, mouse movemnt
True or false, Password and username are considered single factor authentication
True
True or False, One or more items from the same factor class are still considered single factor
True
What is a TOTOP
Time based One time password, it is computed with a shared secret key and current time.
What are the three authentication models
Context Aware
SSO
Federated Identity Management
Describe the context aware authentication model
Process to check the users or systems attributes or characteristics or attributes prior to allowing a connection
It will commonly restrict authentication based on time of day or location
Describe the Single Sign on model
A default user profile for each user is created and linked with all the resources needed.
Uses single set of authentication factors to access multiple systems.
Compromised creds can cause disasters
Descirbe FiDM (Federated Identify Management)
A single identity is created for a user and share with all of the organizations within a federation.
Two authentication methods:
Cross Certificate
Trusted thrid part
Explain Cross certificate for the FIDM model
Utilizes a web of trust between organizations where each one certifies other sin the federation
Explain trusted third party for the FIDM
Organizations are able to put their trust in a single third party.
True or false:
Trusted third party is more efficient than a cross certificate or web of trust model
True
What is SAML
Securitly Assertation markup language:
Attestation model built on XML used to share FIDM info between systems
What is OpenID
OpenID is a decentralized open standed for authenticating users in an FIDM system.
The user will log into an IP ( identity provider) and uses their account at RPs (relaying parties)
Google is an open ID provider that allows user to sign into their google account in order to accces other programs
True or False:
OpenID is easier to implement thatn SAML
True, BUT
SAML is more efficient than OpenID
What is 802.1x
Standardized framework for port based authentication on wired and wireless networks that uses data-link authentication technology to connect devices on wired or wireless LAN
True of False:
802.1x is only a framework
True,
802.1x is only a framework, that requires RADIUS or TACACS+ to perform the actual authentication.
There are three roles required for 802.1x to work, what are they?
- supplicant - Device or user requesting access to the network
- Authenticator - Device through which the supplicant passes through to reach the authentication server. (Switch, WAP)
- Authentication Server - Centralized device that performs authentication (RADIUS TACACS+)
True of False, 802.1 can prevent rouge devices
True
What is EAP
EAP is the extensible Authentication Protocol-
It is a framework of protocols that allow for numerous authentation methods including passwords, digital certificates and PKI.