Authentication

Question 1

What is 802.1x?

Answer 1

Standard for port based network access control - data link layer authentication technology used to connect devices on a LAN

Question 2

What is LDAP?

Answer 2

Protocol for accessing and modifying directory services data. Application layer

Question 3

What layer of the OSI model is 802.1x?

Answer 3

Data Link

Question 4

What layer of the OSI model is LDAP?

Answer 4

Application

Question 5

What is Kerberos?

Answer 5

Ticket based authentication protocol in windows used to identify clients to a server

Question 6

What is RAS?

Answer 6

Remote Access Services - enables dial up and vpn connections to occur from remote clients

Question 7

What is CHAP?

Answer 7

Challenge Handshake Protocol

Question 8

What is RADIUS?

Answer 8

Remote Authentication Dial In User Service - used to make connections between computers and provides authentication, authorization, and accounting. Encrypts the password, uses UDP for speed.

Question 9

What is TACACS + ?

Answer 9

Cisco Proprietary version of RADIUS - provides authentication and authorization. More secure than RADIUS due to TCP

Question 10

Which is more secure RADIUS or TACACS+ ?

Answer 10

TACACS+ due to the use of TCP

Question 11

What are the two primary VPN protocols?

Answer 11

L2TP and PTP

Question 12

What is PAP?

Answer 12

Password Authentication Protocol - used to provide authentication but is not secure due to its transmission of unencrypted credentials

Question 13

Why is PAP not secure?

Answer 13

Because it transmits credentials unencrypted

Question 14

What is RDP?

Answer 14

Remote Desktop Protocol - port 3389 - Microsoft proprietary protocol that allows remote access to another computer via GUI

Question 15

What is VNC?

Answer 15

Virtual Network Computing - cross platform version of RDP for non windows. Port 5900

Question 16

What is EAP?

Answer 16

Extensible Authentication Protocol - framework of protocols that allows numerous methods of authentication including passwords, digital certificates and PKI

Question 17

What is LEAP?

Answer 17

Cisco proprietary version of EAP

Question 18

What is SSO?

Answer 18

Single Sign On - default user profile for each user is created and linked with all of the software/resources needed for that user to access when signing on - using one password for everything

Question 19

What is the risk of SSO?

Answer 19

Since it uses only one password for everything, if that password is compromised, it can cause a major security breach.

Question 20

What is the Context Aware authentication model?

Answer 20

Process to check user or system attributes prior to allowing it to connect

Restricting authentication due to factors such as time of day or location

Question 21

What is FIDM?

Answer 21

Federated Identity Management - single identity is created for a user and shared with all of the organizations in a federation

Question 22

What is SAML?

Answer 22

Security Assertion Markup Language - Attestation model built on XML used to share federated identity management info between systems

Question 23

What is TOTP?

Answer 23

Time based one time password - password that is computed from a shared secret and current time

Question 24

What is HOTP?

Answer 24

HMAC-based one-time password is a one-time password algorithm based on HMAC

Question 25

What is HMAC?

Answer 25

Hash Based Message Authentication Code - cryptographic authentication technique that uses a hash function and a secret key.

Question 26

What is FAR?

Answer 26

False Acceptance Rate - rate of false positives

Question 27

What is FRR?

Answer 27

False Rejection Rate - rate of false negatives

Question 28

What is CER?

Answer 28

Crossover Error Rate - type of metric used for evaluation of a biometric security system’s accuracy?

Question 29

What are three attributes of HOTP?

Answer 29

Valid for one session, Based on cryptographic hash function/secret key, not vulnerable to replay attacks

Question 30

What are three attributes of TOTP?

Answer 30

Valid for one session, not vulnerable to replay attacks, based on secret key and current time

Question 31

A type of hierarchical database structure used in Windows Server environments that enables centralized management of users, devices and resources on a network is known as:

Answer 31

Active Directory