Authentication Authorization and Accounting

Question 1

What does the AAA framework stand for?

Answer 1

Authentication, Authorization, and Accounting

Question 2

What is identification in the context of the AAA framework?

Answer 2

It’s who you claim to be, often represented by a username, especially for devices you may not physically see.

Question 3

Why can’t a system type a password?

Answer 3

Because systems are not human and require other forms of authentication to prove identity.

Question 4

What is authentication?

Answer 4

The process of proving you are who you say you are, often through passwords and other authentication factors.

Question 5

How can you authenticate a device?

Answer 5

By using passwords, multi-factor authentication, or by placing a digitally signed certificate on the device.

Question 6

What is the role of a Certificate Authority (CA) in authentication?

Answer 6

A CA issues and digitally signs certificates that validate the identity of devices and users within an organization.

Question 7

What is authorization in the AAA framework?

Answer 7

It determines what access you have based on your identification and authentication, such as VPN access.

Question 8

How does management software use certificates?

Answer 8

It validates the end device based on the certificates issued by the organization.

Question 9

What does accounting refer to in the AAA framework?

Answer 9

Tracking resources used, such as login time, data sent and received, and logout time.

Question 10

What does a digitally signed certificate signify?

Answer 10

It verifies that the certificate is valid and was issued by a trusted Certificate Authority (CA).

Question 11

Why might an organization maintain its own CA?

Answer 11

To have control over certificate issuance and ensure the trustworthiness of devices within their network.

Question 12

What happens when a device has a certificate?

Answer 12

It can use that certificate as an authentication factor to prove its identity to the network.

Question 13

What is required for a certificate to be valid?

Answer 13

The CA’s digital signature must be present and recognized by the system validating the certificate.

Question 14

What happens after a user or device has authenticated?

Answer 14

They gain access to resources based on the applied authorization model.

Question 15

What is the role of an authorization model in user access?

Answer 15

It defines access rights based on roles, organizations, attributes, etc.

Question 16

Why doesn’t associating individual users to access rights scale?

Answer 16

Because it becomes complex and difficult to manage as the number of users increases.

Question 17

What does adding an authorization model introduce?

Answer 17

It introduces an abstraction that reduces complexity and clarifies user-resource relationships.

Question 18

How does an authorization model simplify administration?

Answer 18

It makes it easy to understand and manage authorizations for any number of users or resources.

Question 19

What is a simple relationship in authorization without a model?

Answer 19

A direct relationship of User -> Resource.

Question 20

What are some issues with the simple User -> Resource authorization model?

Answer 20

It’s hard to understand why authorizations exist and does not scale effectively.

Question 21

How does an authorization model improve the relationship between users and resources?

Answer 21

It creates a clearer, more manageable framework for understanding access rights.

Question 22

What does reducing complexity in an authorization model help with?

Answer 22

It helps streamline administration and make authorizations easier to manage.

Question 23

In what ways can an authorization model be defined?

Answer 23

By roles, organizations, attributes, etc.