authentication and authorization solutions

Question 1

What type of attacks do Kerberos authentication protect against?

Answer 1

Replay attacks and Man-in-the-Middle Attacks

Question 2

A _____ is a secure cryptoprocessor enclave implemented on a PC, laptop, smartphone, or network appliance. It is commonly used to store the keys to unlock an encrypted hard drive or solid-state drive.

Answer 2

trusted platform module (TPM)

Question 3

_____ is specifically designed for network administration of routers. ______ data packets are encrypted and make it easier for network admins to work with multiple routers simultaneously

Answer 3

Terminal Access Controller Access-Control System Plus (TACACS+)

Question 4

____ provides authorization services only, while _____ provides federated authentication.

Answer 4

OAuth; OpenID Connect (OIDC)

Question 5

_____ is the ideal choice for assigning complex rule-based privileges. _____ makes access decisions based on subject and object attributes, as well as context-dependent and system-wide attributes, making it the most fine-tuned control.

Answer 5

Attribute-Based Access Control (ABAC)

Question 6

_____ is based on the primacy of the resource owner. The owner is granted full control and can modify its access control list (ACL) to grant rights to others.

Answer 6

Discretionary access control (DAC)

Question 7

______ is based on the idea of security clearance levels. This is ideal for a “need to know” classification. Each object in this control system is labeled with a clearance level, and a user must possess the requisite clearance to access objects in this system.

Answer 7

Mandatory access control (MAC)

Question 8

_____ authorizations or tokens are written and signed with the eXtensible Markup Language (XML) signature specification; this digital signature allows the service provider to trust the identity provider.

Answer 8

Security Association Markup Language (SAML)