Authentication Concepts Flashcards
What does effective access control start with? Why?
Strong authentication. If authentication can be bypassed then authorization has no effect.
Strong password is anything from a length of what?
14 chars
Windows domains use what to manage multiple users and computers in a domain? What is it implemented on and what might you link to it?
Group Policy. It’s implemented on windows domain controllers. You link a Group Policy Object to an Organizational Unit.
In MS domains, how are users and computer accounts organized?
Into Organizational Units.
Smart cards are something you have, what security elements (confidendiality etc) do they support? Why?
Confidentiality - embedded certificate is used for encryption
Integrity - can be used with a digital signature
Authentication and non-repudiation - when used with signatures
What two other things are similar to Smart Cards and who are they used by?
CAC and PIV:
Common Access Card, US DoD
Personal Identity Verification, FBI
Main difference is they use photo ID too.
What’s the disadvantage of using HMAC One Time Password (HOTP)? What is a more secure way and what does it use instead of HOTP?
The temp password is valid until the point it is used. It doesn’t expire until it is used.
TOTP (Time-based One Time Password is a more secure alternative.
It uses a timestamp instead of a counter.
What is the next step in the file transfer process using HMAC?
1) a shared private key is exchanged between a client and server who are exchanging a file
2) the file is encrypted and a hash generated
3) …
3) the hash is then encrypted by the server before sending to the clienT.
TOTP creates a one-time password that expires after how long?
30 seconds
In Biometric Errors, what is False Acceptance?
when a biometric system incorrectly
identifies an unauthorized user as an authorized user.
What is the CER? What does it denote? Is a lower or higher reading more accurate?
The CER is the Crossover Error Rate is the crossover point of the False Rejection Rate and the False Acceptance Rate in a Biometric system.
It denotes how accurate a biometric system is in correctly identifying biometric data.
A lower reading is more accurate.
What is the name given to the mechanism that allows entities to prove their identity by using credentials known to another entity?
Authentication
Authentication occurs when an entity provides what?
proof of an identity (such as a password). A second entity is the authenticator and it verifies the authentication
